Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/4mIaRiVfusRCW_nZ919kue73VcU.roa
File: 4mIaRiVfusRCW_nZ919kue73VcU.roa (raw, json)
Hash identifier: KAlnZdYdnEt6W3Qh7SxuikxG/eJq1ZmaN4m/5vXa+us=
Subject key identifier: E2:62:1A:46:25:5F:BA:C4:42:5B:F9:D9:F7:5F:64:B9:EE:F7:55:C5
Certificate issuer: /CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Certificate serial: 019425FBF44EF0D2E57C828E43F8400F8303
Authority key identifier: 60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/4mIaRiVfusRCW_nZ919kue73VcU.roa
Signing time: Thu 02 Jan 2025 07:47:36 +0000
ROA not before: Thu 02 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57354
IP address blocks: 91.231.218.0/23 maxlen: 32
185.228.132.0/22 maxlen: 32
2a0d:1600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f4:4e:f0:d2:e5:7c:82:8e:43:f8:40:0f:83:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Validity
Not Before: Jan 2 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2621a46255fbac4425bf9d9f75f64b9eef755c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e9:d2:97:6a:f3:71:a0:f0:95:4c:fb:a0:45:
5a:ac:cc:75:20:f3:71:22:e7:72:29:1e:c0:3c:44:
bd:61:21:10:c0:08:08:7a:d6:e4:cf:f4:b5:ff:ee:
79:ad:d9:df:38:dd:15:ec:12:fb:da:e2:dd:a0:79:
45:af:7b:ba:d5:a9:75:ae:39:c8:de:b7:02:eb:d1:
ae:9a:c5:f9:ba:f6:dc:82:7d:4d:77:01:05:54:74:
7d:93:9a:2c:1b:cf:58:13:49:fc:69:d6:10:6d:e8:
61:be:e5:cb:86:91:8a:89:dd:f5:e0:4f:65:8c:64:
70:8d:7c:64:6c:d4:02:6c:9e:f6:d6:85:e7:12:31:
09:13:6e:c6:91:97:53:2c:8c:dd:5c:4b:1f:d5:0e:
fe:3b:d9:56:7c:0b:72:43:72:86:95:d1:ad:03:3e:
7b:a3:bd:79:bc:dd:56:df:7e:cf:ab:ef:eb:0f:f0:
c1:20:ed:89:20:0c:bc:1d:b4:fe:85:6e:fe:94:78:
48:a2:09:d2:f1:f6:f6:55:ee:6d:36:63:19:02:ef:
bb:2f:f6:38:96:db:11:20:30:82:67:e5:fd:05:77:
12:59:4f:c1:d9:9c:eb:9e:89:1b:36:2a:2b:c6:4d:
24:a4:76:cc:19:32:b7:5a:82:72:25:5d:de:75:84:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:62:1A:46:25:5F:BA:C4:42:5B:F9:D9:F7:5F:64:B9:EE:F7:55:C5
X509v3 Authority Key Identifier:
keyid:60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/4mIaRiVfusRCW_nZ919kue73VcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.218.0/23
185.228.132.0/22
IPv6:
2a0d:1600::/32
Signature Algorithm: sha256WithRSAEncryption
bb:95:46:dd:2f:22:16:01:59:7b:a1:d3:5d:65:c0:9b:30:77:
7f:f3:12:da:a8:f9:2c:15:25:d1:c8:b1:aa:60:16:a4:c3:d9:
1d:5a:39:cd:32:d7:4b:4b:3c:9f:cb:e4:e3:2f:c0:8b:de:8c:
00:63:2e:ce:48:c2:32:c6:27:61:cb:e9:5d:e6:79:a5:99:74:
51:4a:c9:5d:a8:39:95:9b:9b:40:cb:b5:51:63:66:a3:2b:74:
3f:bf:25:01:3a:18:be:b7:04:23:93:a2:36:26:ea:10:d8:e5:
8f:de:c7:8c:b2:22:49:0f:30:d3:77:85:03:e1:10:a0:61:4a:
9b:08:88:e7:51:cb:0a:aa:e0:e4:fc:1d:51:c7:79:fe:c5:c0:
5b:8e:d8:02:b7:7b:48:e4:14:78:62:56:bf:4c:ec:50:9a:c0:
e0:95:96:5b:0b:a4:71:9f:27:db:7d:7d:23:c6:84:fb:9f:a3:
e5:03:c7:8f:14:b0:0c:34:6e:ab:bc:67:55:db:13:42:aa:09:
c2:af:91:ce:3b:31:6f:a4:bb:b0:bc:29:37:de:67:d8:ff:80:
98:ff:0f:ef:d1:e8:f5:e8:b6:1a:75:70:4b:91:76:89:9c:65:
69:7f:2c:43:59:47:23:d2:0b:e5:6c:0d:32:cb:02:21:76:f9:
41:a0:01:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl+/RO8NLlfIKOQ/hAD4MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRjMDBmOWE0ODFiNDE1MDg2YjE0M2E3ZGQ0Y2RhMWZm
YjI0NzAwHhcNMjUwMTAyMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjYyMWE0NjI1NWZiYWM0NDI1YmY5ZDlmNzVmNjRiOWVlZjc1NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoenSl2rzcaDwlUz7oEVarMx1IPNx
IudyKR7APES9YSEQwAgIetbkz/S1/+55rdnfON0V7BL72uLdoHlFr3u61al1rjnI
3rcC69GumsX5uvbcgn1NdwEFVHR9k5osG89YE0n8adYQbehhvuXLhpGKid314E9l
jGRwjXxkbNQCbJ721oXnEjEJE27GkZdTLIzdXEsf1Q7+O9lWfAtyQ3KGldGtAz57
o715vN1W337Pq+/rD/DBIO2JIAy8HbT+hW7+lHhIognS8fb2Ve5tNmMZAu+7L/Y4
ltsRIDCCZ+X9BXcSWU/B2ZzrnokbNiorxk0kpHbMGTK3WoJyJV3edYQfHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOJiGkYlX7rEQlv52fdfZLnu91XFMB8GA1UdIwQY
MBaAFGAdwA+aSBtBUIaxQ6fdTNof+yRwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUt
ZmJhNDliMGNkZGVkLzEvNG1JYVJpVmZ1c1JDV19uWjkxOWt1ZTczVmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUtZmJhNDliMGNkZGVk
LzEvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+faAwQC
ueSEMA0EAgACMAcDBQAqDRYAMA0GCSqGSIb3DQEBCwUAA4IBAQC7lUbdLyIWAVl7
odNdZcCbMHd/8xLaqPksFSXRyLGqYBakw9kdWjnNMtdLSzyfy+TjL8CL3owAYy7O
SMIyxidhy+ld5nmlmXRRSsldqDmVm5tAy7VRY2ajK3Q/vyUBOhi+twQjk6I2JuoQ
2OWP3seMsiJJDzDTd4UD4RCgYUqbCIjnUcsKquDk/B1Rx3n+xcBbjtgCt3tI5BR4
Yla/TOxQmsDglZZbC6RxnyfbfX0jxoT7n6PlA8ePFLAMNG6rvGdV2xNCqgnCr5HO
OzFvpLuwvCk33mfY/4CY/w/v0ej16LYadXBLkXaJnGVpfyxDWUcj0gvlbA0yywIh
dvlBoAEi
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:02:08 2025 by rpki-client