Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/hUld0bztgVsjCx1wOfJFp5IoOW8.roa
File: hUld0bztgVsjCx1wOfJFp5IoOW8.roa (raw, json)
Hash identifier: yhAFJhhqEely7Z+gYD2UjZa+MFUNj+TLxyxBcw9l33Y=
Subject key identifier: 85:49:5D:D1:BC:ED:81:5B:23:0B:1D:70:39:F2:45:A7:92:28:39:6F
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0194252149F8E4CFF88C8BD9A1587C41D092
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/hUld0bztgVsjCx1wOfJFp5IoOW8.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.190.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:49:f8:e4:cf:f8:8c:8b:d9:a1:58:7c:41:d0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85495dd1bced815b230b1d7039f245a79228396f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:01:d6:9d:55:56:d1:85:1f:91:69:39:0c:
f8:c0:86:3f:8e:b5:13:d6:4a:67:07:bb:b8:ce:a2:
bb:62:c9:e8:8e:8f:c3:5f:a7:bc:30:e7:05:59:be:
86:76:7c:b5:6b:ab:6d:30:9c:62:1d:e3:7a:6b:f2:
52:c6:30:c8:0e:71:54:d8:8f:1e:8f:ff:e3:0a:20:
f1:8d:30:f5:8b:3e:40:1e:37:10:fd:c7:2d:a4:85:
b0:a7:69:b4:4d:70:9c:7b:d1:29:70:a3:77:07:42:
47:b9:97:ef:dc:66:42:b5:76:98:19:b7:f5:2b:51:
67:4d:f4:83:11:6d:44:fe:94:cc:af:6f:07:54:9a:
76:42:6e:a4:58:64:9b:c2:ef:2c:58:3f:e7:f0:98:
95:b8:0a:a7:5c:44:ff:d7:93:8c:97:3b:15:95:55:
bc:a1:25:0e:13:e5:7c:5e:79:c5:5a:20:ae:a1:a0:
68:02:39:ab:ab:2f:49:c9:8c:e4:f0:4b:9c:28:de:
2e:18:ae:73:11:4f:e4:45:5b:9c:98:91:5e:89:bc:
7c:4a:fc:25:ce:fb:71:90:08:ae:62:9b:9e:b1:c7:
b0:eb:ca:de:5e:fc:94:e5:43:ad:74:3e:06:30:49:
29:cc:0a:25:e2:63:39:bc:dc:57:3b:3b:bc:1a:f7:
19:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:49:5D:D1:BC:ED:81:5B:23:0B:1D:70:39:F2:45:A7:92:28:39:6F
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/hUld0bztgVsjCx1wOfJFp5IoOW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.190.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ce:8b:3e:03:89:85:90:79:ad:86:44:5d:e6:55:d9:db:7a:
b0:7f:2c:6f:1f:c8:bc:45:b3:5e:f0:ac:50:c0:06:26:51:bb:
9c:1a:e4:27:3c:22:08:83:f5:82:bb:89:d3:b6:88:69:76:fb:
05:4e:1b:e9:46:49:8f:7f:75:70:9d:d3:8d:df:ff:e5:e4:01:
16:1d:bf:94:37:d7:ac:8e:f6:52:bd:60:e0:31:0e:87:bd:6a:
10:5b:a7:2d:ca:e9:b5:a2:21:d6:97:ad:25:84:08:e9:32:6b:
ac:e9:8c:4c:58:a9:ca:61:64:61:0d:87:af:9c:f8:39:a1:27:
8f:76:73:3a:30:10:da:c7:b6:fe:d4:2f:ce:ff:9d:75:d7:92:
b1:62:fa:72:ce:65:29:55:60:48:7b:a1:a4:0e:47:97:cc:94:
40:07:d7:16:42:36:2e:3a:74:a3:9a:ef:fa:02:25:e9:fd:74:
49:d0:3d:d5:86:4f:07:e1:0a:31:55:da:72:1a:e7:09:89:2c:
3b:d5:73:03:00:01:3a:6f:2d:97:92:59:f1:e0:d0:d7:3a:c8:
2a:62:2a:58:31:ef:0e:9f:ab:15:cc:76:43:98:82:95:16:94:
da:03:e7:2c:14:ad:97:41:24:12:c7:02:ed:fc:5f:73:43:8d:
e0:cf:54:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUn45M/4jIvZoVh8QdCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ5NWRkMWJjZWQ4MTViMjMwYjFkNzAzOWYyNDVhNzkyMjgzOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkQB1p1VVtGFH5FpOQz4wIY/jrUT
1kpnB7u4zqK7Ysnojo/DX6e8MOcFWb6Gdny1a6ttMJxiHeN6a/JSxjDIDnFU2I8e
j//jCiDxjTD1iz5AHjcQ/cctpIWwp2m0TXCce9EpcKN3B0JHuZfv3GZCtXaYGbf1
K1FnTfSDEW1E/pTMr28HVJp2Qm6kWGSbwu8sWD/n8JiVuAqnXET/15OMlzsVlVW8
oSUOE+V8XnnFWiCuoaBoAjmrqy9JyYzk8EucKN4uGK5zEU/kRVucmJFeibx8Svwl
zvtxkAiuYpuescew68reXvyU5UOtdD4GMEkpzAol4mM5vNxXOzu8GvcZHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVJXdG87YFbIwsdcDnyRaeSKDlvMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvaFVsZDBienRnVnNqQ3gxd09mSkZwNUlvT1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76+MA0G
CSqGSIb3DQEBCwUAA4IBAQBuzos+A4mFkHmthkRd5lXZ23qwfyxvH8i8RbNe8KxQ
wAYmUbucGuQnPCIIg/WCu4nTtohpdvsFThvpRkmPf3VwndON3//l5AEWHb+UN9es
jvZSvWDgMQ6HvWoQW6ctyum1oiHWl60lhAjpMmus6YxMWKnKYWRhDYevnPg5oSeP
dnM6MBDax7b+1C/O/51115KxYvpyzmUpVWBIe6GkDkeXzJRAB9cWQjYuOnSjmu/6
AiXp/XRJ0D3Vhk8H4QoxVdpyGucJiSw71XMDAAE6by2Xklnx4NDXOsgqYipYMe8O
n6sVzHZDmIKVFpTaA+csFK2XQSQSxwLt/F9zQ43gz1Qm
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:11:25 2025 by rpki-client