Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2CeWoGzDWl6UkY36SIUH1OhgWjI.roa
File: 2CeWoGzDWl6UkY36SIUH1OhgWjI.roa (raw, json)
Hash identifier: SpuPtcO5oh6qYeICaLjHEnb1AyuNec5O8bsGPbWlXR0=
Subject key identifier: D8:27:96:A0:6C:C3:5A:5E:94:91:8D:FA:48:85:07:D4:E8:60:5A:32
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0194266C18239357110C8781B6D1C2E6C1D1
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2CeWoGzDWl6UkY36SIUH1OhgWjI.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35594
IP address blocks: 91.149.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:18:23:93:57:11:0c:87:81:b6:d1:c2:e6:c1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d82796a06cc35a5e94918dfa488507d4e8605a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:72:e4:c8:31:56:52:43:40:ca:21:ce:ff:
77:b1:86:df:6f:7d:ca:45:cf:64:98:5a:6f:74:66:
88:a5:5d:0e:d6:7a:4c:d7:24:ef:06:ca:bc:53:5e:
99:3a:72:0f:6a:0c:0b:40:eb:96:40:2c:dc:a6:83:
e8:f0:5e:1b:43:f3:06:24:40:69:a4:2d:95:3e:25:
c1:6d:f8:64:d2:65:6b:c6:50:da:0e:1b:fa:4d:4c:
61:ce:b1:42:a1:3d:2f:41:3a:1f:9c:ca:70:40:84:
1a:b4:1b:3f:1b:90:ee:e2:85:2f:9b:fe:eb:2e:fe:
f0:bd:67:81:cc:f8:2b:f6:4b:6c:20:61:aa:12:3d:
e4:d0:58:ae:7a:af:1b:78:4e:c8:c1:2b:5f:57:0c:
d7:77:07:30:c1:c6:9d:2f:de:62:c5:b9:22:5d:18:
23:cd:6a:27:be:20:e1:59:92:7a:bf:84:fd:4f:bc:
37:52:81:39:36:a4:55:86:cc:88:29:65:08:fd:3d:
41:ab:4f:2c:cf:34:cf:5a:c7:cd:b7:c7:2a:20:c1:
86:a1:31:e0:d0:01:90:91:2a:c6:db:c3:62:08:2c:
ff:01:b8:08:05:a6:da:9c:39:ce:a1:e9:bd:0c:ca:
dc:f1:ab:de:ab:9e:4c:1f:b6:d2:d5:41:c0:5a:5f:
7b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:27:96:A0:6C:C3:5A:5E:94:91:8D:FA:48:85:07:D4:E8:60:5A:32
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2CeWoGzDWl6UkY36SIUH1OhgWjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.189.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5f:61:59:aa:3a:6b:4d:67:c7:60:09:50:87:7b:95:32:0d:
38:ee:b7:4a:d5:a3:e7:65:03:31:0d:53:68:e5:aa:3b:c3:7d:
d4:a4:0e:80:a8:43:68:9f:6f:9f:8b:1b:50:8c:ad:ab:bf:cc:
57:79:79:11:28:b9:f7:85:1c:09:e7:8c:5f:4a:d7:0f:40:a3:
f6:c1:84:36:63:fa:a1:8b:d3:27:66:04:45:24:d3:46:d2:fd:
cd:78:94:8c:b3:d0:0b:97:71:9c:9e:0b:9e:fd:f3:60:a3:8d:
85:f6:58:dc:32:e7:7e:0d:f2:56:b2:26:6d:9c:bf:cd:18:50:
eb:78:b7:81:de:51:8c:78:4a:58:29:ff:47:58:d8:67:50:7a:
f1:1a:02:60:47:20:76:a8:f8:9a:91:f1:a6:b8:fb:51:56:0c:
dc:01:0d:af:0d:03:5a:a8:72:ce:f3:70:9c:77:d6:fd:48:af:
0f:8f:2d:b7:5c:4e:ad:42:91:f2:01:55:ef:c9:63:93:46:20:
65:4f:7d:d9:e5:f8:00:63:b6:e9:66:93:e8:f0:7b:3d:ea:ff:
2b:0a:c0:5c:33:bf:00:c1:04:02:a5:ec:de:44:a7:7e:ee:cf:
ce:03:ce:ec:4d:8e:b1:ff:78:5e:a2:cb:5f:8e:30:94:0e:b5:
19:49:06:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbBgjk1cRDIeBttHC5sHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI3OTZhMDZjYzM1YTVlOTQ5MThkZmE0ODg1MDdkNGU4NjA1YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJBy5MgxVlJDQMohzv93sYbfb33K
Rc9kmFpvdGaIpV0O1npM1yTvBsq8U16ZOnIPagwLQOuWQCzcpoPo8F4bQ/MGJEBp
pC2VPiXBbfhk0mVrxlDaDhv6TUxhzrFCoT0vQTofnMpwQIQatBs/G5Du4oUvm/7r
Lv7wvWeBzPgr9ktsIGGqEj3k0Fiueq8beE7IwStfVwzXdwcwwcadL95ixbkiXRgj
zWonviDhWZJ6v4T9T7w3UoE5NqRVhsyIKWUI/T1Bq08szzTPWsfNt8cqIMGGoTHg
0AGQkSrG28NiCCz/AbgIBabanDnOoem9DMrc8aveq55MH7bS1UHAWl97ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgnlqBsw1pelJGN+kiFB9ToYFoyMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvMkNlV29HekRXbDZVa1kzNlNJVUgxT2hnV2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5W9MA0G
CSqGSIb3DQEBCwUAA4IBAQBUX2FZqjprTWfHYAlQh3uVMg047rdK1aPnZQMxDVNo
5ao7w33UpA6AqENon2+fixtQjK2rv8xXeXkRKLn3hRwJ54xfStcPQKP2wYQ2Y/qh
i9MnZgRFJNNG0v3NeJSMs9ALl3Gcngue/fNgo42F9ljcMud+DfJWsiZtnL/NGFDr
eLeB3lGMeEpYKf9HWNhnUHrxGgJgRyB2qPiakfGmuPtRVgzcAQ2vDQNaqHLO83Cc
d9b9SK8Pjy23XE6tQpHyAVXvyWOTRiBlT33Z5fgAY7bpZpPo8Hs96v8rCsBcM78A
wQQCpezeRKd+7s/OA87sTY6x/3heostfjjCUDrUZSQbh
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:48:44 2025 by rpki-client