Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/mJjYnvCF0aJWwcOO87dJLulTej8.roa
File: mJjYnvCF0aJWwcOO87dJLulTej8.roa (raw, json)
Hash identifier: cyYF0//qn6HDiGNvk9163fm1e6ldk0sS9GYuhZI3HqU=
Subject key identifier: 98:98:D8:9E:F0:85:D1:A2:56:C1:C3:8E:F3:B7:49:2E:E9:53:7A:3F
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 0194258FA5BB9DF919C8A80F7264479D6A9B
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/mJjYnvCF0aJWwcOO87dJLulTej8.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.208.0/24 maxlen: 24
91.188.208.80/28 maxlen: 28
91.188.209.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:2::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a5:bb:9d:f9:19:c8:a8:0f:72:64:47:9d:6a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9898d89ef085d1a256c1c38ef3b7492ee9537a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:4c:44:73:cf:b2:f5:79:de:10:a0:84:0a:
95:75:50:35:d2:70:3d:d3:cd:7f:11:85:08:d9:0a:
50:5a:7d:61:75:fc:e4:62:42:2b:b4:55:22:df:01:
db:28:41:ff:c7:52:67:db:c5:0e:50:95:72:ae:31:
ff:40:39:b5:09:cf:52:1d:70:2f:5f:93:52:f3:5c:
d9:ba:af:0f:1d:3d:9b:d8:4e:71:62:fd:b2:02:fd:
cd:27:e8:57:0b:b8:3a:6a:a3:6d:77:06:13:fb:52:
dc:77:4c:79:4f:08:d8:fb:63:b0:9d:ae:2f:10:4b:
f2:5a:2f:69:f7:0b:1e:69:40:44:00:16:c9:0a:cc:
3b:78:d0:89:5b:c1:ee:b2:6b:c9:37:c4:09:1c:31:
f5:d4:7d:a4:03:06:53:62:9c:c3:fc:10:6d:d3:42:
ea:64:7d:4d:b5:d8:4b:9b:cb:93:34:e6:22:73:2b:
10:50:8b:d2:8a:35:54:71:2d:0e:90:17:a6:9d:2d:
06:39:30:83:4f:02:ef:7f:fa:46:45:c6:1a:c1:d7:
64:9f:61:3a:b8:3f:1c:e2:89:78:16:93:36:52:f6:
75:bd:2a:8a:75:6f:3b:a8:36:83:6f:b4:3f:3c:f9:
f2:9f:8b:9c:77:88:37:c7:56:1f:90:34:a8:d7:85:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:98:D8:9E:F0:85:D1:A2:56:C1:C3:8E:F3:B7:49:2E:E9:53:7A:3F
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/mJjYnvCF0aJWwcOO87dJLulTej8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:da:47:d8:2f:d2:3c:76:13:7c:3d:0e:0f:6b:1d:08:3b:65:
bf:a8:d5:0e:68:11:48:88:a8:b5:27:05:7c:f7:18:1e:04:23:
2e:27:15:0f:61:25:66:9a:eb:ea:5f:a2:85:09:05:a2:c2:cd:
f0:66:92:09:16:d7:42:c6:e3:de:15:dc:94:ff:04:af:1c:6a:
f9:78:ee:7c:b2:93:85:3b:a1:c9:4d:e4:36:68:3c:8c:7c:fc:
c2:34:a0:21:8d:2d:02:4c:76:7b:70:7f:28:31:20:d9:fa:37:
c2:f3:55:3a:19:26:3e:e0:2b:72:a3:1f:e7:57:cf:c8:c9:96:
a0:e1:eb:b9:7a:5e:5c:b6:33:31:c2:0d:39:11:f6:04:9a:6d:
9f:5b:9a:8c:55:d9:95:ee:80:e5:79:11:a4:f4:be:e0:5c:14:
71:b6:fd:c9:79:0b:9f:53:e2:0c:e1:56:32:bc:e4:0e:62:7e:
5f:e1:66:4c:33:dc:72:52:a4:4c:da:7b:95:de:97:e5:c2:22:
1a:23:f6:d5:5e:3c:6a:66:ad:62:4a:13:e8:63:a5:ba:94:43:
89:08:21:27:12:5b:b1:36:39:94:6c:5a:d6:e1:1c:47:c8:6e:
50:31:92:91:d4:02:a1:30:07:ac:37:4b:de:e5:ad:4e:b4:f4:
bc:0c:af:c9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlj6W7nfkZyKgPcmRHnWqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk4ZDg5ZWYwODVkMWEyNTZjMWMzOGVmM2I3NDkyZWU5NTM3YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5VMRHPPsvV53hCghAqVdVA10nA9
081/EYUI2QpQWn1hdfzkYkIrtFUi3wHbKEH/x1Jn28UOUJVyrjH/QDm1Cc9SHXAv
X5NS81zZuq8PHT2b2E5xYv2yAv3NJ+hXC7g6aqNtdwYT+1Lcd0x5TwjY+2Owna4v
EEvyWi9p9wseaUBEABbJCsw7eNCJW8HusmvJN8QJHDH11H2kAwZTYpzD/BBt00Lq
ZH1NtdhLm8uTNOYicysQUIvSijVUcS0OkBemnS0GOTCDTwLvf/pGRcYawddkn2E6
uD8c4ol4FpM2UvZ1vSqKdW87qDaDb7Q/PPnyn4ucd4g3x1YfkDSo14VsGwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJiY2J7whdGiVsHDjvO3SS7pU3o/MB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvbUpqWW52Q0YwYUpXd2NPTzg3ZEpMdWxUZWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCW7zQMBgE
AgACMBIwEAMFBioPscADBwIqD7HCAAAwDQYJKoZIhvcNAQELBQADggEBAFbaR9gv
0jx2E3w9Dg9rHQg7Zb+o1Q5oEUiIqLUnBXz3GB4EIy4nFQ9hJWaa6+pfooUJBaLC
zfBmkgkW10LG494V3JT/BK8cavl47nyyk4U7oclN5DZoPIx8/MI0oCGNLQJMdntw
fygxINn6N8LzVToZJj7gK3KjH+dXz8jJlqDh67l6Xly2MzHCDTkR9gSabZ9bmoxV
2ZXugOV5EaT0vuBcFHG2/cl5C59T4gzhVjK85A5ifl/hZkwz3HJSpEzae5Xel+XC
Ihoj9tVePGpmrWJKE+hjpbqUQ4kIIScSW7E2OZRsWtbhHEfIblAxkpHUAqEwB6w3
S97lrU609LwMr8k=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:07:23 2025 by rpki-client