Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/rrE5qG_QL2LljKJgByMCQrCEjYE.roa
File: rrE5qG_QL2LljKJgByMCQrCEjYE.roa (raw, json)
Hash identifier: /tAgvXXN7dUwUtNncIU10qy0t46qQkbXFASoHVW+MjU=
Subject key identifier: AE:B1:39:A8:6F:D0:2F:62:E5:8C:A2:60:07:23:02:42:B0:84:8D:81
Certificate issuer: /CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Certificate serial: 018CC5001705D8E0490C75460003525E4A7C
Authority key identifier: A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/rrE5qG_QL2LljKJgByMCQrCEjYE.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47692
IP address blocks: 91.151.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:17:05:d8:e0:49:0c:75:46:00:03:52:5e:4a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aeb139a86fd02f62e58ca26007230242b0848d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ff:ba:0a:fe:6a:77:f0:58:69:7f:fa:64:0b:
54:6d:3f:64:0d:a2:c3:1b:bb:9b:df:70:d8:b2:c3:
4d:42:7f:f9:fc:16:12:73:a1:e4:70:c2:83:c1:75:
34:4b:95:fc:d1:5f:e6:3d:52:f1:42:73:bd:fd:af:
59:aa:62:67:9f:eb:71:71:e9:34:35:8f:f9:bc:dd:
62:93:5f:7a:b2:7a:8a:b8:78:c7:cb:7d:b1:d4:2e:
34:64:78:53:98:63:4e:7e:02:ba:b9:39:08:c0:80:
10:83:b1:f2:e6:24:9d:df:15:c0:28:46:fe:bf:82:
c6:02:fa:0f:6e:16:e4:b0:85:62:38:d6:b2:26:49:
99:88:23:d3:e5:21:ad:0b:d9:99:70:6a:e9:12:9d:
3d:dd:f8:fd:71:7e:24:4d:3e:a2:5f:3f:e9:af:16:
94:59:00:83:6b:af:39:a9:02:8b:64:c0:8e:55:d4:
98:2b:63:b0:39:49:4d:c0:d0:c6:9f:3c:2e:eb:9c:
27:e1:36:47:74:34:a7:4d:83:2f:33:04:71:4f:5a:
fe:6d:25:a7:38:79:c8:89:5e:81:0a:ce:d9:e9:7c:
10:09:c0:37:29:4e:26:3e:ec:2a:af:c6:2b:dc:86:
b3:00:73:6f:57:bf:8f:dd:e2:42:20:28:ea:35:46:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B1:39:A8:6F:D0:2F:62:E5:8C:A2:60:07:23:02:42:B0:84:8D:81
X509v3 Authority Key Identifier:
keyid:A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/rrE5qG_QL2LljKJgByMCQrCEjYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/pOeG5ICTc8GYVFWFjGsCswpxrRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.16.0/22
Signature Algorithm: sha256WithRSAEncryption
96:2a:ee:66:3f:67:d6:6c:9b:2a:29:6c:54:9b:a5:fb:74:41:
4e:7b:35:44:63:2d:ea:52:c4:94:7d:59:47:d1:a9:b0:d5:03:
78:1f:41:ef:56:af:74:e4:ae:63:f8:5f:c8:38:e0:96:62:77:
98:ac:33:55:65:17:68:f6:8f:5a:8a:02:17:75:20:67:c4:9a:
02:6d:af:03:fe:57:82:65:85:3f:02:98:0f:a8:a7:ba:c4:9b:
2a:64:6d:38:6d:2b:7a:c1:61:82:a8:04:cf:00:22:bc:ac:7b:
ad:86:45:c5:13:4e:2d:03:22:40:78:01:8c:f7:ec:35:98:ae:
e4:d2:0a:21:78:d9:ec:a3:3e:4d:0f:f5:1e:d8:0b:23:80:2a:
35:35:42:14:62:a3:d4:1c:08:e8:a5:af:3f:79:bd:8c:d7:e5:
4d:08:ae:3e:df:9b:76:32:18:20:c0:27:d6:e5:03:d9:a9:ba:
40:6d:62:5d:86:05:c7:84:c6:72:89:8d:77:87:ec:24:d9:21:
2e:83:af:2b:10:79:ce:77:f5:f3:84:cf:4e:17:fe:38:1c:fa:
b3:31:ec:74:cd:56:70:fe:56:a9:d3:0e:bd:d5:4b:29:bd:f0:
ec:31:b2:25:f2:53:c6:6a:00:7b:95:48:8d:a0:b1:06:af:6b:
fe:13:bc:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABcF2OBJDHVGAANSXkp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc4NmU0ODA5MzczYzE5ODU0NTU4NThjNmIwMmIzMGE3
MWFkMWIwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWIxMzlhODZmZDAyZjYyZTU4Y2EyNjAwNzIzMDI0MmIwODQ4ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP+6Cv5qd/BYaX/6ZAtUbT9kDaLD
G7ub33DYssNNQn/5/BYSc6HkcMKDwXU0S5X80V/mPVLxQnO9/a9ZqmJnn+txcek0
NY/5vN1ik196snqKuHjHy32x1C40ZHhTmGNOfgK6uTkIwIAQg7Hy5iSd3xXAKEb+
v4LGAvoPbhbksIViONayJkmZiCPT5SGtC9mZcGrpEp093fj9cX4kTT6iXz/prxaU
WQCDa685qQKLZMCOVdSYK2OwOUlNwNDGnzwu65wn4TZHdDSnTYMvMwRxT1r+bSWn
OHnIiV6BCs7Z6XwQCcA3KU4mPuwqr8Yr3IazAHNvV7+P3eJCICjqNUbr5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6xOahv0C9i5YyiYAcjAkKwhI2BMB8GA1UdIwQY
MBaAFKTnhuSAk3PBmFRVhYxrArMKca0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEt
ZjY2OTdiZmQyZDRmLzEvcnJFNXFHX1FMMkxsaktKZ0J5TUNRckNFallFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEtZjY2OTdiZmQyZDRm
LzEvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW5cQMA0G
CSqGSIb3DQEBCwUAA4IBAQCWKu5mP2fWbJsqKWxUm6X7dEFOezVEYy3qUsSUfVlH
0amw1QN4H0HvVq905K5j+F/IOOCWYneYrDNVZRdo9o9aigIXdSBnxJoCba8D/leC
ZYU/ApgPqKe6xJsqZG04bSt6wWGCqATPACK8rHuthkXFE04tAyJAeAGM9+w1mK7k
0goheNnsoz5ND/Ue2AsjgCo1NUIUYqPUHAjopa8/eb2M1+VNCK4+35t2MhggwCfW
5QPZqbpAbWJdhgXHhMZyiY13h+wk2SEug68rEHnOd/XzhM9OF/44HPqzMex0zVZw
/lap0w691UspvfDsMbIl8lPGagB7lUiNoLEGr2v+E7yj
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:56 2025 by rpki-client