Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/_1rHHFIhvvb4H2GGBv9RDV7OFzo.roa
File: _1rHHFIhvvb4H2GGBv9RDV7OFzo.roa (raw, json)
Hash identifier: ODNNLSo5C2C5zLz79VjHYIX9sjOveSMDElEuw+M5H2w=
Subject key identifier: FF:5A:C7:1C:52:21:BE:F6:F8:1F:61:86:06:FF:51:0D:5E:CE:17:3A
Certificate issuer: /CN=2ce71b1f4eea0159246125fc5ae9ad51a44792ce
Certificate serial: 019424449D64DA80E738BB38EDE7E745B443
Authority key identifier: 2C:E7:1B:1F:4E:EA:01:59:24:61:25:FC:5A:E9:AD:51:A4:47:92:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOcbH07qAVkkYSX8WumtUaRHks4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/_1rHHFIhvvb4H2GGBv9RDV7OFzo.roa
Signing time: Wed 01 Jan 2025 23:47:44 +0000
ROA not before: Wed 01 Jan 2025 23:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30725
IP address blocks: 91.226.26.0/23 maxlen: 23
91.226.26.0/24 maxlen: 24
91.226.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9d:64:da:80:e7:38:bb:38:ed:e7:e7:45:b4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ce71b1f4eea0159246125fc5ae9ad51a44792ce
Validity
Not Before: Jan 1 23:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff5ac71c5221bef6f81f618606ff510d5ece173a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:50:07:42:6c:40:cd:cb:7b:93:67:c8:db:f5:
9d:a7:dc:d4:0b:4c:bd:9c:c2:cd:2b:da:cf:91:a2:
a5:8e:53:0e:17:f5:b6:a1:8c:7d:53:78:2a:cf:1b:
7d:c2:93:9e:d7:34:d0:4b:84:6d:b2:ed:cc:a5:9c:
7c:03:5e:f9:a2:75:2e:a4:9e:60:78:a0:42:e3:f9:
fb:bf:ce:64:7f:ed:f3:73:a6:2d:63:a5:18:9d:b3:
a0:b8:95:a5:36:cc:ee:9a:b4:c8:dc:80:52:a7:56:
7a:37:fe:ec:77:f9:8b:6f:d1:d6:f2:03:77:d7:77:
c9:4b:29:31:7e:c1:08:8c:a0:46:b2:46:90:f5:e9:
54:a0:0b:0c:77:14:e9:be:ae:14:d5:9b:ef:c5:4e:
bc:4f:58:c2:68:2a:36:dc:ec:c3:79:54:ba:9e:2c:
b0:aa:d5:58:be:0e:a5:b3:52:52:e3:86:2b:04:6f:
50:95:3b:c0:13:ca:e8:36:d7:1e:c1:e8:65:b3:c9:
33:19:f3:db:68:83:2e:a5:e6:63:62:76:7a:1e:14:
e6:dc:9c:07:6b:3d:55:17:44:08:53:c0:91:0f:7f:
0b:16:48:04:f5:e6:89:96:88:ba:3d:cd:5e:10:26:
7c:87:00:eb:c2:bc:7d:21:61:e9:41:83:5b:5d:3b:
03:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5A:C7:1C:52:21:BE:F6:F8:1F:61:86:06:FF:51:0D:5E:CE:17:3A
X509v3 Authority Key Identifier:
keyid:2C:E7:1B:1F:4E:EA:01:59:24:61:25:FC:5A:E9:AD:51:A4:47:92:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOcbH07qAVkkYSX8WumtUaRHks4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/_1rHHFIhvvb4H2GGBv9RDV7OFzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/LOcbH07qAVkkYSX8WumtUaRHks4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.26.0/23
