Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c8e001-ada3-45bf-aa46-fd515681620c/1/jRK4xjLjW0AS7WU026pDGWREkHo.roa
File: jRK4xjLjW0AS7WU026pDGWREkHo.roa (raw, json)
Hash identifier: ER6luwoElNhKf2QyVxJrryvA3AGyV4wY+yOa5rcowpY=
Subject key identifier: 8D:12:B8:C6:32:E3:5B:40:12:ED:65:34:DB:AA:43:19:64:44:90:7A
Certificate issuer: /CN=a5dae805cc94bdd29fc27107cd63b0bd27c914d0
Certificate serial: 01942067EAF82F265A6F6643716586CEC306
Authority key identifier: A5:DA:E8:05:CC:94:BD:D2:9F:C2:71:07:CD:63:B0:BD:27:C9:14:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdroBcyUvdKfwnEHzWOwvSfJFNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/c8e001-ada3-45bf-aa46-fd515681620c/1/jRK4xjLjW0AS7WU026pDGWREkHo.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44630
IP address blocks: 91.199.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ea:f8:2f:26:5a:6f:66:43:71:65:86:ce:c3:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5dae805cc94bdd29fc27107cd63b0bd27c914d0
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d12b8c632e35b4012ed6534dbaa43196444907a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:56:75:aa:32:4d:c6:a6:08:b9:a6:1b:7f:0e:
e6:8b:a6:e6:6c:39:0c:26:26:82:26:e5:ea:f6:df:
69:40:02:93:0a:3b:6e:ee:6a:5b:e3:a8:36:f8:e4:
03:04:d9:38:23:7c:00:27:7e:da:90:7c:a3:64:26:
9d:b5:22:64:1c:c3:e2:47:a8:52:90:14:82:64:6e:
92:99:00:40:45:e6:ab:d7:ea:bd:b5:4f:5e:4a:b0:
0c:19:a9:9f:95:f8:ed:be:48:8e:76:45:c3:2a:ec:
4f:b5:5d:e7:0a:75:47:e9:8a:34:54:f4:1d:4a:24:
91:bd:11:75:7a:a5:80:1c:22:24:46:55:a7:62:88:
0e:87:a2:8c:84:d1:fc:dc:cd:7d:ce:74:51:7c:1e:
ba:77:f9:9e:29:02:72:92:de:b9:56:6e:b1:33:4e:
d4:c7:3f:bf:1a:da:ac:12:a4:06:bb:ae:99:aa:f9:
61:bb:08:c8:21:2b:19:e6:8b:50:3f:00:ea:20:bc:
95:a0:12:24:f8:e6:d1:07:e7:df:3f:03:53:4b:e0:
4d:68:6e:4c:c3:26:a9:d4:ff:53:40:80:30:b7:68:
1a:94:90:59:40:9c:01:29:84:34:dd:73:c3:3c:cf:
5d:8a:23:2f:fb:d6:33:2c:92:72:d8:d9:a5:47:90:
d0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:12:B8:C6:32:E3:5B:40:12:ED:65:34:DB:AA:43:19:64:44:90:7A
X509v3 Authority Key Identifier:
keyid:A5:DA:E8:05:CC:94:BD:D2:9F:C2:71:07:CD:63:B0:BD:27:C9:14:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdroBcyUvdKfwnEHzWOwvSfJFNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c8e001-ada3-45bf-aa46-fd515681620c/1/jRK4xjLjW0AS7WU026pDGWREkHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c8e001-ada3-45bf-aa46-fd515681620c/1/pdroBcyUvdKfwnEHzWOwvSfJFNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.188.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c1:4c:29:59:c7:5e:76:6b:86:97:02:94:d4:b6:12:a2:8a:
