Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/TnUa9Ik5MIEZFyAPb51t3lEzTlw.roa
File: TnUa9Ik5MIEZFyAPb51t3lEzTlw.roa (raw, json)
Hash identifier: VAA3uHujk9bmdBTaro78iFRxhf25M26lepAeKhwVT4w=
Subject key identifier: 4E:75:1A:F4:89:39:30:81:19:17:20:0F:6F:9D:6D:DE:51:33:4E:5C
Certificate issuer: /CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Certificate serial: 019422FB9721A7F152346475E3BCABA2858B
Authority key identifier: 32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/TnUa9Ik5MIEZFyAPb51t3lEzTlw.roa
Signing time: Wed 01 Jan 2025 17:48:20 +0000
ROA not before: Wed 01 Jan 2025 17:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49627
IP address blocks: 91.232.130.0/24 maxlen: 24
185.68.160.0/22 maxlen: 24
193.169.138.0/23 maxlen: 24
2a03:2c60::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:97:21:a7:f1:52:34:64:75:e3:bc:ab:a2:85:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Validity
Not Before: Jan 1 17:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e751af4893930811917200f6f9d6dde51334e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f9:ab:ab:4e:14:59:4a:12:7a:c6:2d:51:52:
71:c5:80:6d:bb:29:36:d6:72:67:7a:4f:6d:cc:68:
0d:18:8d:38:2a:fb:48:74:d8:29:e1:29:d5:8c:5a:
9e:fd:f2:9f:56:4e:a1:56:38:90:20:d1:65:22:31:
d0:fa:cb:97:24:46:6e:27:32:94:c6:4d:14:5a:10:
7c:28:fe:25:59:51:70:54:34:5a:1b:8f:5b:eb:03:
5c:93:c4:1a:b7:f5:54:dc:bf:7b:00:61:ce:99:51:
e1:68:97:98:3b:7d:30:6d:ae:f2:89:31:67:6e:90:
ce:00:97:92:34:54:af:eb:17:3f:48:3a:0a:53:85:
4f:cc:58:c7:8c:41:06:f7:d9:e6:de:f6:e2:fd:f7:
c6:dc:2f:3c:6a:44:89:0b:59:78:6d:9a:33:f5:e4:
b6:da:04:b7:c6:2b:20:ac:14:de:80:74:d8:8a:46:
d6:c8:35:10:36:69:eb:19:57:37:9c:b6:36:a7:c1:
b5:72:c3:95:1d:c9:94:d5:6a:ab:9a:32:4e:db:c0:
0f:d3:e1:7b:7a:ac:83:4f:12:49:18:72:92:f5:cf:
0d:15:cc:5f:96:b8:d8:64:10:39:f6:08:c0:84:00:
ce:92:59:02:0a:66:61:a7:49:13:c8:7e:dd:34:78:
c6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:75:1A:F4:89:39:30:81:19:17:20:0F:6F:9D:6D:DE:51:33:4E:5C
X509v3 Authority Key Identifier:
keyid:32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/TnUa9Ik5MIEZFyAPb51t3lEzTlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/MklHwK7O_of525bltFvrEK65h6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.130.0/24
185.68.160.0/22
193.169.138.0/23
IPv6:
2a03:2c60::/32
Signature Algorithm: sha256WithRSAEncryption
d3:17:ee:45:a7:c3:19:cf:d8:36:1e:f2:c3:90:4d:38:b4:08:
2b:3b:ee:60:9a:a7:b2:0a:e8:06:c8:48:e1:a9:f8:54:74:ee:
40:af:b4:36:e2:50:af:f7:8a:df:d3:4e:be:08:7f:ce:a0:ee:
95:3b:b9:1f:9d:d5:8e:0a:12:0c:20:33:5a:46:8d:78:f9:3e:
f0:2f:e1:93:b9:df:22:fb:76:7d:a0:10:77:5f:a5:ac:3c:2f:
99:cd:87:71:e1:a4:86:86:40:19:a4:37:49:b3:40:cf:0b:ef:
40:dd:9f:f7:41:08:ec:ac:f9:39:61:7c:64:89:44:a2:c3:32:
33:f1:19:59:2f:a1:df:42:d8:1b:b5:c8:9d:45:c0:2e:3c:3d:
3c:6b:f9:59:52:af:0b:fb:71:e5:d6:0b:14:da:ae:fb:e5:2f:
cb:7c:1a:42:34:4b:84:81:e3:f2:90:51:c0:32:6a:52:46:e7:
fa:dd:fd:f6:b7:49:6d:9f:70:d0:36:d9:7c:bb:ee:1c:b6:6e:
34:20:43:bb:8e:de:af:5b:e4:1b:42:28:74:2c:f1:cc:4f:22:
ea:dc:72:12:24:cc:14:85:66:dc:9c:66:75:a9:a6:7b:33:bf:
a8:19:8c:81:f0:ca:1f:f4:aa:2b:39:43:c8:a4:f1:2c:62:75:
2a:85:bf:fc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi+5chp/FSNGR147yrooWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDk0N2MwYWVjZWZlODdmOWRiOTZlNWI0NWJlYjEwYWVi
OTg3YTYwHhcNMjUwMTAxMTc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc1MWFmNDg5MzkzMDgxMTkxNzIwMGY2ZjlkNmRkZTUxMzM0ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/mrq04UWUoSesYtUVJxxYBtuyk2
1nJnek9tzGgNGI04KvtIdNgp4SnVjFqe/fKfVk6hVjiQINFlIjHQ+suXJEZuJzKU
xk0UWhB8KP4lWVFwVDRaG49b6wNck8Qat/VU3L97AGHOmVHhaJeYO30wba7yiTFn
bpDOAJeSNFSv6xc/SDoKU4VPzFjHjEEG99nm3vbi/ffG3C88akSJC1l4bZoz9eS2
2gS3xisgrBTegHTYikbWyDUQNmnrGVc3nLY2p8G1csOVHcmU1WqrmjJO28AP0+F7
eqyDTxJJGHKS9c8NFcxflrjYZBA59gjAhADOklkCCmZhp0kTyH7dNHjGBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE51GvSJOTCBGRcgD2+dbd5RM05cMB8GA1UdIwQY
MBaAFDJJR8Cuzv6H+duW5bRb6xCuuYemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYt
YzM2MmQyYTllMTIxLzEvVG5VYTlJazVNSUVaRnlBUGI1MXQzbEV6VGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYtYzM2MmQyYTllMTIx
LzEvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+iCAwQC
uUSgAwQBwamKMA0EAgACMAcDBQAqAyxgMA0GCSqGSIb3DQEBCwUAA4IBAQDTF+5F
p8MZz9g2HvLDkE04tAgrO+5gmqeyCugGyEjhqfhUdO5Ar7Q24lCv94rf006+CH/O
oO6VO7kfndWOChIMIDNaRo14+T7wL+GTud8i+3Z9oBB3X6WsPC+ZzYdx4aSGhkAZ
pDdJs0DPC+9A3Z/3QQjsrPk5YXxkiUSiwzIz8RlZL6HfQtgbtcidRcAuPD08a/lZ
Uq8L+3Hl1gsU2q775S/LfBpCNEuEgePykFHAMmpSRuf63f32t0ltn3DQNtl8u+4c
tm40IEO7jt6vW+QbQih0LPHMTyLq3HISJMwUhWbcnGZ1qaZ7M7+oGYyB8Mof9Kor
OUPIpPEsYnUqhb/8
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:51:16 2025 by rpki-client