Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/lMtd9Et7sCIMnXubrUAx71SKNrE.roa
File: lMtd9Et7sCIMnXubrUAx71SKNrE.roa (raw, json)
Hash identifier: m1edH+G4XaQspTL3esib0CDSyQxr91JPxRsi1poYwKA=
Subject key identifier: 94:CB:5D:F4:4B:7B:B0:22:0C:9D:7B:9B:AD:40:31:EF:54:8A:36:B1
Certificate issuer: /CN=23f8c999b30ce248e6c468c784d64d72f963e938
Certificate serial: 0194252149E4817B4B61D18B80A0874AADA2
Authority key identifier: 23:F8:C9:99:B3:0C:E2:48:E6:C4:68:C7:84:D6:4D:72:F9:63:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/lMtd9Et7sCIMnXubrUAx71SKNrE.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198948
IP address blocks: 91.239.248.0/22 maxlen: 24
178.218.193.0/24 maxlen: 24
185.129.112.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:49:e4:81:7b:4b:61:d1:8b:80:a0:87:4a:ad:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f8c999b30ce248e6c468c784d64d72f963e938
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94cb5df44b7bb0220c9d7b9bad4031ef548a36b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cc:a3:2f:9f:bc:d5:00:ec:dc:cb:cf:a9:ec:
72:05:6b:c7:33:59:a4:32:57:b5:f3:24:92:d2:de:
1b:07:59:2c:89:e5:0d:30:90:f8:a3:91:b9:46:e8:
34:ef:1a:56:bb:06:a2:b8:00:0e:05:5c:0c:50:db:
54:2e:bf:2f:c6:d7:1e:ab:69:34:d9:61:c2:fc:ee:
e1:e4:6e:7e:d5:4b:31:62:c2:b2:35:c1:7a:8d:b7:
d8:a6:fb:27:e2:55:24:3d:9d:c5:d6:52:fb:d7:d7:
40:d9:17:bd:60:f2:46:08:ff:ad:1d:8f:f5:6f:0d:
e2:8d:4d:c7:ec:0b:be:fe:f6:6b:0c:ef:a3:08:8c:
1e:ed:98:d0:dc:d7:f7:7e:66:eb:7b:94:b2:98:e4:
3a:6e:ea:a8:4a:3a:e3:37:aa:f1:fa:37:4f:bb:10:
46:1b:f9:35:e9:f2:2f:8b:42:45:8d:85:a2:ec:71:
77:d6:b9:b7:22:49:b5:5a:18:52:c8:25:1a:ec:a7:
21:7d:53:c0:9d:7a:c6:b0:ad:94:11:37:72:49:9c:
a9:91:b4:40:b5:65:c6:59:b0:27:1b:33:6d:73:2a:
b9:6c:2d:a8:38:7a:2f:2d:b6:86:a1:b1:ea:f7:d3:
dc:8a:c0:cb:69:7c:bc:ce:0b:23:e1:63:80:ae:68:
25:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CB:5D:F4:4B:7B:B0:22:0C:9D:7B:9B:AD:40:31:EF:54:8A:36:B1
X509v3 Authority Key Identifier:
keyid:23:F8:C9:99:B3:0C:E2:48:E6:C4:68:C7:84:D6:4D:72:F9:63:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/lMtd9Et7sCIMnXubrUAx71SKNrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/853218-ac6e-4f9c-a959-3df549a06d5b/1/I_jJmbMM4kjmxGjHhNZNcvlj6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.248.0/22
178.218.193.0/24
185.129.112.0/22
Signature Algorithm: sha256WithRSAEncryption
21:91:fd:6c:30:59:f7:a7:0d:c0:1a:fd:3e:ab:4c:79:2a:a1:
