Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/ABe8z9WKNFPr_YS82i_p03iXBIs.roa
File: ABe8z9WKNFPr_YS82i_p03iXBIs.roa (raw, json)
Hash identifier: Okh3TBWQ1pwf5rloCDPJjft+o38Qlvi8R+jxiL9y4DI=
Subject key identifier: 00:17:BC:CF:D5:8A:34:53:EB:FD:84:BC:DA:2F:E9:D3:78:97:04:8B
Certificate issuer: /CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Certificate serial: 019421B25A4EF3CE99D42D0489CF29AE448B
Authority key identifier: 85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/ABe8z9WKNFPr_YS82i_p03iXBIs.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39864
IP address blocks: 91.213.144.0/24 maxlen: 24
91.232.92.0/24 maxlen: 24
91.232.93.0/24 maxlen: 24
91.232.94.0/24 maxlen: 24
91.232.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5a:4e:f3:ce:99:d4:2d:04:89:cf:29:ae:44:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0017bccfd58a3453ebfd84bcda2fe9d37897048b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:61:58:d8:a8:5e:6e:66:ee:1d:05:f9:6f:94:
91:b6:43:64:55:52:96:3b:b6:86:02:1a:6c:70:8f:
83:95:1f:9f:8d:e7:35:a8:a2:2c:c0:d9:03:5e:a9:
c6:b3:59:cd:d9:40:dd:41:aa:c0:68:ae:08:d9:4a:
62:95:cf:63:d1:2d:f8:51:66:b1:8e:ae:22:00:51:
4f:bb:1b:57:83:a4:91:c5:1a:94:c6:68:d5:f1:5c:
ef:bb:56:3b:bc:81:80:c2:58:c3:00:b6:0f:0e:03:
71:04:8d:79:eb:84:b0:5b:13:0a:80:e7:3a:af:42:
ee:18:18:9c:8f:92:62:c8:da:d3:aa:18:84:46:6b:
6c:32:46:ab:35:e7:c4:b5:14:6c:05:ea:d3:cc:d5:
c7:8d:6f:7f:c0:aa:42:ac:59:2b:af:43:68:c2:b0:
14:2e:06:84:0c:8b:c5:a7:4d:64:1f:49:32:69:ae:
2f:e5:7f:50:b9:fe:7b:e2:8c:62:24:4d:11:97:bc:
5c:2f:63:c3:55:5f:47:a9:0a:c0:38:40:07:2f:ff:
a8:4c:b8:fe:81:9e:85:7c:9f:b8:08:a7:26:4a:ad:
5c:ba:3b:88:e5:a9:6e:c8:18:b9:cd:0f:19:39:d3:
c5:39:98:31:10:fa:8b:06:e3:86:c0:35:d8:36:4c:
ac:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:BC:CF:D5:8A:34:53:EB:FD:84:BC:DA:2F:E9:D3:78:97:04:8B
X509v3 Authority Key Identifier:
keyid:85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/ABe8z9WKNFPr_YS82i_p03iXBIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.144.0/24
91.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:ca:5f:aa:70:5d:45:49:18:63:3d:06:32:3b:93:b2:ff:ec:
6d:54:7b:78:3b:d5:df:fc:0f:3b:04:1c:2e:09:85:b0:72:18:
42:5e:bb:ae:a7:f5:1d:25:60:30:09:b0:07:18:71:bd:09:5e:
70:1c:5b:cc:b0:16:0c:8d:05:5a:6a:23:50:03:f1:55:e4:32:
d6:a8:1d:01:eb:7e:3f:0e:99:d2:dd:2d:e3:60:84:70:a2:58:
91:a2:14:3f:1b:3b:c2:00:9f:be:57:4b:cb:33:76:42:9c:30:
8b:fc:7d:1d:bd:7b:12:da:a6:47:9a:26:87:4f:af:30:9d:64:
31:ff:02:b8:59:60:c6:13:b5:3d:8f:32:71:75:24:d2:40:62:
86:a6:c9:fc:b6:42:2f:74:3b:b7:07:52:87:1d:dc:a5:bf:1a:
80:59:51:0d:be:4c:41:43:58:a7:c8:5e:ae:22:4c:85:d9:96:
99:a8:e4:32:48:76:0b:59:e3:dd:ce:05:61:fd:fe:3d:01:12:
07:0c:a1:51:9b:31:e5:1b:b6:94:74:65:fe:b8:46:fc:0f:6d:
44:d1:1f:90:4b:8f:62:d4:dd:4f:aa:97:34:67:4d:70:95:5d:
0d:39:88:94:1c:01:2c:6c:f3:d5:d4:2f:bb:ad:19:65:43:55:
b1:b0:88:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhslpO886Z1C0Eic8prkSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTE2YmU3ZTYzY2ZkOGM4Yjc3YzA1ODhkMTI2OTRmMTZi
MTRjZGEwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE3YmNjZmQ1OGEzNDUzZWJmZDg0YmNkYTJmZTlkMzc4OTcwNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9mFY2KhebmbuHQX5b5SRtkNkVVKW
O7aGAhpscI+DlR+fjec1qKIswNkDXqnGs1nN2UDdQarAaK4I2Upilc9j0S34UWax
jq4iAFFPuxtXg6SRxRqUxmjV8Vzvu1Y7vIGAwljDALYPDgNxBI1564SwWxMKgOc6
r0LuGBicj5JiyNrTqhiERmtsMkarNefEtRRsBerTzNXHjW9/wKpCrFkrr0NowrAU
LgaEDIvFp01kH0kyaa4v5X9Quf574oxiJE0Rl7xcL2PDVV9HqQrAOEAHL/+oTLj+
gZ6FfJ+4CKcmSq1cujuI5aluyBi5zQ8ZOdPFOZgxEPqLBuOGwDXYNkysyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAXvM/VijRT6/2EvNov6dN4lwSLMB8GA1UdIwQY
MBaAFIWRa+fmPP2Mi3fAWI0SaU8WsUzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUt
YmNhMjM0ODI5ZjQ4LzEvQUJlOHo5V0tORlByX1lTODJpX3AwM2lYQklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUtYmNhMjM0ODI5ZjQ4
LzEvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9WQAwQC
W+hcMA0GCSqGSIb3DQEBCwUAA4IBAQCfyl+qcF1FSRhjPQYyO5Oy/+xtVHt4O9Xf
/A87BBwuCYWwchhCXruup/UdJWAwCbAHGHG9CV5wHFvMsBYMjQVaaiNQA/FV5DLW
qB0B634/DpnS3S3jYIRwoliRohQ/GzvCAJ++V0vLM3ZCnDCL/H0dvXsS2qZHmiaH
T68wnWQx/wK4WWDGE7U9jzJxdSTSQGKGpsn8tkIvdDu3B1KHHdylvxqAWVENvkxB
Q1inyF6uIkyF2ZaZqOQySHYLWePdzgVh/f49ARIHDKFRmzHlG7aUdGX+uEb8D21E
0R+QS49i1N1Pqpc0Z01wlV0NOYiUHAEsbPPV1C+7rRllQ1WxsIgj
-----END CERTIFICATE-----
Generated at Mon May 5 06:57:44 2025 by rpki-client