Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4dffb0-199a-4c5e-ac91-86fe36ca0b74/1/Ce_BbdsEv4VTlTlF-8r2HuBLzBo.roa
File: Ce_BbdsEv4VTlTlF-8r2HuBLzBo.roa (raw, json)
Hash identifier: /gyLg2rJXSor3WmgIG5R+n0glFhKZzzzFuxvqnBqlTs=
Subject key identifier: 09:EF:C1:6D:DB:04:BF:85:53:95:39:45:FB:CA:F6:1E:E0:4B:CC:1A
Certificate issuer: /CN=041359da0d0b7a829e420fd932cafc1e3c1572de
Certificate serial: 019424B3EC19245307C58407478A09C5014C
Authority key identifier: 04:13:59:DA:0D:0B:7A:82:9E:42:0F:D9:32:CA:FC:1E:3C:15:72:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BBNZ2g0LeoKeQg_ZMsr8HjwVct4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4dffb0-199a-4c5e-ac91-86fe36ca0b74/1/Ce_BbdsEv4VTlTlF-8r2HuBLzBo.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207853
IP address blocks: 91.210.152.0/24 maxlen: 24
2001:678:b9c::/48 maxlen: 48
2a07:b1c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ec:19:24:53:07:c5:84:07:47:8a:09:c5:01:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=041359da0d0b7a829e420fd932cafc1e3c1572de
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09efc16ddb04bf8553953945fbcaf61ee04bcc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:85:93:c9:24:d5:f4:a8:c1:7b:a2:3c:7d:49:
9d:29:1f:da:e7:58:e8:d6:41:2f:c5:24:1f:95:cc:
61:0b:07:23:aa:f1:49:76:c8:87:bb:e7:aa:68:e6:
ff:a5:72:d4:e1:b3:77:73:6b:88:99:30:ba:fd:3a:
50:75:c3:08:cf:83:af:40:d5:70:c9:e1:a6:36:d5:
4c:a3:ec:d5:21:cc:2a:a2:58:4a:dd:b8:36:f2:b8:
46:80:1d:6c:4e:9e:28:ce:7d:97:fe:b4:9e:87:87:
b2:90:05:84:b3:1a:d8:62:14:db:36:63:e5:81:8b:
68:dc:d6:00:05:b2:98:95:d5:56:90:b2:7c:dc:2e:
91:37:17:4a:6d:79:3f:f6:cf:bd:7a:51:f4:a8:90:
65:20:c5:43:46:85:7a:ff:1e:a1:99:7b:7d:64:2d:
d2:97:9b:bd:41:97:ba:d1:c3:d9:06:48:2e:dc:7b:
98:f0:2b:f2:d1:c1:1a:b6:1b:f1:32:40:52:61:07:
13:2f:c0:f8:48:8a:86:98:df:8f:53:63:be:d4:8d:
57:f3:f8:2b:62:24:19:8b:a8:26:1a:a2:13:a7:a8:
a8:17:31:a8:f9:ff:cd:57:84:04:d0:a7:52:61:5e:
7a:7a:93:1c:c6:98:94:46:70:31:91:14:3f:15:f2:
4e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EF:C1:6D:DB:04:BF:85:53:95:39:45:FB:CA:F6:1E:E0:4B:CC:1A
X509v3 Authority Key Identifier:
keyid:04:13:59:DA:0D:0B:7A:82:9E:42:0F:D9:32:CA:FC:1E:3C:15:72:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BBNZ2g0LeoKeQg_ZMsr8HjwVct4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4dffb0-199a-4c5e-ac91-86fe36ca0b74/1/Ce_BbdsEv4VTlTlF-8r2HuBLzBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4dffb0-199a-4c5e-ac91-86fe36ca0b74/1/BBNZ2g0LeoKeQg_ZMsr8HjwVct4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.152.0/24
IPv6:
