Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/_4Ze51PkjeQX75n6sYes67AAloo.roa
File: _4Ze51PkjeQX75n6sYes67AAloo.roa (raw, json)
Hash identifier: TazMQ9hYRcPMHpN2jE1CGgfAASu92VcJx8NusDceESI=
Subject key identifier: FF:86:5E:E7:53:E4:8D:E4:17:EF:99:FA:B1:87:AC:EB:B0:00:96:8A
Certificate issuer: /CN=6b6cc790695b719b923c74d20fab7e63c18bc736
Certificate serial: 019423694082AAA705B365BAE94F60F374D2
Authority key identifier: 6B:6C:C7:90:69:5B:71:9B:92:3C:74:D2:0F:AB:7E:63:C1:8B:C7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/_4Ze51PkjeQX75n6sYes67AAloo.roa
Signing time: Wed 01 Jan 2025 19:48:07 +0000
ROA not before: Wed 01 Jan 2025 19:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206825
IP address blocks: 91.198.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:40:82:aa:a7:05:b3:65:ba:e9:4f:60:f3:74:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b6cc790695b719b923c74d20fab7e63c18bc736
Validity
Not Before: Jan 1 19:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff865ee753e48de417ef99fab187acebb000968a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:3e:ae:ba:a4:00:6f:0d:45:5e:ce:8f:78:
54:eb:ba:6b:db:23:2a:43:f3:ca:94:74:d6:68:bc:
ab:91:cd:04:f1:a5:05:16:ee:5d:4c:8b:5b:6e:ea:
5d:25:f6:13:82:6a:43:77:99:14:f6:f7:d9:ee:cb:
18:b3:24:af:15:90:eb:5d:aa:41:a9:69:4d:d7:69:
ef:60:0a:d4:a8:e8:01:93:85:8a:ad:19:62:a5:6b:
ce:f1:c7:ec:c8:d2:a0:08:15:1c:10:bc:c0:01:9a:
e3:5c:b0:fc:9e:bf:bb:22:9b:71:7f:cf:32:c5:ab:
86:30:1d:fa:c6:74:ab:c2:49:90:1a:25:99:b8:34:
75:db:31:e6:5f:97:7f:27:bd:9f:a3:d8:48:40:27:
0a:66:e5:71:c4:d7:03:10:1c:1c:84:85:9b:42:2c:
e8:6e:a8:a5:20:51:da:1e:5e:95:f8:94:bb:36:27:
69:74:d3:33:4b:bb:26:d3:31:be:44:c0:0d:cd:5a:
f0:a5:f8:49:0a:41:25:c6:ca:68:03:67:94:05:44:
56:bd:6b:a9:71:62:63:13:2b:02:d8:c6:21:c2:e6:
ff:e1:d9:10:d8:5f:76:8f:71:b5:81:d2:17:7e:02:
96:aa:f4:ca:56:31:ea:b5:1f:08:8f:bb:52:62:41:
e3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:86:5E:E7:53:E4:8D:E4:17:EF:99:FA:B1:87:AC:EB:B0:00:96:8A
X509v3 Authority Key Identifier:
keyid:6B:6C:C7:90:69:5B:71:9B:92:3C:74:D2:0F:AB:7E:63:C1:8B:C7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/_4Ze51PkjeQX75n6sYes67AAloo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.238.0/24
Signature Algorithm: sha256WithRSAEncryption
48:bc:eb:9f:09:bc:af:02:1a:2a:03:07:d4:dc:fe:ec:56:25:
83:e7:dc:34:aa:26:04:64:af:a7:43:1e:cb:ca:7c:6a:ef:37:
