Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/k2mbzTYpqu-vVJrS8eVrfjvKL6U.roa
File: k2mbzTYpqu-vVJrS8eVrfjvKL6U.roa (raw, json)
Hash identifier: q1LZnQ/M/m1mtPJpKlXgR+S06Cq8uIHatKNRuGYjFtk=
Subject key identifier: 93:69:9B:CD:36:29:AA:EF:AF:54:9A:D2:F1:E5:6B:7E:3B:CA:2F:A5
Certificate issuer: /CN=d55d3921850a5fff07eca260a36ef92101f2d85c
Certificate serial: 0194228DFDD5B9A80D14E85C66F1239BE251
Authority key identifier: D5:5D:39:21:85:0A:5F:FF:07:EC:A2:60:A3:6E:F9:21:01:F2:D8:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1V05IYUKX_8H7KJgo275IQHy2Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/k2mbzTYpqu-vVJrS8eVrfjvKL6U.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44730
IP address blocks: 91.213.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fd:d5:b9:a8:0d:14:e8:5c:66:f1:23:9b:e2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d55d3921850a5fff07eca260a36ef92101f2d85c
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93699bcd3629aaefaf549ad2f1e56b7e3bca2fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b7:07:5d:42:d9:80:3d:1e:25:34:c5:26:4a:
bf:03:bb:9b:76:9a:a6:04:b8:e3:b8:3a:a9:90:e2:
f3:20:91:e3:3c:10:cf:01:4f:d2:30:65:6a:d4:7a:
6b:06:b2:11:5a:4a:13:43:b0:67:9b:be:fb:64:ca:
aa:77:ca:1e:81:bb:a4:90:9f:70:80:1b:3d:49:a4:
c6:03:15:72:86:2e:82:a1:f8:db:3d:e3:62:a7:a5:
de:e0:7b:e4:af:5e:5e:a3:e0:0d:e4:ec:3f:81:86:
cf:91:37:4f:58:d7:89:f3:c7:a3:de:99:39:a6:9b:
d8:9c:4c:b9:a5:26:54:b9:e5:fa:9a:60:c6:ba:7b:
e0:d8:69:94:1d:ff:9d:ec:fd:4d:91:92:13:00:41:
11:6e:31:62:9e:27:28:b8:8e:86:7b:16:c5:03:4c:
38:8d:43:13:0c:79:5f:18:90:5b:4b:5a:56:bf:3d:
bc:c4:6d:ee:f8:5c:4e:95:44:83:6d:bb:c6:5f:0b:
0a:5c:55:fc:7d:5e:80:2d:fc:e3:8a:f5:7f:25:87:
e2:2e:29:57:24:00:a4:cd:d1:d4:8b:be:64:40:aa:
b6:9e:65:a2:d6:07:c5:8a:65:bd:d9:f6:90:8e:e8:
62:f3:fd:28:d1:62:9a:c2:0c:44:9e:57:e1:92:35:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:69:9B:CD:36:29:AA:EF:AF:54:9A:D2:F1:E5:6B:7E:3B:CA:2F:A5
X509v3 Authority Key Identifier:
keyid:D5:5D:39:21:85:0A:5F:FF:07:EC:A2:60:A3:6E:F9:21:01:F2:D8:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1V05IYUKX_8H7KJgo275IQHy2Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/k2mbzTYpqu-vVJrS8eVrfjvKL6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/1V05IYUKX_8H7KJgo275IQHy2Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.241.0/24
Signature Algorithm: sha256WithRSAEncryption
38:07:06:76:15:9b:4f:70:ce:e4:11:3d:b4:89:58:a7:a5:5f:
a0:6d:c8:51:48:a2:fa:b8:2c:0d:2b:1e:ab:59:e6:5f:81:7b:
be:f2:64:60:8a:d2:8a:39:f3:91:88:cf:16:69:ad:ec:02:71:
d8:a9:c2:b6:0b:2c:9a:b6:73:95:fb:fe:61:d0:01:2b:5a:65:
65:76:27:35:7f:4b:6d:ec:11:ff:e1:3f:2d:e0:c0:64:70:f4:
20:0b:31:ee:4b:43:3f:cf:a2:d9:47:7a:bf:a3:90:c0:0c:84:
eb:93:62:1e:44:36:a6:2f:02:ef:3f:96:f4:0d:34:81:ae:e6:
13:f4:96:d6:f9:f1:60:d8:bd:20:42:cc:1b:99:c5:aa:02:21:
66:d4:3c:0b:62:ac:77:46:75:27:49:61:6d:0e:13:27:a0:9c:
40:2d:06:c0:56:55:c2:45:39:02:8c:ea:4b:45:69:2e:ac:98:
21:47:e5:c9:f0:a6:da:21:a1:81:17:ce:40:5b:ca:79:1c:51:
aa:08:62:eb:7d:2a:60:3a:aa:f3:80:9d:dd:fa:9c:90:28:b7:
a5:07:69:bc:33:4b:77:89:b7:ad:e5:91:f9:fc:50:cc:f8:f2:
63:ec:34:ec:cc:47:a6:5e:52:d8:0f:b7:c7:a7:64:ac:e2:24:
f2:b0:67:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijf3VuagNFOhcZvEjm+JRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NWQzOTIxODUwYTVmZmYwN2VjYTI2MGEzNmVmOTIxMDFm
MmQ4NWMwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY5OWJjZDM2MjlhYWVmYWY1NDlhZDJmMWU1NmI3ZTNiY2EyZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rcHXULZgD0eJTTFJkq/A7ubdpqm
BLjjuDqpkOLzIJHjPBDPAU/SMGVq1HprBrIRWkoTQ7Bnm777ZMqqd8oegbukkJ9w
gBs9SaTGAxVyhi6CofjbPeNip6Xe4Hvkr15eo+AN5Ow/gYbPkTdPWNeJ88ej3pk5
ppvYnEy5pSZUueX6mmDGunvg2GmUHf+d7P1NkZITAEERbjFinicouI6GexbFA0w4
jUMTDHlfGJBbS1pWvz28xG3u+FxOlUSDbbvGXwsKXFX8fV6ALfzjivV/JYfiLilX
JACkzdHUi75kQKq2nmWi1gfFimW92faQjuhi8/0o0WKawgxEnlfhkjXszQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNpm802Karvr1Sa0vHla347yi+lMB8GA1UdIwQY
MBaAFNVdOSGFCl//B+yiYKNu+SEB8thcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVYwNUlZVUtYXzhIN0tKZ28yNzVJUUh5MkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kZDEzMzEtNjIyYS00ODQ4LWIzNDAt
ZDMxNjNlOWIwMTM2LzEvazJtYnpUWXBxdS12VkpyUzhlVnJmanZLTDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kZDEzMzEtNjIyYS00ODQ4LWIzNDAtZDMxNjNlOWIwMTM2
LzEvMVYwNUlZVUtYXzhIN0tKZ28yNzVJUUh5MkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XxMA0G
CSqGSIb3DQEBCwUAA4IBAQA4BwZ2FZtPcM7kET20iVinpV+gbchRSKL6uCwNKx6r
WeZfgXu+8mRgitKKOfORiM8Waa3sAnHYqcK2CyyatnOV+/5h0AErWmVldic1f0tt
7BH/4T8t4MBkcPQgCzHuS0M/z6LZR3q/o5DADITrk2IeRDamLwLvP5b0DTSBruYT
9JbW+fFg2L0gQswbmcWqAiFm1DwLYqx3RnUnSWFtDhMnoJxALQbAVlXCRTkCjOpL
RWkurJghR+XJ8KbaIaGBF85AW8p5HFGqCGLrfSpgOqrzgJ3d+pyQKLelB2m8M0t3
ibet5ZH5/FDM+PJj7DTszEemXlLYD7fHp2Ss4iTysGf1
-----END CERTIFICATE-----
Generated at Fri Apr 25 20:57:35 2025 by rpki-client