22:b5:f1:39:6f:80:cb:b1:a1:b3:c5:5d:65:53:43:ea:c4:dc:
22:db:d2:1e:0e:c6:fa:7e:e7:cb:06:c5:3a:21:71:c5:4d:24:
73:f7:5f:be:75:fb:97:37:84:10:56:b7:cb:40:79:be:3a:a6:
f1:58:29:97:92:f4:4e:f3:4e:35:c5:f0:f8:a6:58:9c:75:1a:
3d:73:fd:bc:74:89:39:50:af:20:38:95:40:e7:29:71:c1:d9:
68:ae:cc:ae:24:57:d4:e6:d0:71:11:cd:4a:aa:cd:75:8b:17:
28:1b:c0:e4:89:ef:9a:52:f5:76:1f:37:99:77:94:e4:18:9b:
c5:5e:c0:1f:87:bf:fd:4b:ac:fd:ff:49:00:13:73:31:82:29:
65:1b:7b:f2:f1:8b:d9:cc:f0:53:65:a9:29:5a:f8:f9:0e:e4:
62:c7:ce:8f:bf:5e:ed:3b:8d:dd:b8:70:c1:c1:63:5a:8d:1d:
8c:f4:63:3c:14:49:c0:4f:19:e0:91:39:32:6d:81:4e:79:f7:
d0:8a:92:5c:c6:f1:67:46:43:5f:80:b4:f9:07:e4:2c:71:03:
b5:b2:6d:ae:4f:b0:0e:48:fa:d6:22:ee:0c:c7:89:e0:7b:f2:
65:f9:4d:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+r4LyZab2ZDcWWGzsMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZGFlODA1Y2M5NGJkZDI5ZmMyNzEwN2NkNjNiMGJkMjdj
OTE0ZDAwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDEyYjhjNjMyZTM1YjQwMTJlZDY1MzRkYmFhNDMxOTY0NDQ5MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFZ1qjJNxqYIuaYbfw7mi6bmbDkM
JiaCJuXq9t9pQAKTCjtu7mpb46g2+OQDBNk4I3wAJ37akHyjZCadtSJkHMPiR6hS
kBSCZG6SmQBARear1+q9tU9eSrAMGamflfjtvkiOdkXDKuxPtV3nCnVH6Yo0VPQd
SiSRvRF1eqWAHCIkRlWnYogOh6KMhNH83M19znRRfB66d/meKQJykt65Vm6xM07U
xz+/GtqsEqQGu66ZqvlhuwjIISsZ5otQPwDqILyVoBIk+ObRB+ffPwNTS+BNaG5M
wyap1P9TQIAwt2galJBZQJwBKYQ03XPDPM9diiMv+9YzLJJy2NmlR5DQBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0SuMYy41tAEu1lNNuqQxlkRJB6MB8GA1UdIwQY
MBaAFKXa6AXMlL3Sn8JxB81jsL0nyRTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRyb0JjeVV2ZEtmd25FSHpXT3d2U2ZKRk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jOGUwMDEtYWRhMy00NWJmLWFhNDYt
ZmQ1MTU2ODE2MjBjLzEvalJLNHhqTGpXMEFTN1dVMDI2cERHV1JFa0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jOGUwMDEtYWRhMy00NWJmLWFhNDYtZmQ1MTU2ODE2MjBj
LzEvcGRyb0JjeVV2ZEtmd25FSHpXT3d2U2ZKRk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8e8MA0G
CSqGSIb3DQEBCwUAA4IBAQAMwUwpWcdedmuGlwKU1LYSoooitfE5b4DLsaGzxV1l
U0PqxNwi29IeDsb6fufLBsU6IXHFTSRz91++dfuXN4QQVrfLQHm+OqbxWCmXkvRO
8041xfD4plicdRo9c/28dIk5UK8gOJVA5ylxwdlorsyuJFfU5tBxEc1Kqs11ixco
G8Dkie+aUvV2HzeZd5TkGJvFXsAfh7/9S6z9/0kAE3MxgillG3vy8YvZzPBTZakp
Wvj5DuRix86Pv17tO43duHDBwWNajR2M9GM8FEnATxngkTkybYFOeffQipJcxvFn
RkNfgLT5B+QscQO1sm2uT7AOSPrWIu4Mx4nge/Jl+U3H
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:26:52 2025 by rpki-client