2001:678:b9c::/48
2a07:b1c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:db:07:ed:8c:2c:e1:11:a3:84:37:68:f3:72:f3:55:fc:9e:
8a:f3:3c:72:fb:f0:58:2e:ba:51:ff:28:00:fd:3a:8a:55:6f:
68:d4:19:fc:6f:84:24:61:a3:8c:0c:28:10:d2:3a:d5:ec:57:
3b:50:27:3b:ef:fb:a6:a5:64:20:85:fc:17:26:5b:55:90:72:
52:65:8a:d8:60:5d:e8:43:e3:01:d9:49:30:e1:2e:97:36:ce:
a5:1e:7d:4c:09:52:25:24:9f:73:d4:95:d2:56:f3:a7:26:75:
b2:a7:1e:a9:b2:99:f6:89:72:eb:67:10:67:6c:96:dd:84:e6:
0a:1a:9c:26:33:0d:f6:ae:19:2a:a0:d9:d2:87:50:a4:dc:44:
58:38:44:b7:a2:20:cc:ac:e3:00:80:45:11:19:79:7e:13:5b:
63:98:a8:04:bd:92:60:c6:28:4a:cf:72:51:e8:58:ad:c7:fe:
5e:0c:09:68:42:7b:b7:eb:be:a4:c3:e5:c4:64:0a:3a:6a:49:
b5:e9:e5:bd:51:fb:50:9e:31:eb:ba:1a:83:7b:9f:0d:69:d2:
2b:49:cd:e1:cc:7d:bd:be:49:16:70:7d:1e:e3:03:17:02:40:
2a:a7:0a:f7:a0:c5:7c:63:5f:97:47:9c:f9:5f:5b:5c:8b:29:
a7:00:39:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQks+wZJFMHxYQHR4oJxQFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MTM1OWRhMGQwYjdhODI5ZTQyMGZkOTMyY2FmYzFlM2Mx
NTcyZGUwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVmYzE2ZGRiMDRiZjg1NTM5NTM5NDVmYmNhZjYxZWUwNGJjYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIWTySTV9KjBe6I8fUmdKR/a51jo
1kEvxSQflcxhCwcjqvFJdsiHu+eqaOb/pXLU4bN3c2uImTC6/TpQdcMIz4OvQNVw
yeGmNtVMo+zVIcwqolhK3bg28rhGgB1sTp4ozn2X/rSeh4eykAWEsxrYYhTbNmPl
gYto3NYABbKYldVWkLJ83C6RNxdKbXk/9s+9elH0qJBlIMVDRoV6/x6hmXt9ZC3S
l5u9QZe60cPZBkgu3HuY8Cvy0cEathvxMkBSYQcTL8D4SIqGmN+PU2O+1I1X8/gr
YiQZi6gmGqITp6ioFzGo+f/NV4QE0KdSYV56epMcxpiURnAxkRQ/FfJOHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAnvwW3bBL+FU5U5RfvK9h7gS8waMB8GA1UdIwQY
MBaAFAQTWdoNC3qCnkIP2TLK/B48FXLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkJOWjJnMExlb0tlUWdfWk1zcjhIandWY3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80ZGZmYjAtMTk5YS00YzVlLWFjOTEt
ODZmZTM2Y2EwYjc0LzEvQ2VfQmJkc0V2NFZUbFRsRi04cjJIdUJMekJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80ZGZmYjAtMTk5YS00YzVlLWFjOTEtODZmZTM2Y2EwYjc0
LzEvQkJOWjJnMExlb0tlUWdfWk1zcjhIandWY3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9KYMBYE
AgACMBADBwAgAQZ4C5wDBQMqB7HAMA0GCSqGSIb3DQEBCwUAA4IBAQAz2wftjCzh
EaOEN2jzcvNV/J6K8zxy+/BYLrpR/ygA/TqKVW9o1Bn8b4QkYaOMDCgQ0jrV7Fc7
UCc77/umpWQghfwXJltVkHJSZYrYYF3oQ+MB2Ukw4S6XNs6lHn1MCVIlJJ9z1JXS
VvOnJnWypx6pspn2iXLrZxBnbJbdhOYKGpwmMw32rhkqoNnSh1Ck3ERYOES3oiDM
rOMAgEURGXl+E1tjmKgEvZJgxihKz3JR6Fitx/5eDAloQnu3676kw+XEZAo6akm1
6eW9UftQnjHruhqDe58NadIrSc3hzH29vkkWcH0e4wMXAkAqpwr3oMV8Y1+XR5z5
X1tciymnADnL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:10 2025 by rpki-client