4e:e0:9a:e7:65:19:91:b7:13:b1:5f:8f:69:51:10:1c:3d:db:
71:f5:ab:b6:db:8c:e3:1f:3b:92:3f:a0:72:6c:3c:97:f7:ec:
1d:88:95:a1:33:fc:6b:d7:35:e3:dd:ef:54:68:f1:d9:de:3b:
b4:80:94:f9:ed:d8:02:85:5e:3a:8c:59:25:5a:ff:23:cd:1e:
43:f9:b7:b5:63:5a:09:dd:7c:30:34:07:5a:83:12:63:7c:70:
80:cb:ec:32:d1:4c:40:5b:46:47:01:0d:e1:1a:b6:0e:27:69:
bb:b2:8e:39:46:b2:2d:f9:0e:fb:63:43:e9:fd:2b:96:89:46:
c8:f7:22:46:71:0a:e8:2a:f4:0b:ad:23:d6:20:b2:b2:3f:c5:
79:05:bf:0e:6a:e4:9d:ce:0f:bd:30:5b:1b:4d:62:42:58:24:
14:42:9d:a0:a1:57:19:45:6d:88:2a:46:ea:01:32:a6:ee:70:
36:7a:99:b2:17:86:f7:21:3b:d4:d6:c9:c9:40:68:72:24:16:
ba:f9:c2:f7:1f:00:2d:c4:aa:69:76:13:a6:40:33:d8:00:49:
7b:b7:da:3a:5d:4d:6b:0b:4b:e7:68:50:96:08:e3:37:e3:35:
40:f8:86:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIUnkgXtLYdGLgKCHSq2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjhjOTk5YjMwY2UyNDhlNmM0NjhjNzg0ZDY0ZDcyZjk2
M2U5MzgwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNiNWRmNDRiN2JiMDIyMGM5ZDdiOWJhZDQwMzFlZjU0OGEzNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscyjL5+81QDs3MvPqexyBWvHM1mk
Mle18ySS0t4bB1ksieUNMJD4o5G5Rug07xpWuwaiuAAOBVwMUNtULr8vxtceq2k0
2WHC/O7h5G5+1UsxYsKyNcF6jbfYpvsn4lUkPZ3F1lL719dA2Re9YPJGCP+tHY/1
bw3ijU3H7Au+/vZrDO+jCIwe7ZjQ3Nf3fmbre5SymOQ6buqoSjrjN6rx+jdPuxBG
G/k16fIvi0JFjYWi7HF31rm3Ikm1WhhSyCUa7KchfVPAnXrGsK2UETdySZypkbRA
tWXGWbAnGzNtcyq5bC2oOHovLbaGobHq99PcisDLaXy8zgsj4WOArmglWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJTLXfRLe7AiDJ17m61AMe9UijaxMB8GA1UdIwQY
MBaAFCP4yZmzDOJI5sRox4TWTXL5Y+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9qSm1iTU00a2pteEdqSGhOWk5jdmxqNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84NTMyMTgtYWM2ZS00ZjljLWE5NTkt
M2RmNTQ5YTA2ZDViLzEvbE10ZDlFdDdzQ0lNblh1YnJVQXg3MVNLTnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84NTMyMTgtYWM2ZS00ZjljLWE5NTktM2RmNTQ5YTA2ZDVi
LzEvSV9qSm1iTU00a2pteEdqSGhOWk5jdmxqNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+/4AwQA
strBAwQCuYFwMA0GCSqGSIb3DQEBCwUAA4IBAQAhkf1sMFn3pw3AGv0+q0x5KqFO
4JrnZRmRtxOxX49pURAcPdtx9au224zjHzuSP6BybDyX9+wdiJWhM/xr1zXj3e9U
aPHZ3ju0gJT57dgChV46jFklWv8jzR5D+be1Y1oJ3XwwNAdagxJjfHCAy+wy0UxA
W0ZHAQ3hGrYOJ2m7so45RrIt+Q77Y0Pp/SuWiUbI9yJGcQroKvQLrSPWILKyP8V5
Bb8OauSdzg+9MFsbTWJCWCQUQp2goVcZRW2IKkbqATKm7nA2epmyF4b3ITvU1snJ
QGhyJBa6+cL3HwAtxKppdhOmQDPYAEl7t9o6XU1rC0vnaFCWCOM34zVA+IZW
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:38:44 2025 by rpki-client