Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/LU2wM9TGgswbDaVAC7EYOoc8adc.roa
File: LU2wM9TGgswbDaVAC7EYOoc8adc.roa (raw, json)
Hash identifier: FJQef8LzUlZr/6t7pKymSSbea/LynqPKIkzKQaQbGPk=
Subject key identifier: 2D:4D:B0:33:D4:C6:82:CC:1B:0D:A5:40:0B:B1:18:3A:87:3C:69:D7
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 0183C229667476917507E1295E509A764FC6
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/LU2wM9TGgswbDaVAC7EYOoc8adc.roa
Signing time: Mon 10 Oct 2022 13:50:36 +0000
ROA not before: Mon 10 Oct 2022 13:50:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:29:66:74:76:91:75:07:e1:29:5e:50:9a:76:4f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Oct 10 13:50:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d4db033d4c682cc1b0da5400bb1183a873c69d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:ff:54:e0:b6:16:2f:a1:ee:eb:53:81:df:
52:7e:1c:eb:85:e3:df:b7:41:6c:fd:1a:a3:fd:8b:
b4:6e:16:8b:1a:75:44:a4:6c:8d:29:53:1a:0e:16:
c2:de:3d:dd:5f:30:9b:98:d6:98:27:80:4d:8c:43:
2e:8e:3d:60:aa:99:69:34:84:f9:79:05:8b:8f:8b:
22:ac:b6:8c:20:20:c9:63:d2:f6:36:6e:16:e0:cb:
8f:42:fe:af:1b:4f:a3:c5:43:40:2c:0d:6d:fc:61:
8f:4d:c4:0b:3d:01:a0:51:e8:3f:c9:2c:25:c0:37:
ed:56:01:5e:dc:27:a0:91:62:36:19:6b:20:95:63:
77:b6:bf:fb:d9:4b:83:fc:91:72:8e:b7:30:73:ec:
0e:c5:f7:10:c5:5a:0d:71:79:34:6d:93:3b:5c:58:
9a:c1:c7:96:44:63:a9:25:48:d1:9c:5b:18:6a:a3:
2b:33:ce:35:ca:9a:06:2a:ab:5b:4f:47:7b:c9:0f:
b6:cc:29:70:f2:12:40:39:05:50:9c:be:d5:07:df:
21:5d:f0:b6:74:78:d6:1d:f3:e2:40:68:ce:01:dd:
89:01:93:9d:15:80:b9:2e:74:b2:3e:8d:82:64:c3:
8f:a4:eb:a9:b6:65:7d:e2:56:23:e1:03:00:2c:72:
35:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4D:B0:33:D4:C6:82:CC:1B:0D:A5:40:0B:B1:18:3A:87:3C:69:D7
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/LU2wM9TGgswbDaVAC7EYOoc8adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.240.0/22
91.149.253.0/24
Signature Algorithm: sha256WithRSAEncryption
10:5a:84:d1:d4:e6:dd:e9:b0:26:13:e9:e5:c3:c3:c8:00:3f:
e5:2d:18:b0:82:3b:b0:3e:ac:ff:59:66:64:a0:49:6b:1c:67:
d5:05:fa:b7:a0:67:64:74:78:b6:49:f5:c9:ef:f9:32:ed:ee:
04:3b:8c:d5:52:51:61:62:4b:40:5a:64:52:72:66:f4:56:35:
eb:a8:35:33:0b:5c:e8:6c:76:f0:93:a4:f7:42:0e:34:00:8a:
da:cf:7e:ef:2b:5c:e2:1c:df:b6:5d:36:64:a7:e0:b0:d6:0b:
14:4b:9a:56:03:ac:52:3a:ae:67:7e:fa:5c:99:28:58:d3:df:
cf:92:88:b2:54:27:0c:f6:1a:f3:e8:0a:20:65:a9:34:9e:70:
75:57:8f:79:1d:75:d0:90:8c:25:1b:fc:84:b8:da:3e:80:01:
46:38:bd:22:a9:10:e8:6f:7d:d8:fc:27:a7:a6:f2:a0:2f:76:
b0:c1:bc:ea:05:bd:0c:c4:37:db:4d:61:f1:11:fe:f6:b3:62:
a2:34:25:02:71:25:2f:a2:b7:f7:09:82:34:91:31:d6:6d:be:
7b:e1:a6:2d:27:92:a6:ed:15:62:d0:c1:aa:f8:b6:e6:9e:41:
00:85:69:7e:66:b6:f1:8f:38:13:63:08:55:42:96:2d:09:0e:
bb:a1:0e:e2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPCKWZ0dpF1B+EpXlCadk/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIxMDEwMTM1MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRkYjAzM2Q0YzY4MmNjMWIwZGE1NDAwYmIxMTgzYTg3M2M2OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8z/VOC2Fi+h7utTgd9SfhzrhePf
t0Fs/Rqj/Yu0bhaLGnVEpGyNKVMaDhbC3j3dXzCbmNaYJ4BNjEMujj1gqplpNIT5
eQWLj4sirLaMICDJY9L2Nm4W4MuPQv6vG0+jxUNALA1t/GGPTcQLPQGgUeg/ySwl
wDftVgFe3CegkWI2GWsglWN3tr/72UuD/JFyjrcwc+wOxfcQxVoNcXk0bZM7XFia
wceWRGOpJUjRnFsYaqMrM841ypoGKqtbT0d7yQ+2zClw8hJAOQVQnL7VB98hXfC2
dHjWHfPiQGjOAd2JAZOdFYC5LnSyPo2CZMOPpOuptmV94lYj4QMALHI1NQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC1NsDPUxoLMGw2lQAuxGDqHPGnXMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvTFUyd005VEdnc3diRGFWQUM3RVlPb2M4YWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABbld0D
BAVblcADBAFblegDBAJblfADBABblf0wDQYJKoZIhvcNAQELBQADggEBABBahNHU
5t3psCYT6eXDw8gAP+UtGLCCO7A+rP9ZZmSgSWscZ9UF+regZ2R0eLZJ9cnv+TLt
7gQ7jNVSUWFiS0BaZFJyZvRWNeuoNTMLXOhsdvCTpPdCDjQAitrPfu8rXOIc37Zd
NmSn4LDWCxRLmlYDrFI6rmd++lyZKFjT38+SiLJUJwz2GvPoCiBlqTSecHVXj3kd
ddCQjCUb/IS42j6AAUY4vSKpEOhvfdj8J6em8qAvdrDBvOoFvQzEN9tNYfER/vaz
YqI0JQJxJS+it/cJgjSRMdZtvnvhpi0nkqbtFWLQwar4tuaeQQCFaX5mtvGPOBNj
CFVCli0JDruhDuI=
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:08:11 2025 by rpki-client