Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/tPirfcovOkq_f6ORw4qTDcBMYwM.roa
File: tPirfcovOkq_f6ORw4qTDcBMYwM.roa (raw, json)
Hash identifier: YI04iLKTA2ElngcnawjReFNoZnCJvny+G11HRulhdOo=
Subject key identifier: B4:F8:AB:7D:CA:2F:3A:4A:BF:7F:A3:91:C3:8A:93:0D:C0:4C:63:03
Certificate issuer: /CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Certificate serial: 0194236A0B6D2E196D16BF89198E22965220
Authority key identifier: AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/tPirfcovOkq_f6ORw4qTDcBMYwM.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47721
IP address blocks: 91.247.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0b:6d:2e:19:6d:16:bf:89:19:8e:22:96:52:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f8ab7dca2f3a4abf7fa391c38a930dc04c6303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:80:85:0b:4a:74:25:9f:c9:0d:59:a1:ee:e0:
34:7d:6d:ee:31:c4:13:f8:c1:92:6f:d1:db:94:30:
62:55:d6:e1:d8:b6:a0:4c:79:a0:e8:ca:cb:45:5c:
dd:e9:75:f2:2c:31:d6:db:a8:d5:3e:95:de:f0:96:
66:60:36:a7:3c:77:01:82:98:37:55:bb:04:6e:58:
5e:87:1c:90:b6:76:43:ee:54:33:c7:8e:2a:c3:b1:
6b:d2:cd:80:a0:d6:7b:bb:82:27:c4:1a:bd:1b:0e:
52:17:d2:23:68:ed:98:e1:b2:1b:e0:ad:08:58:b0:
18:91:2f:27:16:4b:d6:03:4c:9d:2f:53:23:86:e4:
9b:97:42:d3:b5:e7:ae:f0:f4:ea:58:28:7d:35:2d:
10:96:57:da:2f:70:f6:26:f8:95:32:91:ca:ff:7d:
db:4d:7f:a9:4e:0f:73:bd:ea:fb:11:0a:16:d7:95:
ff:4f:04:66:b6:7b:80:95:28:9b:ee:46:38:cb:44:
06:8e:11:5e:dc:36:58:61:5b:ab:ad:18:8a:b5:9e:
20:76:5d:7c:6c:13:6f:b6:be:e9:8a:cd:85:7c:f6:
83:54:c1:55:4d:b0:2a:5a:af:88:ba:ae:e7:de:29:
6a:ea:2a:aa:1d:1d:74:77:94:e9:e1:bc:f2:ba:9f:
be:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F8:AB:7D:CA:2F:3A:4A:BF:7F:A3:91:C3:8A:93:0D:C0:4C:63:03
X509v3 Authority Key Identifier:
keyid:AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/tPirfcovOkq_f6ORw4qTDcBMYwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/qs5nJaCg3dFoBICoN4XSzVe_arA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.164.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7c:80:de:ff:5e:4d:cf:a5:3a:d3:af:56:51:0d:cb:c5:5d:
64:94:58:82:a2:b4:70:9f:90:3b:3c:a2:fd:cb:15:c9:50:ee:
92:05:97:a3:c3:bb:95:c1:e8:ca:eb:97:04:36:86:fb:ac:f7:
9c:0a:bf:a0:12:e7:22:97:89:28:ad:73:02:4b:9f:c9:40:3d:
f4:12:8c:5a:31:c5:81:94:e9:fc:84:33:72:ac:9c:f2:d6:fb:
c8:56:ca:c4:88:a7:ae:82:36:d8:de:a9:36:d2:74:94:20:17:
71:53:a1:55:4b:ed:64:19:56:d7:3e:c0:ef:10:7c:a1:5e:86:
18:0a:2d:08:ee:87:ff:39:4f:ec:38:7c:89:b3:d5:b6:1d:47:
8f:ce:8d:ae:9d:86:a1:0a:5d:90:af:da:8a:3a:53:f4:a9:0f:
87:91:9a:4a:2d:c2:b7:ce:34:88:07:76:90:bb:87:c0:8f:3c:
25:34:3f:6d:8a:ac:1d:d7:8d:9b:02:29:4e:f2:69:f0:1f:94:
fc:c9:6f:f9:c6:8b:0c:2e:b0:69:ed:10:64:a7:b7:38:45:16:
e3:0d:cb:9c:bd:39:67:41:27:62:d9:11:93:cd:72:ec:2b:65:
33:b5:7c:9e:d4:20:24:71:c5:55:9c:88:43:f9:cb:82:4c:61:
b4:ec:2e:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagttLhltFr+JGY4illIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2U2NzI1YTBhMGRkZDE2ODA0ODBhODM3ODVkMmNkNTdi
ZjZhYjAwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY4YWI3ZGNhMmYzYTRhYmY3ZmEzOTFjMzhhOTMwZGMwNGM2MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYCFC0p0JZ/JDVmh7uA0fW3uMcQT
+MGSb9HblDBiVdbh2LagTHmg6MrLRVzd6XXyLDHW26jVPpXe8JZmYDanPHcBgpg3
VbsEblhehxyQtnZD7lQzx44qw7Fr0s2AoNZ7u4InxBq9Gw5SF9IjaO2Y4bIb4K0I
WLAYkS8nFkvWA0ydL1MjhuSbl0LTteeu8PTqWCh9NS0QllfaL3D2JviVMpHK/33b
TX+pTg9zver7EQoW15X/TwRmtnuAlSib7kY4y0QGjhFe3DZYYVurrRiKtZ4gdl18
bBNvtr7pis2FfPaDVMFVTbAqWq+Iuq7n3ilq6iqqHR10d5Tp4bzyup+++QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT4q33KLzpKv3+jkcOKkw3ATGMDMB8GA1UdIwQY
MBaAFKrOZyWgoN3RaASAqDeF0s1Xv2qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTkt
NzJhMDgyY2RiMTgyLzEvdFBpcmZjb3ZPa3FfZjZPUnc0cVREY0JNWXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTktNzJhMDgyY2RiMTgy
LzEvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/ekMA0G
CSqGSIb3DQEBCwUAA4IBAQBXfIDe/15Nz6U6069WUQ3LxV1klFiCorRwn5A7PKL9
yxXJUO6SBZejw7uVwejK65cENob7rPecCr+gEucil4korXMCS5/JQD30EoxaMcWB
lOn8hDNyrJzy1vvIVsrEiKeugjbY3qk20nSUIBdxU6FVS+1kGVbXPsDvEHyhXoYY
Ci0I7of/OU/sOHyJs9W2HUePzo2unYahCl2Qr9qKOlP0qQ+HkZpKLcK3zjSIB3aQ
u4fAjzwlND9tiqwd142bAilO8mnwH5T8yW/5xosMLrBp7RBkp7c4RRbjDcucvTln
QSdi2RGTzXLsK2UztXye1CAkccVVnIhD+cuCTGG07C5V
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:54 2025 by rpki-client