Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/_mz1bO9qw-mR0ZWQodW0gDxX-XU.roa
File: _mz1bO9qw-mR0ZWQodW0gDxX-XU.roa (raw, json)
Hash identifier: EIXfCvhzf7KTxjdRcM1VzT/2S7P1xIG9PsfWTukoty4=
Subject key identifier: FE:6C:F5:6C:EF:6A:C3:E9:91:D1:95:90:A1:D5:B4:80:3C:57:F9:75
Certificate issuer: /CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Certificate serial: 01941F8C2C976DF36E4E029ECBDF33A64D8D
Authority key identifier: F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/_mz1bO9qw-mR0ZWQodW0gDxX-XU.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43164
IP address blocks: 91.198.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2c:97:6d:f3:6e:4e:02:9e:cb:df:33:a6:4d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe6cf56cef6ac3e991d19590a1d5b4803c57f975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8b:b4:86:3c:db:1d:1f:c7:58:7f:aa:03:eb:
ab:3a:db:b9:0d:46:a8:ef:2e:4d:00:4c:fa:95:13:
df:0a:43:98:a0:95:bd:ba:ad:d2:a2:ab:55:2e:20:
8a:60:b7:8a:09:9d:c1:26:c8:55:e1:09:97:8a:14:
7c:6c:2a:6a:c6:fe:be:ed:ec:4f:10:67:95:82:ed:
37:8a:ac:94:61:e5:24:e6:e4:a2:24:c1:45:1a:16:
70:ba:41:34:a0:9a:8e:de:81:97:fa:f6:53:31:f3:
84:f0:a9:2d:eb:70:6b:e5:a1:97:e9:08:6c:3c:5c:
f1:f6:95:a0:e8:06:df:ef:97:c3:bb:b7:10:c9:a4:
69:56:3b:59:de:58:b8:de:fc:10:36:54:ab:77:2d:
69:0c:1a:2f:cc:71:1b:11:87:dc:89:4c:92:ba:c4:
1f:fe:92:0a:4d:41:ea:16:d3:db:e0:91:1e:39:ce:
1a:2f:e6:d6:86:5c:d3:6b:9a:19:0c:ee:9d:28:4b:
59:da:b1:f1:1f:37:df:8e:32:8b:36:4b:a9:d9:8e:
e9:7b:67:b8:3a:46:79:6e:75:3c:3d:d6:60:ec:e1:
a3:7c:df:cb:02:0b:d7:ac:cb:57:8b:f6:6a:55:2e:
91:85:18:b3:d3:d9:d2:de:87:07:68:b0:77:2d:5d:
1e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:6C:F5:6C:EF:6A:C3:E9:91:D1:95:90:A1:D5:B4:80:3C:57:F9:75
X509v3 Authority Key Identifier:
keyid:F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/_mz1bO9qw-mR0ZWQodW0gDxX-XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/1-F0E5sULqQb5rBHC51vz9dEEKmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.0.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e2:89:db:37:5a:d1:02:17:7d:af:22:02:5a:eb:3b:44:2f:
9d:e9:68:7d:dd:af:21:e5:3d:ff:4a:68:96:45:09:7b:50:3c:
f4:31:13:46:8b:01:de:0a:e0:3c:0a:05:9c:04:42:b3:4f:29:
30:9b:12:e4:67:fc:59:e8:35:88:ab:77:6e:b6:51:7c:85:9d:
77:57:25:46:ab:5f:e6:32:a1:38:bb:bc:f4:aa:19:66:be:b4:
a0:64:6b:e8:53:05:2c:8a:0a:8f:ca:f8:c0:e6:12:38:e5:6f:
be:fe:d3:5f:dd:38:4e:f8:e0:e1:83:90:ee:58:96:4a:d2:46:
76:4f:fd:12:9c:6f:0e:cd:b0:25:da:4d:ed:c2:a3:88:52:22:
b5:34:32:0b:5a:65:a7:4b:ec:c8:3c:13:98:fd:cb:90:d4:d7:
8a:44:8c:32:50:71:28:05:4f:22:c6:1d:76:3f:ef:9c:c8:23:
88:77:0f:51:e9:4a:12:49:37:2e:b0:a1:1c:f9:83:39:f5:bb:
c4:0f:dd:8a:cd:f7:7f:9b:e9:b6:d8:f1:97:d4:32:06:f7:7f:
1c:f8:29:ae:a5:73:61:a2:89:63:84:d8:8a:f1:69:40:b7:ec:
4c:a8:de:6c:f7:1b:cf:a2:3c:ce:0e:d2:3b:3c:9d:4f:24:3c:
05:c3:1c:c3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjCyXbfNuTgKey98zpk2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NWQwNGU2YzUwYmE5MDZmOWFjMTFjMmU3NWJmM2Y1ZDEw
NDJhNjIwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTZjZjU2Y2VmNmFjM2U5OTFkMTk1OTBhMWQ1YjQ4MDNjNTdmOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArou0hjzbHR/HWH+qA+urOtu5DUao
7y5NAEz6lRPfCkOYoJW9uq3SoqtVLiCKYLeKCZ3BJshV4QmXihR8bCpqxv6+7exP
EGeVgu03iqyUYeUk5uSiJMFFGhZwukE0oJqO3oGX+vZTMfOE8Kkt63Br5aGX6Qhs
PFzx9pWg6Abf75fDu7cQyaRpVjtZ3li43vwQNlSrdy1pDBovzHEbEYfciUySusQf
/pIKTUHqFtPb4JEeOc4aL+bWhlzTa5oZDO6dKEtZ2rHxHzffjjKLNkup2Y7pe2e4
OkZ5bnU8PdZg7OGjfN/LAgvXrMtXi/ZqVS6RhRiz09nS3ocHaLB3LV0e5wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP5s9WzvasPpkdGVkKHVtIA8V/l1MB8GA1UdIwQY
MBaAFPhdBObFC6kG+awRwudb8/XRBCpiMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GMEU1c1VMcVFiNXJCSEM1MXZ6OWRFRUttSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvZTNhYTMxLTk2NGYtNGE4MS1iY2Vl
LWRlOGMyNjIwMmIxNy8xL19tejFiTzlxdy1tUjBaV1FvZFcwZ0R4WC1YVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvZTNhYTMxLTk2NGYtNGE4MS1iY2VlLWRlOGMyNjIwMmIx
Ny8xLzEtRjBFNXNVTHFRYjVyQkhDNTF2ejlkRUVLbUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbxgAw
DQYJKoZIhvcNAQELBQADggEBAHriids3WtECF32vIgJa6ztEL53paH3dryHlPf9K
aJZFCXtQPPQxE0aLAd4K4DwKBZwEQrNPKTCbEuRn/FnoNYird262UXyFnXdXJUar
X+YyoTi7vPSqGWa+tKBka+hTBSyKCo/K+MDmEjjlb77+01/dOE744OGDkO5YlkrS
RnZP/RKcbw7NsCXaTe3Co4hSIrU0MgtaZadL7Mg8E5j9y5DU14pEjDJQcSgFTyLG
HXY/75zII4h3D1HpShJJNy6woRz5gzn1u8QP3YrN93+b6bbY8ZfUMgb3fxz4Ka6l
c2GiiWOE2IrxaUC37Eyo3mz3G8+iPM4O0js8nU8kPAXDHMM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:45:52 2025 by rpki-client