Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/MIW8OPxvmMYCyg8uVd5d1waRYaw.roa
File: MIW8OPxvmMYCyg8uVd5d1waRYaw.roa (raw, json)
Hash identifier: wVmZOjUw0dfWDKll8B0zY8od3oDZ40RulCQ3hTtaIiA=
Subject key identifier: 30:85:BC:38:FC:6F:98:C6:02:CA:0F:2E:55:DE:5D:D7:06:91:61:AC
Certificate issuer: /CN=b3ba47605cf367626263e57f16d0d87916ceddc8
Certificate serial: 0194282735AC1C3379A95F222810357BBE86
Authority key identifier: B3:BA:47:60:5C:F3:67:62:62:63:E5:7F:16:D0:D8:79:16:CE:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/MIW8OPxvmMYCyg8uVd5d1waRYaw.roa
Signing time: Thu 02 Jan 2025 17:54:05 +0000
ROA not before: Thu 02 Jan 2025 17:54:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5413
IP address blocks: 91.220.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:35:ac:1c:33:79:a9:5f:22:28:10:35:7b:be:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ba47605cf367626263e57f16d0d87916ceddc8
Validity
Not Before: Jan 2 17:54:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3085bc38fc6f98c602ca0f2e55de5dd7069161ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:60:6a:da:97:55:58:d9:f0:e2:6f:5e:eb:a3:
8f:16:1f:6e:73:2a:54:15:4d:02:19:19:4b:cf:38:
1c:5b:cf:1b:fa:9a:b6:30:db:8c:5d:db:d5:42:f8:
8a:03:c9:ba:be:a3:88:d0:9e:2a:97:5b:6c:9a:00:
a3:b8:91:69:f5:c3:ad:30:ab:15:72:50:d8:a9:67:
6c:a6:98:6f:c7:9e:6c:32:57:87:01:fb:e8:ca:34:
64:37:89:0d:b5:03:cb:1d:a8:24:9a:0f:3c:8e:53:
f2:f0:52:c2:fc:ae:9a:16:b9:2b:03:b6:0c:df:e2:
71:ab:68:f4:c6:87:fb:3a:e6:f0:f0:17:18:a5:d9:
91:44:e2:36:e6:46:91:ee:74:79:b3:70:63:ee:2a:
48:9e:ca:0d:79:cb:3d:5d:4c:3c:d9:9c:cc:5a:98:
73:a6:a6:2c:59:17:33:7b:e6:8d:ed:19:13:45:fd:
6f:6f:66:61:59:c1:01:9d:d2:0c:73:82:80:05:ca:
29:91:1c:5e:e4:27:4d:0c:6b:f6:2e:c4:14:46:aa:
7d:27:2e:70:30:80:b0:57:1f:63:c2:4b:b5:7e:e5:
4c:de:90:3b:bd:c1:0c:25:0f:0f:c4:6c:42:5b:da:
dd:e2:54:48:79:8c:a8:1a:a9:a0:19:4d:32:10:f4:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:85:BC:38:FC:6F:98:C6:02:CA:0F:2E:55:DE:5D:D7:06:91:61:AC
X509v3 Authority Key Identifier:
keyid:B3:BA:47:60:5C:F3:67:62:62:63:E5:7F:16:D0:D8:79:16:CE:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/MIW8OPxvmMYCyg8uVd5d1waRYaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.141.0/24
Signature Algorithm: sha256WithRSAEncryption
65:85:21:e8:cb:73:29:6e:c6:ea:33:11:57:f4:f2:a8:8d:be:
63:40:cf:d5:59:90:a1:b1:4e:af:21:10:6e:7a:e1:91:6c:ce:
b8:4e:27:bc:dd:ea:4d:56:86:52:fc:6a:80:7c:2d:7b:66:92:
6a:b3:85:1c:39:c0:91:3d:d9:cf:98:91:bf:17:e2:68:e6:03:
4e:ac:c9:79:2b:dc:85:3f:aa:2b:64:0b:d8:d7:d8:08:5d:a4:
22:2a:10:b3:7c:27:3c:11:da:4b:6e:7a:64:35:13:54:99:ba:
8f:60:f3:e2:f4:43:a5:ef:23:50:51:84:cf:0d:56:e6:2c:1a:
da:5e:41:bf:fc:b0:78:e2:18:08:79:84:ee:ca:0d:2d:b5:ff:
d8:ba:37:1e:4e:a3:f2:9e:5f:63:8f:5e:c9:55:98:1b:88:05:
32:9c:5a:e4:8b:aa:b9:c0:73:26:93:f9:b0:97:e4:6f:2e:7a:
4d:bd:38:f6:2c:53:04:d5:33:fe:79:a9:b9:f5:70:25:57:63:
70:d5:4a:73:76:43:19:1d:a3:21:38:6b:af:a9:da:a0:3f:1f:
59:7b:53:de:1d:33:02:aa:fb:ea:51:82:ce:02:bd:af:92:cd:
45:00:bf:80:29:9f:ef:00:37:dd:de:bc:53:78:9b:9b:da:ed:
19:85:86:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJzWsHDN5qV8iKBA1e76GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYmE0NzYwNWNmMzY3NjI2MjYzZTU3ZjE2ZDBkODc5MTZj
ZWRkYzgwHhcNMjUwMTAyMTc1NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDg1YmMzOGZjNmY5OGM2MDJjYTBmMmU1NWRlNWRkNzA2OTE2MWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmBq2pdVWNnw4m9e66OPFh9ucypU
FU0CGRlLzzgcW88b+pq2MNuMXdvVQviKA8m6vqOI0J4ql1tsmgCjuJFp9cOtMKsV
clDYqWdspphvx55sMleHAfvoyjRkN4kNtQPLHagkmg88jlPy8FLC/K6aFrkrA7YM
3+Jxq2j0xof7Oubw8BcYpdmRROI25kaR7nR5s3Bj7ipInsoNecs9XUw82ZzMWphz
pqYsWRcze+aN7RkTRf1vb2ZhWcEBndIMc4KABcopkRxe5CdNDGv2LsQURqp9Jy5w
MICwVx9jwku1fuVM3pA7vcEMJQ8PxGxCW9rd4lRIeYyoGqmgGU0yEPTeyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCFvDj8b5jGAsoPLlXeXdcGkWGsMB8GA1UdIwQY
MBaAFLO6R2Bc82diYmPlfxbQ2HkWzt3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdwSFlGenpaMkppWS1WX0Z0RFllUmJPM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zZGZjMTQtZTZhYi00OGNhLTk2MTMt
NDk1YTUwMWM2OTk4LzEvTUlXOE9QeHZtTVlDeWc4dVZkNWQxd2FSWWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zZGZjMTQtZTZhYi00OGNhLTk2MTMtNDk1YTUwMWM2OTk4
LzEvczdwSFlGenpaMkppWS1WX0Z0RFllUmJPM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yNMA0G
CSqGSIb3DQEBCwUAA4IBAQBlhSHoy3MpbsbqMxFX9PKojb5jQM/VWZChsU6vIRBu
euGRbM64Tie83epNVoZS/GqAfC17ZpJqs4UcOcCRPdnPmJG/F+Jo5gNOrMl5K9yF
P6orZAvY19gIXaQiKhCzfCc8EdpLbnpkNRNUmbqPYPPi9EOl7yNQUYTPDVbmLBra
XkG//LB44hgIeYTuyg0ttf/YujceTqPynl9jj17JVZgbiAUynFrki6q5wHMmk/mw
l+RvLnpNvTj2LFME1TP+eam59XAlV2Nw1UpzdkMZHaMhOGuvqdqgPx9Ze1PeHTMC
qvvqUYLOAr2vks1FAL+AKZ/vADfd3rxTeJub2u0ZhYZn
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:49:01 2025 by rpki-client