Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/slVrsnHd8rCIfEnbwuX_9NfM9i4.roa
File: slVrsnHd8rCIfEnbwuX_9NfM9i4.roa (raw, json)
Hash identifier: /3BENw/pyYjv+JfWEh8xWz895hOHXgoCQXPnKDlVros=
Subject key identifier: B2:55:6B:B2:71:DD:F2:B0:88:7C:49:DB:C2:E5:FF:F4:D7:CC:F6:2E
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0194228D85830EA1B5FDDA059298836D7A1C
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/slVrsnHd8rCIfEnbwuX_9NfM9i4.roa
Signing time: Wed 01 Jan 2025 15:48:07 +0000
ROA not before: Wed 01 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52139
IP address blocks: 91.222.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:85:83:0e:a1:b5:fd:da:05:92:98:83:6d:7a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2556bb271ddf2b0887c49dbc2e5fff4d7ccf62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a5:f7:a3:27:19:31:ee:36:8e:5a:16:22:58:
f3:1f:7d:9c:c6:1b:08:3e:75:1d:59:61:97:3f:a8:
6b:2f:0f:8f:88:63:27:31:62:6a:78:10:93:03:23:
73:a8:92:a9:6f:45:29:b3:41:5d:ca:06:49:a7:dd:
8c:40:a8:e6:f8:2e:27:38:0c:42:43:9e:1f:17:8a:
a1:1a:0d:20:4d:3b:da:e0:34:10:bd:00:e4:a3:59:
13:47:c5:da:b6:30:1b:89:b8:c7:3a:e5:7e:54:d4:
ac:0e:ab:62:f0:20:9d:51:2e:01:15:e2:a4:ed:0d:
a9:70:15:64:e0:d7:0c:3d:e4:92:be:06:df:c4:0c:
91:a5:f0:82:95:ab:14:eb:a6:12:e3:11:ff:4b:1d:
78:e8:54:f7:25:b2:2e:1c:a4:37:7d:19:35:3f:da:
b4:10:9c:02:a8:d5:5e:b2:06:6d:76:5a:b3:a6:ec:
5d:c3:5f:b1:34:b4:94:4a:a8:6d:f5:5c:91:44:b3:
60:88:5f:53:e9:e7:a3:ec:92:35:56:d2:70:02:95:
53:3c:17:44:ee:58:01:66:ef:c9:f6:44:6b:c7:f0:
ac:d8:21:c6:b9:3e:cd:5f:38:b7:0d:51:a6:ff:99:
a3:85:90:d5:bb:25:22:ee:04:04:29:8f:bd:96:34:
99:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:55:6B:B2:71:DD:F2:B0:88:7C:49:DB:C2:E5:FF:F4:D7:CC:F6:2E
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/slVrsnHd8rCIfEnbwuX_9NfM9i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:05:cc:1d:ba:84:1b:11:36:bf:0f:85:00:a3:bd:50:c8:bf:
e2:e7:59:f7:ff:ca:83:1c:6d:ed:c6:c3:d6:5d:ad:8e:fd:90:
e5:09:26:e1:36:ad:91:ec:cb:b7:69:25:45:76:57:42:c1:5f:
31:2c:88:a2:1a:03:b0:d2:cd:9e:61:86:ba:7d:c4:4d:e6:68:
13:49:d6:e5:1e:5d:9f:86:43:96:3b:fb:65:01:32:9a:27:78:
98:9a:b9:75:d0:75:ba:dc:96:ce:ef:db:1f:d6:83:e6:ef:d9:
4b:99:9e:e6:dd:fb:c4:cd:99:04:9c:e8:2d:b1:da:ec:17:7d:
90:fe:22:cc:7e:db:3c:a9:f2:7c:b7:db:bd:c9:c2:33:ef:81:
9b:97:5b:c6:6e:86:f1:ec:79:31:70:f0:39:03:9c:37:87:b7:
96:8b:62:09:14:a6:1b:93:ed:58:b7:71:8b:22:d9:a6:e7:a8:
1c:70:aa:3d:11:a3:0b:6c:05:b9:b0:5a:05:a2:46:45:55:50:
24:fd:79:e4:a1:fc:94:98:99:62:a5:ce:35:e2:e7:43:5a:65:
dc:52:12:cf:cb:a3:a4:38:8c:a2:95:73:28:35:ab:90:48:65:
04:a6:81:6f:4c:0c:ea:f4:6f:e6:8e:23:04:a3:d9:f1:3c:a4:
66:f9:6b:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijYWDDqG1/doFkpiDbXocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjUwMTAxMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU1NmJiMjcxZGRmMmIwODg3YzQ5ZGJjMmU1ZmZmNGQ3Y2NmNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaX3oycZMe42jloWIljzH32cxhsI
PnUdWWGXP6hrLw+PiGMnMWJqeBCTAyNzqJKpb0Ups0FdygZJp92MQKjm+C4nOAxC
Q54fF4qhGg0gTTva4DQQvQDko1kTR8XatjAbibjHOuV+VNSsDqti8CCdUS4BFeKk
7Q2pcBVk4NcMPeSSvgbfxAyRpfCClasU66YS4xH/Sx146FT3JbIuHKQ3fRk1P9q0
EJwCqNVesgZtdlqzpuxdw1+xNLSUSqht9VyRRLNgiF9T6eej7JI1VtJwApVTPBdE
7lgBZu/J9kRrx/Cs2CHGuT7NXzi3DVGm/5mjhZDVuyUi7gQEKY+9ljSZnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJVa7Jx3fKwiHxJ28Ll//TXzPYuMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvc2xWcnNuSGQ4ckNJZkVuYnd1WF85TmZNOWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW95oMA0G
CSqGSIb3DQEBCwUAA4IBAQBsBcwduoQbETa/D4UAo71QyL/i51n3/8qDHG3txsPW
Xa2O/ZDlCSbhNq2R7Mu3aSVFdldCwV8xLIiiGgOw0s2eYYa6fcRN5mgTSdblHl2f
hkOWO/tlATKaJ3iYmrl10HW63JbO79sf1oPm79lLmZ7m3fvEzZkEnOgtsdrsF32Q
/iLMfts8qfJ8t9u9ycIz74Gbl1vGbobx7HkxcPA5A5w3h7eWi2IJFKYbk+1Yt3GL
Itmm56gccKo9EaMLbAW5sFoFokZFVVAk/XnkofyUmJlipc414udDWmXcUhLPy6Ok
OIyilXMoNauQSGUEpoFvTAzq9G/mjiMEo9nxPKRm+Wsd
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:15 2025 by rpki-client