Signature Algorithm: sha256WithRSAEncryption
41:ae:90:86:a8:38:68:63:5f:fd:7b:4c:6a:9a:78:17:28:b9:
48:96:11:63:51:1c:31:b9:99:78:ca:17:bd:8e:78:d7:53:ca:
f8:55:72:83:11:e4:36:be:62:07:6a:1a:a1:5a:88:95:97:54:
6a:13:e6:d6:f9:b8:51:e7:ed:05:02:4f:08:33:f9:d6:9a:03:
81:96:65:8f:20:30:fe:d8:01:5d:b7:6d:7f:ab:2d:65:b0:23:
20:91:dd:10:15:bb:57:e3:da:6a:61:c1:be:e4:39:52:9e:49:
f5:9d:72:3c:5b:8e:e7:a1:53:49:05:72:f2:53:5a:2d:4a:d7:
ee:46:38:06:dc:04:a0:07:05:69:6e:a4:38:8b:78:d7:ed:1d:
1a:df:2c:89:63:3d:25:98:25:00:9e:03:b6:af:55:f4:51:da:
2a:d4:8d:e2:67:04:61:c7:ba:af:24:54:64:e2:97:b9:05:b6:
f9:1a:1a:b1:ef:e8:d6:4d:b1:43:65:ff:d5:56:c6:82:38:f6:
0f:ba:f8:ef:19:d3:2f:00:33:75:f9:e0:88:f5:9b:53:d6:fe:
5d:18:6f:0e:c2:9b:96:e3:5c:18:fe:30:39:f7:45:6d:08:b4:
c1:19:84:da:2f:31:2a:3b:66:0e:31:33:88:79:9b:d8:69:e5:
5e:07:27:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRJ1k2oDnOLs47efnRbRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTcxYjFmNGVlYTAxNTkyNDYxMjVmYzVhZTlhZDUxYTQ0
NzkyY2UwHhcNMjUwMTAxMjM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVhYzcxYzUyMjFiZWY2ZjgxZjYxODYwNmZmNTEwZDVlY2UxNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VAHQmxAzct7k2fI2/Wdp9zUC0y9
nMLNK9rPkaKljlMOF/W2oYx9U3gqzxt9wpOe1zTQS4Rtsu3MpZx8A175onUupJ5g
eKBC4/n7v85kf+3zc6YtY6UYnbOguJWlNszumrTI3IBSp1Z6N/7sd/mLb9HW8gN3
13fJSykxfsEIjKBGskaQ9elUoAsMdxTpvq4U1ZvvxU68T1jCaCo23OzDeVS6niyw
qtVYvg6ls1JS44YrBG9QlTvAE8roNtcewehls8kzGfPbaIMupeZjYnZ6HhTm3JwH
az1VF0QIU8CRD38LFkgE9eaJloi6Pc1eECZ8hwDrwrx9IWHpQYNbXTsDHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9axxxSIb72+B9hhgb/UQ1ezhc6MB8GA1UdIwQY
MBaAFCznGx9O6gFZJGEl/FrprVGkR5LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9jYkgwN3FBVmtrWVNYOFd1bXRVYVJIa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mMWQ5NzYtNzI2Yi00Y2I3LTlmYTIt
MDJiMzM1ODJjNzQ3LzEvXzFySEhGSWh2dmI0SDJHR0J2OVJEVjdPRnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mMWQ5NzYtNzI2Yi00Y2I3LTlmYTItMDJiMzM1ODJjNzQ3
LzEvTE9jYkgwN3FBVmtrWVNYOFd1bXRVYVJIa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+IaMA0G
CSqGSIb3DQEBCwUAA4IBAQBBrpCGqDhoY1/9e0xqmngXKLlIlhFjURwxuZl4yhe9
jnjXU8r4VXKDEeQ2vmIHahqhWoiVl1RqE+bW+bhR5+0FAk8IM/nWmgOBlmWPIDD+
2AFdt21/qy1lsCMgkd0QFbtX49pqYcG+5DlSnkn1nXI8W47noVNJBXLyU1otStfu
RjgG3ASgBwVpbqQ4i3jX7R0a3yyJYz0lmCUAngO2r1X0Udoq1I3iZwRhx7qvJFRk
4pe5Bbb5Ghqx7+jWTbFDZf/VVsaCOPYPuvjvGdMvADN1+eCI9ZtT1v5dGG8OwpuW
41wY/jA590VtCLTBGYTaLzEqO2YOMTOIeZvYaeVeBydB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:02 2025 by rpki-client