Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/on-RtWMULYhntqitPVzhY7lgnl8.roa
File: on-RtWMULYhntqitPVzhY7lgnl8.roa (raw, json)
Hash identifier: N1GhLpfbUDUJ0gIZbjVbPi/X8FRKHkZMNhXw3o2Pm+8=
Subject key identifier: A2:7F:91:B5:63:14:2D:88:67:B6:A8:AD:3D:5C:E1:63:B9:60:9E:5F
Certificate issuer: /CN=25dd9b849c0dafae386f470123b09261ae355517
Certificate serial: 0194266A063D83B3CF568F0CC76847FA00EE
Authority key identifier: 25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/on-RtWMULYhntqitPVzhY7lgnl8.roa
Signing time: Thu 02 Jan 2025 09:47:50 +0000
ROA not before: Thu 02 Jan 2025 09:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51323
IP address blocks: 91.203.104.0/24 maxlen: 24
185.31.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:06:3d:83:b3:cf:56:8f:0c:c7:68:47:fa:00:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25dd9b849c0dafae386f470123b09261ae355517
Validity
Not Before: Jan 2 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a27f91b563142d8867b6a8ad3d5ce163b9609e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3a:dc:02:64:5c:2d:86:61:76:30:cb:bb:1f:
ba:64:46:09:a2:72:4b:5c:c5:2e:01:b8:37:9f:b4:
3d:22:09:fe:9b:41:78:26:18:c4:9c:9d:10:87:f7:
d4:62:94:69:e6:08:a1:e9:f6:55:68:a8:c1:4f:be:
12:06:98:81:a6:ad:36:29:bd:6c:c0:ae:af:cb:ee:
9f:0d:cf:f4:ce:2a:d5:e5:86:3f:8b:01:fd:e2:b5:
c7:0f:78:b3:2a:e8:8d:ae:e8:76:5a:44:01:fb:29:
ef:cb:d5:cd:a2:4a:df:63:09:b5:52:5e:04:58:2d:
ae:18:d3:24:de:4e:b2:1f:8e:3a:ab:c4:36:6f:52:
f5:bc:95:19:bb:47:6a:ca:01:60:fe:b1:66:00:19:
63:35:b2:14:2a:c6:e6:a9:8e:95:bd:e3:3b:34:98:
27:f2:7c:e7:5a:89:27:34:bd:5c:40:05:3e:0e:05:
f9:3c:e2:7b:3d:35:89:6f:d6:ba:cb:67:36:07:57:
93:5b:74:00:3f:7d:4b:3e:8c:bf:b8:8f:76:3b:ed:
1a:5e:f8:a1:81:e4:9f:01:92:fc:fe:e6:12:74:1d:
a3:fb:f1:14:23:25:65:17:78:2e:00:96:76:76:4e:
d5:ee:33:d9:8a:c8:43:73:8c:b8:89:e1:9b:17:7b:
6d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7F:91:B5:63:14:2D:88:67:B6:A8:AD:3D:5C:E1:63:B9:60:9E:5F
X509v3 Authority Key Identifier:
keyid:25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/on-RtWMULYhntqitPVzhY7lgnl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/Jd2bhJwNr644b0cBI7CSYa41VRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.104.0/24
185.31.88.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:c5:25:84:ce:27:15:c8:57:d3:f7:8f:7d:09:ad:5f:48:1b:
19:28:73:0f:99:90:fe:ad:aa:6b:fb:53:87:75:aa:ba:f0:28:
fa:32:d1:a1:10:b6:26:b5:6e:ab:63:75:1a:e6:d1:03:4b:6d:
12:9b:65:71:d7:cc:36:7e:2b:de:85:b6:4a:94:20:81:23:ff:
9e:d6:a6:87:0c:f0:bc:e4:24:e9:07:7b:78:6e:44:56:86:af:
82:fb:40:1e:47:b8:76:1a:99:7b:50:6f:99:f1:dc:c2:1c:91:
69:c0:ec:57:aa:2c:c7:80:2e:a9:9e:90:cd:eb:67:47:8c:e6:
3f:30:1b:08:15:15:4b:4f:6c:4d:d6:ad:75:ef:d6:27:65:38:
95:09:2e:dd:9e:fa:a2:bd:07:51:36:af:0d:6d:46:c6:d7:d6:
b1:e4:27:dd:75:1a:a9:27:b0:eb:73:f5:99:b9:fd:c4:93:06:
f9:06:1d:49:4b:41:f0:b9:9e:27:d7:ac:f2:49:5a:a6:1f:3f:
aa:9b:4f:ca:28:4e:ff:0e:5c:69:b3:b4:83:9f:5c:6e:a7:56:
f7:11:70:00:b4:28:7a:f4:d5:48:ba:9d:7c:d7:6c:5b:33:f8:
f9:57:7d:ef:bb:f9:93:58:44:71:bd:c6:d1:63:53:d7:d5:22:
a1:a8:c7:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmagY9g7PPVo8Mx2hH+gDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZGQ5Yjg0OWMwZGFmYWUzODZmNDcwMTIzYjA5MjYxYWUz
NTU1MTcwHhcNMjUwMTAyMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdmOTFiNTYzMTQyZDg4NjdiNmE4YWQzZDVjZTE2M2I5NjA5ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zrcAmRcLYZhdjDLux+6ZEYJonJL
XMUuAbg3n7Q9Ign+m0F4JhjEnJ0Qh/fUYpRp5gih6fZVaKjBT74SBpiBpq02Kb1s
wK6vy+6fDc/0zirV5YY/iwH94rXHD3izKuiNruh2WkQB+ynvy9XNokrfYwm1Ul4E
WC2uGNMk3k6yH446q8Q2b1L1vJUZu0dqygFg/rFmABljNbIUKsbmqY6VveM7NJgn
8nznWoknNL1cQAU+DgX5POJ7PTWJb9a6y2c2B1eTW3QAP31LPoy/uI92O+0aXvih
geSfAZL8/uYSdB2j+/EUIyVlF3guAJZ2dk7V7jPZishDc4y4ieGbF3ttWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJ/kbVjFC2IZ7aorT1c4WO5YJ5fMB8GA1UdIwQY
MBaAFCXdm4ScDa+uOG9HASOwkmGuNVUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUt
N2ZmZDVjNTUwMzg1LzEvb24tUnRXTVVMWWhudHFpdFBWemhZN2xnbmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUtN2ZmZDVjNTUwMzg1
LzEvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8toAwQC
uR9YMA0GCSqGSIb3DQEBCwUAA4IBAQAaxSWEzicVyFfT9499Ca1fSBsZKHMPmZD+
rapr+1OHdaq68Cj6MtGhELYmtW6rY3Ua5tEDS20Sm2Vx18w2fivehbZKlCCBI/+e
1qaHDPC85CTpB3t4bkRWhq+C+0AeR7h2Gpl7UG+Z8dzCHJFpwOxXqizHgC6pnpDN
62dHjOY/MBsIFRVLT2xN1q1179YnZTiVCS7dnvqivQdRNq8NbUbG19ax5CfddRqp
J7Drc/WZuf3Ekwb5Bh1JS0HwuZ4n16zySVqmHz+qm0/KKE7/Dlxps7SDn1xup1b3
EXAAtCh69NVIup1812xbM/j5V33vu/mTWERxvcbRY1PX1SKhqMe/
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:53:40 2025 by rpki-client