Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/139ff2-f5d0-49be-910b-b5c945a0ca16/1/ieLSuIB6mXBKJCQeWp_N4zpRwwc.roa
File: ieLSuIB6mXBKJCQeWp_N4zpRwwc.roa (raw, json)
Hash identifier: nbmCndcHBfvvgTeoIuhU4ac4+KNWQuh73nRAwrBR57A=
Subject key identifier: 89:E2:D2:B8:80:7A:99:70:4A:24:24:1E:5A:9F:CD:E3:3A:51:C3:07
Certificate issuer: /CN=319b679c14681089f2d07786df04f779d741c11a
Certificate serial: 019424B2DFF45004136EAB86DDFC3417BEFA
Authority key identifier: 31:9B:67:9C:14:68:10:89:F2:D0:77:86:DF:04:F7:79:D7:41:C1:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZtnnBRoEIny0HeG3wT3eddBwRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/139ff2-f5d0-49be-910b-b5c945a0ca16/1/ieLSuIB6mXBKJCQeWp_N4zpRwwc.roa
Signing time: Thu 02 Jan 2025 01:48:10 +0000
ROA not before: Thu 02 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197536
IP address blocks: 91.223.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:df:f4:50:04:13:6e:ab:86:dd:fc:34:17:be:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=319b679c14681089f2d07786df04f779d741c11a
Validity
Not Before: Jan 2 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89e2d2b8807a99704a24241e5a9fcde33a51c307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:1a:45:dc:49:e8:ff:5a:e3:c6:9d:9c:df:
c8:49:2b:d9:f3:f1:ab:78:3c:76:65:86:6d:fe:6d:
fa:30:4e:ec:c8:3f:b0:b1:0d:ea:6b:03:69:d6:84:
b8:c8:8b:ef:a7:5a:78:69:ed:75:fb:66:15:ee:9e:
ce:4c:9b:ba:dc:e2:0f:8c:cf:1e:56:55:9d:b7:2e:
30:a2:c7:9f:fa:fd:23:72:52:e9:f3:f4:7b:fa:59:
76:22:d5:3e:73:4f:4c:4f:65:6b:1a:4d:05:32:e5:
6a:f8:59:fb:ce:0b:49:96:4a:42:95:06:4e:c4:54:
26:b3:74:ea:5f:18:14:37:01:44:47:10:c0:66:68:
90:ce:10:10:78:85:53:09:d7:6a:00:f8:f5:16:e4:
9b:86:d6:79:33:d0:eb:55:4b:ca:49:4c:ef:d7:c7:
51:52:e2:ec:3c:07:8b:dd:84:5f:d6:76:3d:fa:6f:
08:f7:3f:0c:bd:b7:92:a8:8e:04:c8:54:c2:62:10:
67:81:50:e1:3b:d1:28:20:79:16:a4:ae:07:36:1a:
3b:7f:a5:ea:6b:c2:0f:ef:69:dc:7c:63:bf:fb:f9:
ac:de:00:48:a4:9e:d1:33:29:4f:87:d6:21:7b:6a:
09:7d:29:57:8d:6e:8a:36:72:4f:f3:5f:e2:38:ad:
62:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E2:D2:B8:80:7A:99:70:4A:24:24:1E:5A:9F:CD:E3:3A:51:C3:07
X509v3 Authority Key Identifier:
keyid:31:9B:67:9C:14:68:10:89:F2:D0:77:86:DF:04:F7:79:D7:41:C1:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZtnnBRoEIny0HeG3wT3eddBwRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/139ff2-f5d0-49be-910b-b5c945a0ca16/1/ieLSuIB6mXBKJCQeWp_N4zpRwwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/139ff2-f5d0-49be-910b-b5c945a0ca16/1/MZtnnBRoEIny0HeG3wT3eddBwRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.39.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6f:52:6e:ca:f3:31:19:db:bb:1a:22:d8:46:95:b5:3f:fd:
