Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/7b507a-fecd-4ae3-805d-a778345aed88/1/Ku3HRyioj0ql8ozTbPCiAHlL8-E.roa
File: Ku3HRyioj0ql8ozTbPCiAHlL8-E.roa (raw, json)
Hash identifier: gtf9gLEz02KrYfoccfEAryEzPGbpHsjqTO4FxJ768C8=
Subject key identifier: 2A:ED:C7:47:28:A8:8F:4A:A5:F2:8C:D3:6C:F0:A2:00:79:4B:F3:E1
Certificate issuer: /CN=439ced9805a3c5d934e2c521a17a8ab94f11aec5
Certificate serial: 01942827F748D98BE8A9DD9CC9EE48BBCB6E
Authority key identifier: 43:9C:ED:98:05:A3:C5:D9:34:E2:C5:21:A1:7A:8A:B9:4F:11:AE:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5ztmAWjxdk04sUhoXqKuU8RrsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/7b507a-fecd-4ae3-805d-a778345aed88/1/Ku3HRyioj0ql8ozTbPCiAHlL8-E.roa
Signing time: Thu 02 Jan 2025 17:54:55 +0000
ROA not before: Thu 02 Jan 2025 17:54:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12731
IP address blocks: 91.216.90.0/24 maxlen: 24
2001:678:2c4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:f7:48:d9:8b:e8:a9:dd:9c:c9:ee:48:bb:cb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=439ced9805a3c5d934e2c521a17a8ab94f11aec5
Validity
Not Before: Jan 2 17:54:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aedc74728a88f4aa5f28cd36cf0a200794bf3e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:22:9b:74:59:52:ac:7e:65:cc:ec:c7:9c:23:
48:dc:96:d1:64:f8:58:75:2f:42:e2:a1:da:fe:6f:
c2:48:8f:55:3a:70:55:65:97:e5:5b:cc:dc:63:ae:
fd:c7:22:b8:73:ca:42:ba:2c:5e:0d:2c:a8:15:41:
56:d1:ea:49:35:31:a4:30:34:db:2f:1f:66:f4:e1:
9d:75:40:c4:c4:d4:47:76:58:fe:56:e8:c0:a0:cf:
51:ff:60:b8:c4:4c:ad:3e:41:c5:11:32:bb:64:5a:
68:4b:5a:38:9d:96:cb:5c:7f:87:30:c1:04:f0:74:
29:2b:9d:cb:18:91:64:89:0e:39:99:91:37:e8:fd:
47:20:9a:57:a6:78:8e:2a:b5:00:2e:7c:f9:2a:3a:
88:1f:e7:20:c7:90:54:9e:4c:62:33:fb:7a:66:67:
20:eb:15:51:e1:61:75:f1:06:01:8b:fb:72:a0:e1:
fb:ff:f3:5b:7b:ae:2a:66:54:d9:d1:9c:bc:c3:2b:
ca:f4:1d:bf:8d:48:2f:ff:4b:b0:2e:00:81:d8:28:
5a:c4:5d:7a:a7:d0:2f:52:50:87:56:20:89:ae:ef:
90:48:bc:eb:51:7e:14:f5:4a:f5:20:0b:70:8d:6b:
36:fb:06:48:a7:05:a5:47:a4:3c:f3:15:72:55:41:
34:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:ED:C7:47:28:A8:8F:4A:A5:F2:8C:D3:6C:F0:A2:00:79:4B:F3:E1
X509v3 Authority Key Identifier:
keyid:43:9C:ED:98:05:A3:C5:D9:34:E2:C5:21:A1:7A:8A:B9:4F:11:AE:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5ztmAWjxdk04sUhoXqKuU8RrsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/7b507a-fecd-4ae3-805d-a778345aed88/1/Ku3HRyioj0ql8ozTbPCiAHlL8-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/7b507a-fecd-4ae3-805d-a778345aed88/1/Q5ztmAWjxdk04sUhoXqKuU8RrsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.90.0/24
