Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/HI5bhroHTAd2JOvu5YSZV3u06FM.roa
File: HI5bhroHTAd2JOvu5YSZV3u06FM.roa (raw, json)
Hash identifier: Sccuti/fJ5690EYg+UXdl+hwT8LmoHMXCPxrbV1XvfA=
Subject key identifier: 1C:8E:5B:86:BA:07:4C:07:76:24:EB:EE:E5:84:99:57:7B:B4:E8:53
Certificate issuer: /CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Certificate serial: 01941FFAAD4E71E8431069ECE5335E41425F
Authority key identifier: 35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/HI5bhroHTAd2JOvu5YSZV3u06FM.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200553
IP address blocks: 91.198.141.0/24 maxlen: 24
91.198.147.0/24 maxlen: 24
91.198.158.0/24 maxlen: 24
91.198.167.0/24 maxlen: 24
185.100.32.0/22 maxlen: 24
185.202.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ad:4e:71:e8:43:10:69:ec:e5:33:5e:41:42:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c8e5b86ba074c077624ebeee58499577bb4e853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:45:d4:cb:6c:f6:6d:d8:95:1a:00:f9:f6:
9c:52:b0:4b:7f:79:0c:06:2e:8b:98:c4:83:75:16:
5b:9c:49:5f:cd:80:b7:5e:8d:4b:61:02:ac:6d:cd:
25:74:a0:30:23:c5:05:d2:f0:ad:2a:17:52:89:c3:
b7:fe:f9:d4:89:3e:f1:92:7b:0e:53:d0:e2:cf:71:
70:ec:dc:1f:57:af:52:f5:8f:0d:8d:6f:e0:af:28:
07:12:be:19:55:d6:3e:a4:4c:5c:16:59:ab:cf:85:
67:20:f5:8e:79:37:83:a1:a9:be:20:a8:93:ea:a3:
28:45:ed:47:1e:c4:bd:7c:34:40:f3:18:78:e8:02:
56:22:7d:fa:ef:86:80:f2:64:b0:78:97:fa:54:44:
fe:3b:76:a5:9a:f5:d0:05:c2:4f:e6:d9:3d:aa:58:
92:c2:08:40:1e:9b:4c:e3:d4:4a:ab:fe:61:bc:e4:
f2:72:9f:e3:4f:56:8c:74:d4:b9:49:da:31:8e:ed:
e8:70:19:7c:7e:84:12:b0:74:79:c0:53:5b:45:6f:
74:fe:48:84:49:96:da:f4:08:04:f5:74:bf:ca:61:
d5:33:09:34:ea:c2:a3:74:39:fe:f1:b9:06:30:2e:
b8:45:7d:9c:5d:be:df:bb:f6:76:fd:f7:8e:44:79:
a5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8E:5B:86:BA:07:4C:07:76:24:EB:EE:E5:84:99:57:7B:B4:E8:53
X509v3 Authority Key Identifier:
keyid:35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/HI5bhroHTAd2JOvu5YSZV3u06FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.141.0/24
91.198.147.0/24
91.198.158.0/24
91.198.167.0/24
185.100.32.0/22
185.202.128.0/22
Signature Algorithm: sha256WithRSAEncryption
49:9b:47:e8:97:a4:73:00:dd:a2:66:a3:95:f0:bc:db:b3:02:
51:15:57:f5:62:a5:94:26:41:07:c6:c7:f7:25:74:10:a4:99:
59:1a:59:43:4a:ef:4d:88:21:a7:fd:2f:4a:62:e5:bf:13:64:
19:e7:b6:2a:a9:ba:8a:32:b5:7c:fc:c4:cc:e1:3d:51:b3:78:
38:94:75:99:cd:b8:de:68:22:99:64:c5:cc:05:ff:18:b4:8d:
48:dd:b4:2d:3e:0f:2e:de:64:4e:5f:f8:a5:77:a5:1c:b2:69:
25:34:18:be:54:c4:32:c2:a8:dc:4f:62:97:ca:bb:85:c9:3d:
ae:ad:8f:6c:f2:39:b7:cb:2b:93:91:61:dc:57:97:0d:7b:0a:
73:56:99:0e:3d:d6:87:a3:41:94:f3:80:06:e9:59:3f:67:9d:
1e:d5:86:ea:4b:b9:d1:0f:4d:0f:0b:68:32:ea:48:31:9e:1c:
2b:30:77:4b:ca:73:12:84:e1:11:ad:8a:c7:c2:09:6f:c2:1a:
e1:8f:b8:40:50:f2:9d:73:b9:66:79:b4:c2:4b:0e:61:80:ce:
31:d4:11:1b:75:07:d3:1c:9a:23:45:69:e1:da:63:ee:f5:2c:
74:e9:38:3c:d2:67:b8:f4:d9:6b:4d:7f:b1:e8:3c:13:9d:cd:
60:29:b6:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+q1OcehDEGns5TNeQUJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDFjZGFiYTMxNTU5ZGUxMmFiMTlkNzlmMWFlMmQyMThj
Mzc5ZjcwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhlNWI4NmJhMDc0YzA3NzYyNGViZWVlNTg0OTk1NzdiYjRlODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhFF1Mts9m3YlRoA+facUrBLf3kM
Bi6LmMSDdRZbnElfzYC3Xo1LYQKsbc0ldKAwI8UF0vCtKhdSicO3/vnUiT7xknsO
U9Diz3Fw7NwfV69S9Y8NjW/grygHEr4ZVdY+pExcFlmrz4VnIPWOeTeDoam+IKiT
6qMoRe1HHsS9fDRA8xh46AJWIn3674aA8mSweJf6VET+O3almvXQBcJP5tk9qliS
wghAHptM49RKq/5hvOTycp/jT1aMdNS5Sdoxju3ocBl8foQSsHR5wFNbRW90/kiE
SZba9AgE9XS/ymHVMwk06sKjdDn+8bkGMC64RX2cXb7fu/Z2/feORHmlowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFByOW4a6B0wHdiTr7uWEmVd7tOhTMB8GA1UdIwQY
MBaAFDXRzaujFVneEqsZ158a4tIYw3n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAt
M2ZmOTI2MDg1NTI3LzEvSEk1Ymhyb0hUQWQySk92dTVZU1pWM3UwNkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAtM2ZmOTI2MDg1NTI3
LzEvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8aNAwQA
W8aTAwQAW8aeAwQAW8anAwQCuWQgAwQCucqAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
m0fol6RzAN2iZqOV8LzbswJRFVf1YqWUJkEHxsf3JXQQpJlZGllDSu9NiCGn/S9K
YuW/E2QZ57YqqbqKMrV8/MTM4T1Rs3g4lHWZzbjeaCKZZMXMBf8YtI1I3bQtPg8u
3mROX/ild6UcsmklNBi+VMQywqjcT2KXyruFyT2urY9s8jm3yyuTkWHcV5cNewpz
VpkOPdaHo0GU84AG6Vk/Z50e1YbqS7nRD00PC2gy6kgxnhwrMHdLynMShOERrYrH
wglvwhrhj7hAUPKdc7lmebTCSw5hgM4x1BEbdQfTHJojRWnh2mPu9Sx06Tg80me4
9NlrTX+x6DwTnc1gKbY6
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:56:58 2025 by rpki-client