Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/aHRmXP7rOhW5b0_ChkibljQ32q4.roa
File: aHRmXP7rOhW5b0_ChkibljQ32q4.roa (raw, json)
Hash identifier: T5y3LNiPd6ixiV1aW5ySaidO4jWDcaXEXf35DBj0+Xo=
Subject key identifier: 68:74:66:5C:FE:EB:3A:15:B9:6F:4F:C2:86:48:9B:96:34:37:DA:AE
Certificate issuer: /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Certificate serial: 019420D626B770052D4B338F139B9041EFBC
Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/aHRmXP7rOhW5b0_ChkibljQ32q4.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41893
IP address blocks: 91.143.240.0/24 maxlen: 24
91.143.241.0/24 maxlen: 24
91.143.242.0/24 maxlen: 24
91.143.243.0/24 maxlen: 24
91.143.244.0/24 maxlen: 24
91.143.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:26:b7:70:05:2d:4b:33:8f:13:9b:90:41:ef:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6874665cfeeb3a15b96f4fc286489b963437daae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:23:fa:39:de:a5:09:b4:62:26:b8:e8:26:0f:
90:43:1e:a0:b2:4f:c9:78:16:4e:1c:b6:ad:b5:66:
e3:38:4a:24:63:86:3e:63:23:b2:25:d1:4c:70:d9:
f2:54:16:cc:10:38:42:d4:ac:d6:a5:e4:f0:7e:01:
25:28:2d:4e:f4:11:22:18:af:71:db:61:49:c4:cd:
66:25:35:e0:85:8e:9e:90:fe:e9:36:99:91:db:de:
b4:b3:0a:9c:6d:aa:a7:88:cf:46:00:b2:1e:c7:58:
2e:d3:30:5d:1c:b0:e6:fc:d1:30:59:92:da:23:93:
ca:6f:fb:8d:51:7e:8f:a7:9d:fc:ff:14:85:79:77:
80:1a:36:e3:1c:89:5c:fd:c6:fb:26:e5:6d:d6:f2:
34:bb:3b:25:00:53:c7:1e:9e:8f:6f:54:26:af:ea:
bb:ae:6d:f3:ba:38:36:b8:85:25:11:a6:90:a6:42:
0b:5b:de:76:ed:63:a2:8f:62:04:d5:2e:0c:6f:00:
d5:43:dd:94:3b:4c:23:cd:36:e1:a6:a1:40:7b:a2:
ac:5d:1a:ea:39:ae:e8:9d:0d:15:27:41:1a:75:32:
d7:82:08:bd:9a:31:05:81:de:5f:fc:7d:fd:db:fa:
ab:b6:17:54:3a:9a:d9:50:6c:34:fb:a9:1a:c2:12:
00:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:74:66:5C:FE:EB:3A:15:B9:6F:4F:C2:86:48:9B:96:34:37:DA:AE
X509v3 Authority Key Identifier:
keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/aHRmXP7rOhW5b0_ChkibljQ32q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.143.240.0-91.143.245.255
Signature Algorithm: sha256WithRSAEncryption
01:36:63:5f:9f:3d:93:e5:2c:7c:da:48:4e:89:3a:39:2f:84:
23:b3:cd:c3:e3:2c:a7:fd:22:42:a4:9b:de:bd:29:8c:c5:93:
d0:6e:d9:07:02:72:7c:0e:16:95:0b:4d:58:4c:84:b8:d1:d8:
2e:0b:b6:17:43:2c:61:f3:c1:69:8e:7a:e9:dd:05:64:69:54:
f5:04:95:62:a7:77:ae:26:ab:af:49:ae:b6:7a:70:b6:e9:6d:
56:b9:62:de:ac:19:c2:96:bd:2c:3b:71:e7:8d:da:ed:9d:84:
ad:76:85:3d:12:16:5a:23:c7:d3:71:f5:76:fb:8c:08:e5:84:
d0:2d:03:26:0e:bb:32:c4:32:18:c9:cf:96:cb:f9:92:ee:16:
7d:99:25:0e:f9:df:30:24:d2:dc:5d:ea:72:9e:5c:6b:92:1d:
95:35:9c:37:2f:1f:c5:e7:8b:64:71:d4:2c:d6:b7:c8:94:24:
72:de:76:dd:2f:f5:22:2c:9b:12:6b:8b:6b:2f:2f:12:79:2e:
48:b5:76:55:46:a6:35:0a:d3:10:7f:93:d2:aa:8f:c3:83:5d:
b3:ad:bd:ea:10:62:fc:53:c6:c2:85:35:1b:aa:ce:e0:2a:04:
1f:a6:a5:e7:67:57:90:37:39:34:71:6c:2c:0a:af:ed:63:b3:
7a:dc:8e:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQg1ia3cAUtSzOPE5uQQe+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2NmMWYzNGUyZjAxMGI5MDJkYzE0MjQ1NWI2YmI3MzI2
Y2YwOGQwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc0NjY1Y2ZlZWIzYTE1Yjk2ZjRmYzI4NjQ4OWI5NjM0MzdkYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SP6Od6lCbRiJrjoJg+QQx6gsk/J
eBZOHLattWbjOEokY4Y+YyOyJdFMcNnyVBbMEDhC1KzWpeTwfgElKC1O9BEiGK9x
22FJxM1mJTXghY6ekP7pNpmR2960swqcbaqniM9GALIex1gu0zBdHLDm/NEwWZLa
I5PKb/uNUX6Pp538/xSFeXeAGjbjHIlc/cb7JuVt1vI0uzslAFPHHp6Pb1Qmr+q7
rm3zujg2uIUlEaaQpkILW9527WOij2IE1S4MbwDVQ92UO0wjzTbhpqFAe6KsXRrq
Oa7onQ0VJ0EadTLXggi9mjEFgd5f/H392/qrthdUOprZUGw0+6kawhIAHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGh0Zlz+6zoVuW9PwoZIm5Y0N9quMB8GA1UdIwQY
MBaAFCZ88fNOLwELkC3BQkVba7cybPCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgt
MDExYjQ1MWI0NWI0LzEvYUhSbVhQN3JPaFc1YjBfQ2hraWJsalEzMnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgtMDExYjQ1MWI0NWI0
LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARbj/AD
BAFbj/QwDQYJKoZIhvcNAQELBQADggEBAAE2Y1+fPZPlLHzaSE6JOjkvhCOzzcPj
LKf9IkKkm969KYzFk9Bu2QcCcnwOFpULTVhMhLjR2C4LthdDLGHzwWmOeundBWRp
VPUElWKnd64mq69JrrZ6cLbpbVa5Yt6sGcKWvSw7ceeN2u2dhK12hT0SFlojx9Nx
9Xb7jAjlhNAtAyYOuzLEMhjJz5bL+ZLuFn2ZJQ753zAk0txd6nKeXGuSHZU1nDcv
H8Xni2Rx1CzWt8iUJHLedt0v9SIsmxJri2svLxJ5Lki1dlVGpjUK0xB/k9Kqj8OD
XbOtveoQYvxTxsKFNRuqzuAqBB+mpednV5A3OTRxbCwKr+1js3rcjgo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:36:33 2025 by rpki-client