Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/tSYSYm63yj3qobuZYMSr1LAsH4E.roa
File: tSYSYm63yj3qobuZYMSr1LAsH4E.roa (raw, json)
Hash identifier: e9vbUkUz5x9f5ya8J4QgHE0l9ibgPIgGHQ86whMQdU8=
Subject key identifier: B5:26:12:62:6E:B7:CA:3D:EA:A1:BB:99:60:C4:AB:D4:B0:2C:1F:81
Certificate issuer: /CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Certificate serial: 01941FFA178A49E085F45AC08D6312FE0139
Authority key identifier: C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/tSYSYm63yj3qobuZYMSr1LAsH4E.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 91.223.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:17:8a:49:e0:85:f4:5a:c0:8d:63:12:fe:01:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b52612626eb7ca3deaa1bb9960c4abd4b02c1f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:3f:d2:fd:cb:8f:bc:0c:83:1d:e0:52:f0:
64:47:33:10:45:49:b7:f1:be:07:15:19:39:84:38:
fc:d2:50:1f:2c:36:8a:05:17:e6:9b:3e:1c:ea:cc:
0d:dd:d4:99:ec:2e:b7:d4:db:1b:9e:05:4a:3e:37:
08:93:f9:22:09:fe:36:2d:ee:a6:bf:00:c9:35:6d:
a0:ae:b3:ab:d2:2f:91:5d:1b:5c:ac:90:00:e2:6d:
7d:1a:e7:9a:a2:03:f4:6f:e8:67:ea:83:51:00:08:
da:21:e3:9a:8c:24:38:34:04:d1:91:4d:ab:3e:51:
73:90:82:e6:fb:63:79:55:2f:aa:d5:e1:37:93:24:
fe:71:50:0f:9c:14:6a:89:4e:d5:23:fd:70:5d:b0:
2e:48:1c:e4:9d:fe:8a:92:1a:ae:36:24:fd:5c:58:
9d:d9:3d:44:ba:33:84:f0:8d:f6:a1:6e:68:ad:6c:
33:e8:e2:12:c3:39:17:41:5f:46:53:a6:1c:69:00:
92:14:1a:e9:2a:e2:04:93:14:1b:f0:e3:52:d2:38:
2a:61:72:ca:cf:0b:1a:f8:88:2f:c2:8f:e7:78:95:
a6:3b:aa:95:cc:90:55:cc:43:02:2d:8a:fe:01:59:
57:01:a8:af:0c:df:e9:fe:9a:fc:8d:af:5d:5f:19:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:26:12:62:6E:B7:CA:3D:EA:A1:BB:99:60:C4:AB:D4:B0:2C:1F:81
X509v3 Authority Key Identifier:
keyid:C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/tSYSYm63yj3qobuZYMSr1LAsH4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.56.0/24
Signature Algorithm: sha256WithRSAEncryption
85:75:88:f0:50:a2:a7:58:b8:b3:9a:51:af:61:df:82:a5:5e:
64:1c:6a:10:c1:80:9f:63:d1:c0:68:9d:37:40:17:bb:d7:58:
d4:b8:36:53:12:17:e0:38:68:76:d3:d0:2d:4d:3d:cd:f4:ea:
2b:68:cb:d1:1c:6e:33:f1:ac:73:2e:50:57:b2:4d:03:ab:a5:
20:0c:26:a6:80:d3:70:e5:2d:d1:44:4c:ae:ad:70:ab:9d:fd:
58:19:cf:ce:d4:73:bd:8b:e9:be:46:1d:e8:5c:11:09:da:2b:
66:44:bb:37:03:29:68:de:70:e2:fa:84:a8:3c:7a:57:c0:d0:
1e:ba:1d:48:01:b3:ee:48:82:78:6d:23:40:84:8c:95:e7:03:
79:05:02:e4:d9:b7:4e:fe:71:fb:cd:a6:b1:5a:5e:47:db:31:
8d:48:35:c5:7a:a3:4b:32:d4:4a:df:ae:94:1a:d2:c0:86:92:
4b:14:0c:75:d3:37:e7:db:e1:39:e9:32:4c:eb:e6:1d:e7:04:
1a:f7:e9:41:13:92:6f:ef:db:c4:62:b8:9c:72:e3:ba:e5:5c:
b0:ce:21:2e:32:53:79:96:d9:c9:c9:2c:8c:20:4f:1e:5f:a5:
9a:0d:f8:2c:70:b3:e7:ac:86:4c:a1:e2:0c:70:6b:da:e2:6e:
0d:8b:5b:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+heKSeCF9FrAjWMS/gE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzRiM2FlNTlkOTgxZjI1MGNjODdkYWI1OTc4NTRhYmVk
N2EzMDAwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI2MTI2MjZlYjdjYTNkZWFhMWJiOTk2MGM0YWJkNGIwMmMxZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTg/0v3Lj7wMgx3gUvBkRzMQRUm3
8b4HFRk5hDj80lAfLDaKBRfmmz4c6swN3dSZ7C631NsbngVKPjcIk/kiCf42Le6m
vwDJNW2grrOr0i+RXRtcrJAA4m19GueaogP0b+hn6oNRAAjaIeOajCQ4NATRkU2r
PlFzkILm+2N5VS+q1eE3kyT+cVAPnBRqiU7VI/1wXbAuSBzknf6KkhquNiT9XFid
2T1EujOE8I32oW5orWwz6OISwzkXQV9GU6YcaQCSFBrpKuIEkxQb8ONS0jgqYXLK
zwsa+Igvwo/neJWmO6qVzJBVzEMCLYr+AVlXAaivDN/p/pr8ja9dXxmbBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUmEmJut8o96qG7mWDEq9SwLB+BMB8GA1UdIwQY
MBaAFMXEs65Z2YHyUMyH2rWXhUq+16MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYt
ZWRkZjUyN2U4ZjJkLzEvdFNZU1ltNjN5ajNxb2J1WllNU3IxTEFzSDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYtZWRkZjUyN2U4ZjJk
LzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW984MA0G
CSqGSIb3DQEBCwUAA4IBAQCFdYjwUKKnWLizmlGvYd+CpV5kHGoQwYCfY9HAaJ03
QBe711jUuDZTEhfgOGh209AtTT3N9OoraMvRHG4z8axzLlBXsk0Dq6UgDCamgNNw
5S3RREyurXCrnf1YGc/O1HO9i+m+Rh3oXBEJ2itmRLs3Aylo3nDi+oSoPHpXwNAe
uh1IAbPuSIJ4bSNAhIyV5wN5BQLk2bdO/nH7zaaxWl5H2zGNSDXFeqNLMtRK366U
GtLAhpJLFAx10zfn2+E56TJM6+Yd5wQa9+lBE5Jv79vEYriccuO65VywziEuMlN5
ltnJySyMIE8eX6WaDfgscLPnrIZMoeIMcGva4m4Ni1tt
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:09:13 2025 by rpki-client