Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/MluEItNzhsZo0KlEkHW2gGjFsZA.roa
File: MluEItNzhsZo0KlEkHW2gGjFsZA.roa (raw, json)
Hash identifier: hoWRhUtEL622AwT/94vc4oZQjrwHDprmF8UFYzmZ0qI=
Subject key identifier: 32:5B:84:22:D3:73:86:C6:68:D0:A9:44:90:75:B6:80:68:C5:B1:90
Certificate issuer: /CN=637104d927e7e1ef8febbffddf28145495011094
Certificate serial: 01942067F6D753AB13DD44EECCDF543243EE
Authority key identifier: 63:71:04:D9:27:E7:E1:EF:8F:EB:BF:FD:DF:28:14:54:95:01:10:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/MluEItNzhsZo0KlEkHW2gGjFsZA.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198975
IP address blocks: 91.240.130.0/24 maxlen: 24
91.240.136.0/22 maxlen: 22
91.240.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f6:d7:53:ab:13:dd:44:ee:cc:df:54:32:43:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637104d927e7e1ef8febbffddf28145495011094
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=325b8422d37386c668d0a9449075b68068c5b190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e6:86:ac:5f:69:0f:44:8b:bc:df:bb:5a:9d:
0a:c2:c1:5f:aa:59:41:4f:9d:0c:1e:06:76:34:3a:
3d:ff:4a:3e:df:ba:1c:aa:5a:62:4d:bd:aa:09:b2:
ff:2b:dc:7f:7f:22:4b:df:5c:89:a0:6d:3b:3a:84:
5b:73:fc:aa:ae:dd:b2:0e:2b:b5:b4:ce:8c:54:05:
35:6e:19:7b:3f:e6:de:68:48:cf:b1:b1:63:4d:69:
90:d1:bb:e3:f0:d4:d4:1e:03:b8:05:8f:51:b9:a9:
a8:5c:52:5e:63:f5:70:0b:2b:df:3f:93:1b:79:7e:
e6:af:01:f2:c4:cf:d9:ea:15:e1:16:3e:e8:15:cb:
49:93:88:d5:fe:a5:6b:34:94:3c:cf:79:57:41:0e:
f9:2f:83:a3:84:34:2c:b1:69:93:dd:94:51:d0:01:
b5:4e:91:ea:04:56:34:31:cd:26:75:67:74:dd:bc:
3d:fc:a8:d4:74:8b:99:18:ff:4e:ce:b7:6f:da:6d:
14:1f:3e:c8:21:1a:2c:4e:10:d2:87:ca:43:d7:75:
44:56:2a:b0:6c:9d:02:4c:ad:b4:85:7b:8c:58:2f:
8b:f5:39:16:c5:83:30:fd:03:66:3d:d1:96:d3:a9:
52:af:d8:80:e3:71:41:9d:7a:6e:5a:06:c7:93:59:
ca:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5B:84:22:D3:73:86:C6:68:D0:A9:44:90:75:B6:80:68:C5:B1:90
X509v3 Authority Key Identifier:
keyid:63:71:04:D9:27:E7:E1:EF:8F:EB:BF:FD:DF:28:14:54:95:01:10:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/MluEItNzhsZo0KlEkHW2gGjFsZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.130.0/24
91.240.136.0/22
Signature Algorithm: sha256WithRSAEncryption
57:dc:6b:b0:d9:c2:7a:5c:e4:72:7d:ba:16:82:bb:37:ab:63:
04:19:df:56:bc:99:53:94:e7:9e:2c:cf:2e:7e:08:6d:70:2c:
00:d7:69:89:9a:05:51:ca:66:a6:f7:a1:9f:36:de:7c:68:c1:
72:c7:7f:2d:06:ad:6e:b6:76:f4:db:dd:84:48:b1:f4:46:be:
95:a5:bf:66:49:9d:d9:dc:b4:6a:9c:d3:0e:c3:dc:1b:66:37:
d0:4b:98:28:e3:1c:ca:cc:b9:c9:16:dc:ad:44:d3:a2:d4:9d:
3c:8b:cc:10:53:21:b9:d7:e2:42:b9:2f:61:6c:2a:5d:9f:db:
40:5d:10:99:d5:07:fd:f0:05:7f:65:5b:c0:a5:24:28:0f:0e:
57:12:cf:ce:5c:32:00:d5:84:53:c7:e9:3e:cf:c6:9c:06:64:
87:f9:6b:a6:04:eb:82:61:e4:dc:f9:98:82:0e:25:89:32:54:
e4:08:a3:ea:52:f8:6c:b5:98:50:0e:a5:37:4b:4a:80:01:eb:
68:b6:2d:c1:16:db:b1:f8:b9:0d:08:c1:40:d8:43:66:26:de:
a8:a2:6a:18:f0:1a:e6:69:f0:61:10:00:f7:c4:27:b4:34:d1:
d0:a9:fb:98:27:37:4e:33:1e:6f:d5:cd:f0:83:08:31:32:cd:
1f:92:91:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ/bXU6sT3UTuzN9UMkPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzEwNGQ5MjdlN2UxZWY4ZmViYmZmZGRmMjgxNDU0OTUw
MTEwOTQwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjViODQyMmQzNzM4NmM2NjhkMGE5NDQ5MDc1YjY4MDY4YzViMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eaGrF9pD0SLvN+7Wp0KwsFfqllB
T50MHgZ2NDo9/0o+37ocqlpiTb2qCbL/K9x/fyJL31yJoG07OoRbc/yqrt2yDiu1
tM6MVAU1bhl7P+beaEjPsbFjTWmQ0bvj8NTUHgO4BY9RuamoXFJeY/VwCyvfP5Mb
eX7mrwHyxM/Z6hXhFj7oFctJk4jV/qVrNJQ8z3lXQQ75L4OjhDQssWmT3ZRR0AG1
TpHqBFY0Mc0mdWd03bw9/KjUdIuZGP9Ozrdv2m0UHz7IIRosThDSh8pD13VEViqw
bJ0CTK20hXuMWC+L9TkWxYMw/QNmPdGW06lSr9iA43FBnXpuWgbHk1nKCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDJbhCLTc4bGaNCpRJB1toBoxbGQMB8GA1UdIwQY
MBaAFGNxBNkn5+Hvj+u//d8oFFSVARCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNFRTJTZm40ZS1QNjdfOTN5Z1VWSlVCRUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZDFkZGYtNzNjZi00YmIyLThhNmUt
NmU0YWVjODZmZTFlLzEvTWx1RUl0Tnpoc1pvMEtsRWtIVzJnR2pGc1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kZDFkZGYtNzNjZi00YmIyLThhNmUtNmU0YWVjODZmZTFl
LzEvWTNFRTJTZm40ZS1QNjdfOTN5Z1VWSlVCRUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/CCAwQC
W/CIMA0GCSqGSIb3DQEBCwUAA4IBAQBX3Guw2cJ6XORyfboWgrs3q2MEGd9WvJlT
lOeeLM8ufghtcCwA12mJmgVRymam96GfNt58aMFyx38tBq1utnb0292ESLH0Rr6V
pb9mSZ3Z3LRqnNMOw9wbZjfQS5go4xzKzLnJFtytRNOi1J08i8wQUyG51+JCuS9h
bCpdn9tAXRCZ1Qf98AV/ZVvApSQoDw5XEs/OXDIA1YRTx+k+z8acBmSH+WumBOuC
YeTc+ZiCDiWJMlTkCKPqUvhstZhQDqU3S0qAAetoti3BFtux+LkNCMFA2ENmJt6o
omoY8BrmafBhEAD3xCe0NNHQqfuYJzdOMx5v1c3wgwgxMs0fkpFq
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:04:56 2025 by rpki-client