3e:b4:07:f5:27:3f:fc:ec:1e:8b:dd:b1:3a:79:f6:90:80:fe:
b3:a2:75:ad:17:6b:91:76:34:39:ae:9f:89:71:44:07:61:e8:
30:d8:56:a9:eb:82:37:b6:37:f0:55:75:02:7b:d4:65:ff:64:
91:77:80:7a:3c:42:5f:94:ae:db:c3:61:56:b4:14:be:ce:5b:
5b:70:20:a5:18:06:cf:fc:da:53:1b:a3:e8:94:dd:a2:06:44:
f3:ca:91:3d:a1:ff:c2:65:64:76:43:96:98:62:dc:c8:b8:fa:
08:67:c6:0a:a7:db:06:30:6b:19:49:30:6b:29:df:ac:6a:fd:
18:06:fe:90:1b:f1:53:7f:ce:63:93:38:5e:e3:99:88:66:fc:
c2:da:73:c4:18:ad:67:5b:05:82:60:19:63:1c:c0:56:3f:53:
d2:cf:6b:2a:cf:83:38:49:ab:17:1f:c6:84:e8:9e:99:3d:03:
84:23:09:fa:ec:23:8f:1c:7a:62:2a:40:8f:b5:d2:95:ef:44:
d6:51:92:44:4b:40:af:2b:7a:46:7b:3e:fe:7f:13:1a:9e:f1:
cb:d0:53:7a:84:57:e4:62:2e:63:ed:65:e8:8b:51:2d:e2:04:
67:d0:69:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkst/0UAQTbquG3fw0F776MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOWI2NzljMTQ2ODEwODlmMmQwNzc4NmRmMDRmNzc5ZDc0
MWMxMWEwHhcNMjUwMTAyMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUyZDJiODgwN2E5OTcwNGEyNDI0MWU1YTlmY2RlMzNhNTFjMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySIaRdxJ6P9a48adnN/ISSvZ8/Gr
eDx2ZYZt/m36ME7syD+wsQ3qawNp1oS4yIvvp1p4ae11+2YV7p7OTJu63OIPjM8e
VlWdty4wosef+v0jclLp8/R7+ll2ItU+c09MT2VrGk0FMuVq+Fn7zgtJlkpClQZO
xFQms3TqXxgUNwFERxDAZmiQzhAQeIVTCddqAPj1FuSbhtZ5M9DrVUvKSUzv18dR
UuLsPAeL3YRf1nY9+m8I9z8MvbeSqI4EyFTCYhBngVDhO9EoIHkWpK4HNho7f6Xq
a8IP72ncfGO/+/ms3gBIpJ7RMylPh9Yhe2oJfSlXjW6KNnJP81/iOK1iFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIni0riAeplwSiQkHlqfzeM6UcMHMB8GA1UdIwQY
MBaAFDGbZ5wUaBCJ8tB3ht8E93nXQcEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVp0bm5CUm9FSW55MEhlRzN3VDNlZGRCd1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xMzlmZjItZjVkMC00OWJlLTkxMGIt
YjVjOTQ1YTBjYTE2LzEvaWVMU3VJQjZtWEJLSkNRZVdwX040enBSd3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xMzlmZjItZjVkMC00OWJlLTkxMGItYjVjOTQ1YTBjYTE2
LzEvTVp0bm5CUm9FSW55MEhlRzN3VDNlZGRCd1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98nMA0G
CSqGSIb3DQEBCwUAA4IBAQCJb1JuyvMxGdu7GiLYRpW1P/0+tAf1Jz/87B6L3bE6
efaQgP6zonWtF2uRdjQ5rp+JcUQHYegw2Fap64I3tjfwVXUCe9Rl/2SRd4B6PEJf
lK7bw2FWtBS+zltbcCClGAbP/NpTG6PolN2iBkTzypE9of/CZWR2Q5aYYtzIuPoI
Z8YKp9sGMGsZSTBrKd+sav0YBv6QG/FTf85jkzhe45mIZvzC2nPEGK1nWwWCYBlj
HMBWP1PSz2sqz4M4SasXH8aE6J6ZPQOEIwn67COPHHpiKkCPtdKV70TWUZJES0Cv
K3pGez7+fxManvHL0FN6hFfkYi5j7WXoi1Et4gRn0GnG
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:37:41 2025 by rpki-client