55:23:59:67:cc:2c:39:ce:66:dc:f8:7a:39:36:76:a0:cf:48:
69:61:f1:9d:21:63:34:fd:07:1d:c0:da:13:4d:34:b2:76:bb:
88:e0:74:99:34:71:40:cf:09:35:19:8c:78:ba:fc:69:0f:f6:
4f:26:ea:da:78:3b:96:c0:e8:e9:c1:35:33:5a:2a:45:fa:db:
26:2e:b6:49:0c:25:a7:25:f2:2e:06:e5:d4:56:3f:ce:50:2a:
c4:1b:04:3a:2e:60:2e:cd:89:41:44:a5:f5:11:9d:5c:40:ee:
d9:fd:ed:23:3d:be:b6:b7:53:58:19:17:8d:c6:50:f8:10:15:
1b:04:a5:75:9f:f6:37:6a:e7:da:97:f0:d1:eb:1c:c5:e4:1a:
86:cc:dd:6a:48:30:ed:dd:ee:e7:5c:28:96:d9:fa:f7:e5:ac:
82:48:bf:39:36:bd:5f:b9:45:01:28:95:ae:4d:b8:80:1d:56:
78:6f:84:df:37:1c:05:59:8d:9b:51:29:d2:64:a5:c2:fa:ca:
9a:84:08:f1:a1:21:02:5c:16:87:38:73:79:52:9c:c7:53:61:
6b:34:87:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaUCCqqcFs2W66U9g83TSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmNjNzkwNjk1YjcxOWI5MjNjNzRkMjBmYWI3ZTYzYzE4
YmM3MzYwHhcNMjUwMTAxMTk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg2NWVlNzUzZTQ4ZGU0MTdlZjk5ZmFiMTg3YWNlYmIwMDA5NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyA+rrqkAG8NRV7Oj3hU67pr2yMq
Q/PKlHTWaLyrkc0E8aUFFu5dTItbbupdJfYTgmpDd5kU9vfZ7ssYsySvFZDrXapB
qWlN12nvYArUqOgBk4WKrRlipWvO8cfsyNKgCBUcELzAAZrjXLD8nr+7Iptxf88y
xauGMB36xnSrwkmQGiWZuDR12zHmX5d/J72fo9hIQCcKZuVxxNcDEBwchIWbQizo
bqilIFHaHl6V+JS7NidpdNMzS7sm0zG+RMANzVrwpfhJCkElxspoA2eUBURWvWup
cWJjEysC2MYhwub/4dkQ2F92j3G1gdIXfgKWqvTKVjHqtR8Ij7tSYkHj9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+GXudT5I3kF++Z+rGHrOuwAJaKMB8GA1UdIwQY
MBaAFGtsx5BpW3Gbkjx00g+rfmPBi8c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJ6SGtHbGJjWnVTUEhUU0Q2dC1ZOEdMeHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81NGFmNjgtNDA3NC00NWM5LTk1ZTkt
NTdkNWY0MDFiNTY0LzEvXzRaZTUxUGtqZVFYNzVuNnNZZXM2N0FBbG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81NGFmNjgtNDA3NC00NWM5LTk1ZTktNTdkNWY0MDFiNTY0
LzEvYTJ6SGtHbGJjWnVTUEhUU0Q2dC1ZOEdMeHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8buMA0G
CSqGSIb3DQEBCwUAA4IBAQBIvOufCbyvAhoqAwfU3P7sViWD59w0qiYEZK+nQx7L
ynxq7zdVI1lnzCw5zmbc+Ho5Nnagz0hpYfGdIWM0/QcdwNoTTTSydruI4HSZNHFA
zwk1GYx4uvxpD/ZPJuraeDuWwOjpwTUzWipF+tsmLrZJDCWnJfIuBuXUVj/OUCrE
GwQ6LmAuzYlBRKX1EZ1cQO7Z/e0jPb62t1NYGReNxlD4EBUbBKV1n/Y3aufal/DR
6xzF5BqGzN1qSDDt3e7nXCiW2fr35ayCSL85Nr1fuUUBKJWuTbiAHVZ4b4TfNxwF
WY2bUSnSZKXC+sqahAjxoSECXBaHOHN5UpzHU2FrNIdv
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:47:30 2025 by rpki-client