Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/U9FgNuO_WVlbI20UhIUyI7NG_LE.roa
File: U9FgNuO_WVlbI20UhIUyI7NG_LE.roa (raw, json)
Hash identifier: BGOqRAx/QBvRa7zIMAAuvcSBrTI6cGoaM4mGtdpxDLU=
Subject key identifier: 53:D1:60:36:E3:BF:59:59:5B:23:6D:14:84:85:32:23:B3:46:FC:B1
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 0195D1BA42A894A5A57206D70AF97CF84C7D
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/U9FgNuO_WVlbI20UhIUyI7NG_LE.roa
Signing time: Wed 26 Mar 2025 09:13:19 +0000
ROA not before: Wed 26 Mar 2025 09:13:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 91.219.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:ba:42:a8:94:a5:a5:72:06:d7:0a:f9:7c:f8:4c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Mar 26 09:13:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d16036e3bf59595b236d1484853223b346fcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6e:55:ed:1f:df:44:7e:1b:17:05:61:58:09:
59:1b:87:f0:74:29:91:3b:52:5b:a5:af:c8:e0:4c:
f9:24:ec:9c:ee:e4:0f:16:5f:a3:29:81:4b:dd:a4:
e2:4b:dc:80:a5:f3:dc:e1:b7:dc:f9:25:05:65:a6:
7c:fd:eb:f1:a7:72:22:0c:27:b2:f4:26:ad:34:89:
e9:83:33:48:ed:0b:60:3f:10:9e:a9:7a:3c:6c:91:
ca:6b:76:81:9a:54:3e:c9:58:39:40:38:d2:90:7a:
75:b9:e0:ae:58:98:30:0d:85:32:34:ec:12:49:35:
19:36:37:b9:8f:83:81:d8:86:60:6b:14:db:f3:b1:
63:44:de:83:e1:df:fc:66:eb:62:15:1a:10:e8:0a:
77:07:c1:95:53:4e:cd:83:2d:8f:4e:37:73:45:4b:
a0:e7:11:70:81:bd:fd:65:c4:49:2b:87:0f:69:54:
4c:01:91:34:d3:07:ab:a7:c0:e0:51:de:09:ae:eb:
11:21:b9:8b:bc:b4:b3:b6:eb:73:23:08:e5:09:4f:
88:c2:ff:48:78:e5:5f:a8:68:01:fd:4d:b4:2e:47:
9c:54:d3:34:b2:f3:6e:18:fb:10:76:dc:ab:39:9a:
06:47:4b:d1:b4:58:41:2f:af:f7:c7:59:0d:88:15:
2d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:60:36:E3:BF:59:59:5B:23:6D:14:84:85:32:23:B3:46:FC:B1
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/U9FgNuO_WVlbI20UhIUyI7NG_LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.23.0/24
Signature Algorithm: sha256WithRSAEncryption
61:c9:9d:78:0b:14:b8:bc:f2:b1:95:17:f4:c5:0e:ff:a7:5d:
19:c4:c0:dd:6e:a7:f1:ec:08:a6:1a:33:36:c7:e9:18:20:c0:
de:0d:5f:c8:ac:22:ad:d0:d9:aa:a8:3b:d1:ef:d1:24:31:26:
fb:99:45:dd:9f:2f:83:91:36:5e:48:8d:9d:6c:bb:19:89:ce:
18:e7:19:94:3d:ff:92:41:5c:c0:2a:b8:0f:e1:b0:a1:e5:30:
a3:af:2b:de:c3:c8:df:09:55:d7:35:14:cd:55:47:ff:bb:fc:
48:1e:0c:06:9f:31:5f:ae:99:d6:9c:75:2f:e5:5b:fa:68:9c:
fc:b9:3e:2a:42:35:b8:ed:60:81:e8:d4:52:c9:3e:7b:18:24:
1d:7c:bf:d0:91:b0:71:8b:1a:eb:3f:9e:a8:56:6c:78:70:7e:
99:1b:28:f9:0b:4e:4f:a2:7f:8c:5d:5e:65:a4:3c:93:6d:cf:
63:ed:45:13:79:f4:32:34:aa:fa:fc:87:62:22:dd:83:10:2a:
ef:55:70:ad:68:43:d1:43:91:7c:06:90:56:7d:b5:0d:70:0b:
2d:00:56:45:61:9d:36:02:d5:e2:ea:3d:52:5b:d4:28:a1:60:
3e:fe:1c:9a:1f:32:5b:f7:d5:b0:5c:33:d6:bc:f2:41:11:6e:
f1:2c:51:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXRukKolKWlcgbXCvl8+Ex9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjUwMzI2MDkxMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QxNjAzNmUzYmY1OTU5NWIyMzZkMTQ4NDg1MzIyM2IzNDZmY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG5V7R/fRH4bFwVhWAlZG4fwdCmR
O1Jbpa/I4Ez5JOyc7uQPFl+jKYFL3aTiS9yApfPc4bfc+SUFZaZ8/evxp3IiDCey
9CatNInpgzNI7QtgPxCeqXo8bJHKa3aBmlQ+yVg5QDjSkHp1ueCuWJgwDYUyNOwS
STUZNje5j4OB2IZgaxTb87FjRN6D4d/8ZutiFRoQ6Ap3B8GVU07Ngy2PTjdzRUug
5xFwgb39ZcRJK4cPaVRMAZE00werp8DgUd4JrusRIbmLvLSztutzIwjlCU+Iwv9I
eOVfqGgB/U20LkecVNM0svNuGPsQdtyrOZoGR0vRtFhBL6/3x1kNiBUtHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPRYDbjv1lZWyNtFISFMiOzRvyxMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvVTlGZ051T19XVmxiSTIwVWhJVXlJN05HX0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9sXMA0G
CSqGSIb3DQEBCwUAA4IBAQBhyZ14CxS4vPKxlRf0xQ7/p10ZxMDdbqfx7AimGjM2
x+kYIMDeDV/IrCKt0NmqqDvR79EkMSb7mUXdny+DkTZeSI2dbLsZic4Y5xmUPf+S
QVzAKrgP4bCh5TCjryvew8jfCVXXNRTNVUf/u/xIHgwGnzFfrpnWnHUv5Vv6aJz8
uT4qQjW47WCB6NRSyT57GCQdfL/QkbBxixrrP56oVmx4cH6ZGyj5C05Pon+MXV5l
pDyTbc9j7UUTefQyNKr6/IdiIt2DECrvVXCtaEPRQ5F8BpBWfbUNcAstAFZFYZ02
AtXi6j1SW9QooWA+/hyaHzJb99WwXDPWvPJBEW7xLFHG
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:44 2025 by rpki-client