IPv6:
2001:678:2c4::/48
Signature Algorithm: sha256WithRSAEncryption
15:33:a8:62:32:95:fe:44:60:a8:c0:7f:b8:a5:33:be:f7:b9:
dd:da:0b:34:59:ca:87:c3:0c:44:e7:cd:b7:30:9d:c4:3d:c1:
db:1d:d0:51:2b:a2:43:c4:8c:3e:a8:74:6d:1c:a2:c0:20:5e:
36:df:e3:9c:c3:dd:79:b9:4a:f5:dc:38:9c:33:90:fb:58:13:
8a:be:73:61:c8:b2:41:c8:b2:93:08:38:5b:a6:f4:85:91:e3:
98:01:84:7c:e7:0f:4c:3a:d4:d5:4d:49:63:bb:44:d3:b3:ce:
bd:2d:70:d5:10:93:5c:93:3b:ec:02:ae:b2:9c:49:fd:74:73:
b9:6e:d0:45:c7:e6:66:2f:15:18:22:62:8c:d6:2b:2f:5f:18:
18:8c:85:7f:2c:03:d0:15:98:a9:0c:b2:36:59:31:e3:13:4e:
80:83:7c:e8:ac:3f:1d:41:8f:cd:ec:c9:ca:59:38:ba:fb:89:
87:30:ed:d9:ce:fe:cb:96:6d:d6:43:2a:c5:7f:69:9e:0f:ca:
d4:3a:d2:cc:c9:70:22:71:4d:41:cb:c7:66:f0:cc:ed:15:a8:
87:56:cc:e5:8b:68:ad:07:a8:92:e9:85:80:78:19:16:58:c8:
e9:62:02:b1:07:f9:dc:8c:a0:1f:c7:29:eb:0f:61:32:8c:b8:
75:09:72:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJ/dI2Yvoqd2cye5Iu8tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWNlZDk4MDVhM2M1ZDkzNGUyYzUyMWExN2E4YWI5NGYx
MWFlYzUwHhcNMjUwMTAyMTc1NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVkYzc0NzI4YTg4ZjRhYTVmMjhjZDM2Y2YwYTIwMDc5NGJmM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yKbdFlSrH5lzOzHnCNI3JbRZPhY
dS9C4qHa/m/CSI9VOnBVZZflW8zcY679xyK4c8pCuixeDSyoFUFW0epJNTGkMDTb
Lx9m9OGddUDExNRHdlj+VujAoM9R/2C4xEytPkHFETK7ZFpoS1o4nZbLXH+HMMEE
8HQpK53LGJFkiQ45mZE36P1HIJpXpniOKrUALnz5KjqIH+cgx5BUnkxiM/t6Zmcg
6xVR4WF18QYBi/tyoOH7//Nbe64qZlTZ0Zy8wyvK9B2/jUgv/0uwLgCB2ChaxF16
p9AvUlCHViCJru+QSLzrUX4U9Ur1IAtwjWs2+wZIpwWlR6Q88xVyVUE0GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrtx0coqI9KpfKM02zwogB5S/PhMB8GA1UdIwQY
MBaAFEOc7ZgFo8XZNOLFIaF6irlPEa7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTV6dG1BV2p4ZGswNHNVaG9YcUt1VThScnNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83YjUwN2EtZmVjZC00YWUzLTgwNWQt
YTc3ODM0NWFlZDg4LzEvS3UzSFJ5aW9qMHFsOG96VGJQQ2lBSGxMOC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83YjUwN2EtZmVjZC00YWUzLTgwNWQtYTc3ODM0NWFlZDg4
LzEvUTV6dG1BV2p4ZGswNHNVaG9YcUt1VThScnNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9haMA8E
AgACMAkDBwAgAQZ4AsQwDQYJKoZIhvcNAQELBQADggEBABUzqGIylf5EYKjAf7il
M773ud3aCzRZyofDDETnzbcwncQ9wdsd0FErokPEjD6odG0cosAgXjbf45zD3Xm5
SvXcOJwzkPtYE4q+c2HIskHIspMIOFum9IWR45gBhHznD0w61NVNSWO7RNOzzr0t
cNUQk1yTO+wCrrKcSf10c7lu0EXH5mYvFRgiYozWKy9fGBiMhX8sA9AVmKkMsjZZ
MeMTToCDfOisPx1Bj83sycpZOLr7iYcw7dnO/suWbdZDKsV/aZ4PytQ60szJcCJx
TUHLx2bwzO0VqIdWzOWLaK0HqJLphYB4GRZYyOliArEH+dyMoB/HKesPYTKMuHUJ
cp8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:03:23 2025 by rpki-client