Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R4kSaeaemWY7NmWb1F4KltKomYY.roa
File: R4kSaeaemWY7NmWb1F4KltKomYY.roa (raw, json)
Hash identifier: ESvLLtv5/s9lw/4VC9m9gfUzdNNlCCVRh/KwcWC9r8s=
Subject key identifier: 47:89:12:69:E6:9E:99:66:3B:36:65:9B:D4:5E:0A:96:D2:A8:99:86
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0195C9097DF7BE0F4DB105DCE8BB8B325351
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R4kSaeaemWY7NmWb1F4KltKomYY.roa
Signing time: Mon 24 Mar 2025 16:43:17 +0000
ROA not before: Mon 24 Mar 2025 16:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 91.108.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:09:7d:f7:be:0f:4d:b1:05:dc:e8:bb:8b:32:53:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Mar 24 16:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47891269e69e99663b36659bd45e0a96d2a89986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:ca:1c:9f:0e:33:2c:77:3e:cb:0f:28:07:
4e:6b:9c:8f:9b:75:52:9e:87:70:93:11:4b:34:de:
64:0f:0d:2c:28:4b:e9:74:6c:6e:0a:a8:c9:11:5b:
84:3a:64:89:50:ce:68:37:76:34:5b:82:7c:ce:f2:
59:7d:9b:bb:36:a0:1d:87:bc:f2:77:dd:cd:15:bc:
01:d8:c6:45:2b:5a:9d:61:a3:f1:a5:94:ea:3f:29:
9d:89:22:e0:e5:b0:27:54:cc:aa:4e:ab:28:24:ad:
c2:8b:ca:75:93:e9:27:26:a0:27:fc:56:8b:de:ec:
f9:d1:3b:3e:ea:32:3c:25:02:ad:ba:8f:ed:60:e1:
e9:c1:1e:aa:42:9d:c8:5a:73:12:5e:30:b2:aa:39:
b3:ad:a7:77:61:45:fa:41:5b:e1:53:04:21:29:1b:
78:63:20:c2:08:49:d0:f7:f1:d6:c9:61:ae:3b:da:
ed:05:55:ff:fa:66:8a:e4:29:24:42:cf:e6:af:67:
37:71:30:a3:cb:7b:1d:e9:ae:d7:00:af:6b:8f:37:
8e:cb:cd:9f:b8:d5:26:50:38:fc:a4:71:f9:f9:9d:
a9:04:d2:7a:cb:29:2e:24:21:76:95:14:27:34:ab:
2e:60:61:ce:87:02:0a:a3:97:68:d0:34:eb:fb:af:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:89:12:69:E6:9E:99:66:3B:36:65:9B:D4:5E:0A:96:D2:A8:99:86
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R4kSaeaemWY7NmWb1F4KltKomYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
38:1b:16:07:f1:fa:98:30:a3:6e:07:b1:1a:cb:eb:5d:3e:73:
db:97:88:5a:40:bc:f2:6b:74:32:9b:2d:41:2d:91:bd:60:2d:
26:97:26:2e:f2:d0:c7:24:91:f7:26:58:38:3e:6b:00:fa:42:
3f:9b:bf:0f:8c:f1:f9:f4:87:11:12:0d:0a:5c:e5:4e:13:ec:
a9:36:4d:1e:d6:7e:d0:24:9d:4e:e8:ae:a7:37:10:9f:19:5a:
04:5c:0a:ab:f7:07:a1:43:18:78:62:eb:41:0b:6a:8d:5c:a3:
d3:d3:a7:d7:c3:e8:27:b0:0a:2e:5e:74:45:92:9a:e4:ba:93:
90:00:50:ed:93:19:95:ad:ca:a7:f3:8f:2b:5d:34:d8:26:aa:
44:d5:f7:d0:ef:43:5e:93:48:73:f7:ab:bc:dc:bd:7f:f8:1e:
7d:96:99:db:12:a3:ed:ee:d1:21:02:db:b1:28:cd:db:a8:16:
24:8b:49:ac:71:a8:7e:a7:3c:fc:c8:4a:70:8a:19:15:13:31:
44:91:be:e1:f1:dc:ab:d5:d7:7b:49:b3:59:ca:61:b9:d1:40:
31:f8:74:dd:33:9d:71:fc:61:63:16:f8:b1:e2:b9:ba:2d:7a:
55:38:ce:d4:66:6a:32:a7:28:6d:62:8b:ec:51:35:9b:5e:3e:
8e:d1:25:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXJCX33vg9NsQXc6LuLMlNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwMzI0MTY0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzg5MTI2OWU2OWU5OTY2M2IzNjY1OWJkNDVlMGE5NmQyYTg5OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszfKHJ8OMyx3PssPKAdOa5yPm3VS
nodwkxFLNN5kDw0sKEvpdGxuCqjJEVuEOmSJUM5oN3Y0W4J8zvJZfZu7NqAdh7zy
d93NFbwB2MZFK1qdYaPxpZTqPymdiSLg5bAnVMyqTqsoJK3Ci8p1k+knJqAn/FaL
3uz50Ts+6jI8JQKtuo/tYOHpwR6qQp3IWnMSXjCyqjmzrad3YUX6QVvhUwQhKRt4
YyDCCEnQ9/HWyWGuO9rtBVX/+maK5CkkQs/mr2c3cTCjy3sd6a7XAK9rjzeOy82f
uNUmUDj8pHH5+Z2pBNJ6yykuJCF2lRQnNKsuYGHOhwIKo5do0DTr+6+FjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeJEmnmnplmOzZlm9ReCpbSqJmGMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvUjRrU2FlYWVtV1k3Tm1XYjFGNEtsdEtvbVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2z/MA0G
CSqGSIb3DQEBCwUAA4IBAQA4GxYH8fqYMKNuB7Eay+tdPnPbl4haQLzya3Qymy1B
LZG9YC0mlyYu8tDHJJH3Jlg4PmsA+kI/m78PjPH59IcREg0KXOVOE+ypNk0e1n7Q
JJ1O6K6nNxCfGVoEXAqr9wehQxh4YutBC2qNXKPT06fXw+gnsAouXnRFkprkupOQ
AFDtkxmVrcqn848rXTTYJqpE1ffQ70Nek0hz96u83L1/+B59lpnbEqPt7tEhAtux
KM3bqBYki0mscah+pzz8yEpwihkVEzFEkb7h8dyr1dd7SbNZymG50UAx+HTdM51x
/GFjFvix4rm6LXpVOM7UZmoypyhtYovsUTWbXj6O0SXT
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:20:45 2025 by rpki-client