Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/2SkENpXb0el73BG8YEd0qffOYtk.roa
File: 2SkENpXb0el73BG8YEd0qffOYtk.roa (raw, json)
Hash identifier: 0jaoPpV/MX/H1rwXTjmAcjuo/4JCznBTWQGqCB7AVKs=
Subject key identifier: D9:29:04:36:95:DB:D1:E9:7B:DC:11:BC:60:47:74:A9:F7:CE:62:D9
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 0194221F95001D061BCADABBEF145409C173
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/2SkENpXb0el73BG8YEd0qffOYtk.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48239
IP address blocks: 91.209.51.0/24 maxlen: 24
185.191.176.0/22 maxlen: 22
212.90.32.0/19 maxlen: 19
212.90.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:95:00:1d:06:1b:ca:da:bb:ef:14:54:09:c1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d929043695dbd1e97bdc11bc604774a9f7ce62d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:87:44:c0:19:d8:86:bb:2f:5f:48:a1:c5:ad:
20:51:1b:d0:5f:2f:aa:c5:6a:d7:d4:8d:d9:91:6a:
e6:84:3e:fb:70:64:d8:d5:49:d4:06:6c:d3:87:eb:
d0:78:22:c0:0b:4e:22:78:61:8d:4e:bc:4d:b2:1d:
dd:c5:48:9a:e4:29:16:56:06:2b:76:f0:bf:f4:fd:
93:02:a4:77:9f:1a:95:c8:c1:e3:d8:7a:bf:f4:ca:
4e:7f:ea:f9:17:57:35:cc:c6:9f:67:20:c2:d3:dd:
ef:52:ee:3b:a5:ec:09:56:44:6c:79:83:bb:06:82:
78:0e:11:8b:85:69:7f:26:32:a6:64:c5:37:5d:04:
86:7e:c3:1f:3b:c0:43:65:af:17:cd:82:a5:88:23:
e2:86:b2:c2:1b:51:2a:bd:5a:ea:bf:e0:bb:a0:df:
ca:21:30:7c:83:95:19:f4:fe:c7:fe:39:02:f5:bc:
95:6b:a4:e3:79:73:64:74:81:6a:29:84:4c:80:2b:
e1:90:c7:53:8b:84:26:2a:e7:3b:5f:15:bb:f4:9e:
ba:89:c8:bc:0c:28:9b:c3:7e:db:1f:b7:8b:f8:aa:
01:18:6e:2b:65:bb:1b:9e:e5:c5:c6:c1:b7:58:8c:
a9:97:a1:94:37:59:1e:27:f1:a8:db:1e:e8:11:d8:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:29:04:36:95:DB:D1:E9:7B:DC:11:BC:60:47:74:A9:F7:CE:62:D9
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/2SkENpXb0el73BG8YEd0qffOYtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.51.0/24
185.191.176.0/22
212.90.32.0/19
Signature Algorithm: sha256WithRSAEncryption
39:3e:c7:b0:2c:07:34:c0:b4:90:35:37:ea:db:80:cb:6b:38:
39:82:be:9c:2b:f5:db:41:15:57:29:86:0c:5d:96:09:8f:b0:
04:7b:c9:9a:4a:8a:af:52:89:be:e1:2a:ed:ee:3e:a1:68:8e:
63:09:73:98:9d:b1:81:98:af:d5:36:a0:44:13:07:8a:5d:35:
05:ed:1b:89:e7:bd:6c:1d:ee:43:e5:a3:f3:66:79:ff:4e:27:
76:62:5e:fa:dd:8b:10:3b:d6:0f:f0:d1:51:51:74:80:d8:07:
70:5d:9c:c9:74:db:a2:2b:36:96:10:72:62:f1:ea:32:6f:98:
b3:26:2a:f3:d9:52:ad:42:49:aa:13:a9:66:bb:20:b9:61:00:
91:9d:26:9b:c0:40:d1:fd:b3:12:55:77:92:3d:12:75:c8:01:
b7:e8:b4:2a:c8:c1:12:46:1e:a6:92:eb:35:dd:c3:af:a7:41:
10:61:5d:3f:f8:db:92:84:59:29:ec:40:d2:c8:4d:cc:2b:46:
6e:e3:38:9d:63:b6:51:cf:f6:ed:02:5a:ee:ec:a1:70:ee:58:
71:a4:ce:f5:a4:d5:0a:2c:b6:cf:cb:22:15:48:bd:9e:eb:09:
76:2f:a7:f0:ee:d5:1a:6d:25:e0:3f:a4:5a:7a:25:ef:e3:c4:
8f:7f:a2:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH5UAHQYbytq77xRUCcFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI5MDQzNjk1ZGJkMWU5N2JkYzExYmM2MDQ3NzRhOWY3Y2U2MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IdEwBnYhrsvX0ihxa0gURvQXy+q
xWrX1I3ZkWrmhD77cGTY1UnUBmzTh+vQeCLAC04ieGGNTrxNsh3dxUia5CkWVgYr
dvC/9P2TAqR3nxqVyMHj2Hq/9MpOf+r5F1c1zMafZyDC093vUu47pewJVkRseYO7
BoJ4DhGLhWl/JjKmZMU3XQSGfsMfO8BDZa8XzYKliCPihrLCG1EqvVrqv+C7oN/K
ITB8g5UZ9P7H/jkC9byVa6TjeXNkdIFqKYRMgCvhkMdTi4QmKuc7XxW79J66ici8
DCibw37bH7eL+KoBGG4rZbsbnuXFxsG3WIypl6GUN1keJ/Go2x7oEdjcEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNkpBDaV29Hpe9wRvGBHdKn3zmLZMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvMlNrRU5wWGIwZWw3M0JHOFlFZDBxZmZPWXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EzAwQC
ub+wAwQF1FogMA0GCSqGSIb3DQEBCwUAA4IBAQA5PsewLAc0wLSQNTfq24DLazg5
gr6cK/XbQRVXKYYMXZYJj7AEe8maSoqvUom+4Srt7j6haI5jCXOYnbGBmK/VNqBE
EweKXTUF7RuJ571sHe5D5aPzZnn/Tid2Yl763YsQO9YP8NFRUXSA2AdwXZzJdNui
KzaWEHJi8eoyb5izJirz2VKtQkmqE6lmuyC5YQCRnSabwEDR/bMSVXeSPRJ1yAG3
6LQqyMESRh6mkus13cOvp0EQYV0/+NuShFkp7EDSyE3MK0Zu4zidY7ZRz/btAlru
7KFw7lhxpM71pNUKLLbPyyIVSL2e6wl2L6fw7tUabSXgP6RaeiXv48SPf6Lu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:22 2025 by rpki-client