Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/a4447c-4cf2-41ca-8851-41ace195803a/1/bm8ink1EnYeZoE7eF0O4NwMqDE8.roa
File: bm8ink1EnYeZoE7eF0O4NwMqDE8.roa (raw, json)
Hash identifier: ybm88hkKSlN5zUNNYgkBe2I5P6bnL+MMj8/tMIJfo60=
Subject key identifier: 6E:6F:22:9E:4D:44:9D:87:99:A0:4E:DE:17:43:B8:37:03:2A:0C:4F
Certificate issuer: /CN=9ab6e9b933bd0cc90c5992446f8ac84726916b1a
Certificate serial: 019424B2BE444D943C57C9806543E273CBE2
Authority key identifier: 9A:B6:E9:B9:33:BD:0C:C9:0C:59:92:44:6F:8A:C8:47:26:91:6B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrbpuTO9DMkMWZJEb4rIRyaRaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/a4447c-4cf2-41ca-8851-41ace195803a/1/bm8ink1EnYeZoE7eF0O4NwMqDE8.roa
Signing time: Thu 02 Jan 2025 01:48:01 +0000
ROA not before: Thu 02 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198984
IP address blocks: 91.199.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:be:44:4d:94:3c:57:c9:80:65:43:e2:73:cb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab6e9b933bd0cc90c5992446f8ac84726916b1a
Validity
Not Before: Jan 2 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6f229e4d449d8799a04ede1743b837032a0c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d2:e5:ef:19:bc:95:d6:08:b0:38:51:db:84:
d7:81:72:92:7f:b9:fa:51:55:f2:63:98:10:c2:7c:
3d:9c:d6:e5:c2:a3:be:e5:bc:70:c2:f0:7f:df:00:
94:65:31:88:1d:63:67:35:5b:3e:62:32:aa:ca:da:
07:99:a4:17:4b:4b:b4:db:81:d2:01:9d:6e:60:4f:
51:c8:0e:70:ce:bd:fe:c6:ec:df:a6:46:a6:46:ec:
a3:96:2b:7f:d7:77:04:09:2b:09:12:84:54:f4:db:
8d:5a:96:35:3b:73:c6:65:ca:d9:a1:32:fd:38:54:
f2:74:c2:49:73:c4:b8:11:d9:de:85:10:fd:6e:30:
14:7e:47:75:10:95:a0:38:5a:e7:9e:1a:a4:8f:3f:
d7:42:c4:e2:19:da:d7:a5:5b:91:4d:f2:b4:1d:e8:
bf:0a:41:7c:e6:9c:c0:89:dc:49:bd:3b:5e:ef:10:
bf:11:a9:8e:de:79:a4:e8:a6:2a:05:86:46:b5:39:
4a:13:3f:92:00:6b:57:08:19:cd:3f:fb:2c:dc:3c:
57:2b:ba:2d:3b:ca:82:72:73:23:e0:a9:0d:da:da:
90:56:f5:37:1c:35:3d:f5:90:ec:9f:67:ea:77:63:
2e:b7:e0:f5:61:ef:12:10:37:d3:13:10:22:3b:62:
06:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6F:22:9E:4D:44:9D:87:99:A0:4E:DE:17:43:B8:37:03:2A:0C:4F
X509v3 Authority Key Identifier:
keyid:9A:B6:E9:B9:33:BD:0C:C9:0C:59:92:44:6F:8A:C8:47:26:91:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrbpuTO9DMkMWZJEb4rIRyaRaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a4447c-4cf2-41ca-8851-41ace195803a/1/bm8ink1EnYeZoE7eF0O4NwMqDE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a4447c-4cf2-41ca-8851-41ace195803a/1/mrbpuTO9DMkMWZJEb4rIRyaRaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:fa:99:e6:db:f1:2a:44:b2:65:2c:ed:c8:1e:7b:6c:89:31:
12:ab:c3:f5:ac:2d:21:f7:e8:af:3f:2e:7f:82:2f:c1:c4:ed:
2c:38:20:25:09:4c:dc:1b:3e:7a:68:90:77:4a:6c:1a:a4:2d:
7b:84:0a:53:a9:a0:99:de:1f:51:a9:2f:40:fa:51:7e:2c:c6:
86:bf:05:63:2d:d2:c2:c2:f3:64:87:92:f9:c0:12:17:d8:ec:
e4:1b:1d:e2:d1:74:ba:a6:f3:f3:56:0b:2b:cb:cf:6a:ba:7e:
e4:71:a8:5c:c5:b7:14:c9:aa:02:89:cb:f5:13:f7:a8:25:d5:
9a:e4:03:4b:2d:d0:d2:1e:c4:67:3a:20:2d:b7:c7:56:81:5f:
5c:48:b3:21:64:b9:a8:c1:44:8b:ec:14:2e:23:87:83:a1:53:
4f:a9:8f:94:b4:18:ef:86:14:f6:52:0c:01:5d:e9:b6:bc:1c:
39:f3:95:c4:7f:ed:30:74:aa:e0:d2:e8:26:0b:d2:ab:e7:37:
bf:84:53:65:d4:cc:50:bf:d3:f1:8e:89:db:11:57:e0:03:bc:
de:90:87:a7:ee:62:b7:3d:4d:ae:08:c8:0f:0c:99:52:70:09:
55:6d:6e:4a:cb:a3:d9:29:a9:f5:69:b4:af:cd:e4:8a:54:33:
75:42:34:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksr5ETZQ8V8mAZUPic8viMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYjZlOWI5MzNiZDBjYzkwYzU5OTI0NDZmOGFjODQ3MjY5
MTZiMWEwHhcNMjUwMTAyMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZmMjI5ZTRkNDQ5ZDg3OTlhMDRlZGUxNzQzYjgzNzAzMmEwYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNLl7xm8ldYIsDhR24TXgXKSf7n6
UVXyY5gQwnw9nNblwqO+5bxwwvB/3wCUZTGIHWNnNVs+YjKqytoHmaQXS0u024HS
AZ1uYE9RyA5wzr3+xuzfpkamRuyjlit/13cECSsJEoRU9NuNWpY1O3PGZcrZoTL9
OFTydMJJc8S4EdnehRD9bjAUfkd1EJWgOFrnnhqkjz/XQsTiGdrXpVuRTfK0Hei/
CkF85pzAidxJvTte7xC/EamO3nmk6KYqBYZGtTlKEz+SAGtXCBnNP/ss3DxXK7ot
O8qCcnMj4KkN2tqQVvU3HDU99ZDsn2fqd2Mut+D1Ye8SEDfTExAiO2IG/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5vIp5NRJ2HmaBO3hdDuDcDKgxPMB8GA1UdIwQY
MBaAFJq26bkzvQzJDFmSRG+KyEcmkWsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXJicHVUTzlETWtNV1pKRWI0cklSeWFSYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hNDQ0N2MtNGNmMi00MWNhLTg4NTEt
NDFhY2UxOTU4MDNhLzEvYm04aW5rMUVuWWVab0U3ZUYwTzROd01xREU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hNDQ0N2MtNGNmMi00MWNhLTg4NTEtNDFhY2UxOTU4MDNh
LzEvbXJicHVUTzlETWtNV1pKRWI0cklSeWFSYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8cMMA0G
CSqGSIb3DQEBCwUAA4IBAQBP+pnm2/EqRLJlLO3IHntsiTESq8P1rC0h9+ivPy5/
gi/BxO0sOCAlCUzcGz56aJB3SmwapC17hApTqaCZ3h9RqS9A+lF+LMaGvwVjLdLC
wvNkh5L5wBIX2OzkGx3i0XS6pvPzVgsry89qun7kcahcxbcUyaoCicv1E/eoJdWa
5ANLLdDSHsRnOiAtt8dWgV9cSLMhZLmowUSL7BQuI4eDoVNPqY+UtBjvhhT2UgwB
Xem2vBw585XEf+0wdKrg0ugmC9Kr5ze/hFNl1MxQv9PxjonbEVfgA7zekIen7mK3
PU2uCMgPDJlScAlVbW5Ky6PZKan1abSvzeSKVDN1QjRd
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:23:11 2025 by rpki-client