Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/qo2vOLLpvqAX5XPyfjQO2wLnHqA.roa
File: qo2vOLLpvqAX5XPyfjQO2wLnHqA.roa (raw, json)
Hash identifier: ngupliw7DsEh4VFD2q0dSrJhCE7Y9aSPjgmNKBH+xq4=
Subject key identifier: AA:8D:AF:38:B2:E9:BE:A0:17:E5:73:F2:7E:34:0E:DB:02:E7:1E:A0
Certificate issuer: /CN=97915ba80d3ed704524681488a72be991fa670dc
Certificate serial: 0194221FEA3C549A5455D02539875854B33F
Authority key identifier: 97:91:5B:A8:0D:3E:D7:04:52:46:81:48:8A:72:BE:99:1F:A6:70:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5FbqA0-1wRSRoFIinK-mR-mcNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/qo2vOLLpvqAX5XPyfjQO2wLnHqA.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 91.193.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ea:3c:54:9a:54:55:d0:25:39:87:58:54:b3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97915ba80d3ed704524681488a72be991fa670dc
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa8daf38b2e9bea017e573f27e340edb02e71ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:87:89:28:c8:f0:8a:88:03:fb:f9:98:7a:
b1:cb:3e:12:d1:45:3e:e8:62:51:59:54:dd:86:99:
3c:40:7e:e0:1c:b2:0c:89:a7:61:d9:5b:9d:5c:10:
c7:ef:26:d0:54:0e:10:a4:b4:8c:96:28:80:40:01:
e8:4d:c6:73:ef:88:e7:03:b9:33:ff:19:92:cb:f3:
2d:80:5c:ce:26:b2:a2:bd:55:c6:f1:02:7c:e1:3c:
27:b6:9a:7c:a8:35:cc:5d:c2:8e:98:44:bf:43:dd:
a1:f1:03:3c:79:91:cb:7c:e5:a5:57:c6:d4:34:2e:
de:48:97:fb:0f:7c:44:63:b7:ea:5e:50:dd:e0:79:
4f:27:7f:d6:09:00:5e:11:af:df:63:4a:fe:07:c6:
59:e0:cc:39:1a:52:da:4e:18:b4:3b:b4:bb:e8:e8:
21:46:c5:0f:4b:51:11:30:20:7a:d3:72:ad:32:07:
78:79:a8:93:48:53:72:23:68:1e:77:1e:ef:54:68:
b6:ce:c9:89:90:e6:56:92:42:bc:87:8c:6a:e6:22:
90:a1:2d:d8:ce:3b:0c:05:43:fe:1f:c6:59:d1:58:
b7:ac:b9:e0:b2:73:a5:b6:83:ab:b7:c5:b6:c6:3e:
8b:9b:04:97:21:1d:8b:59:40:fc:6a:62:86:02:86:
c5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8D:AF:38:B2:E9:BE:A0:17:E5:73:F2:7E:34:0E:DB:02:E7:1E:A0
X509v3 Authority Key Identifier:
keyid:97:91:5B:A8:0D:3E:D7:04:52:46:81:48:8A:72:BE:99:1F:A6:70:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5FbqA0-1wRSRoFIinK-mR-mcNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/qo2vOLLpvqAX5XPyfjQO2wLnHqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/l5FbqA0-1wRSRoFIinK-mR-mcNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.24.0/24
Signature Algorithm: sha256WithRSAEncryption
71:74:65:01:03:d8:2e:0d:fb:4a:61:68:1f:05:25:15:54:f4:
4a:73:96:69:53:5e:06:b1:e8:a2:2e:fd:68:b0:e8:63:23:11:
93:0b:e4:a4:3a:cb:37:09:4c:fd:66:7b:ee:b6:86:91:94:5f:
06:8d:5e:ed:f6:8d:8b:a9:88:53:ad:a8:04:6e:23:d8:5c:b4:
2e:d1:65:40:89:9d:77:9d:4e:6e:b7:8c:cb:d1:93:95:4f:fd:
c0:9b:6d:7b:9c:db:79:1f:61:93:9b:fb:90:32:1d:4c:8f:38:
6a:86:8c:81:7a:93:6b:1f:3c:e1:4e:58:b4:7a:2c:ca:59:b9:
60:58:2f:1b:13:8d:bd:57:7f:17:e8:4c:88:3e:84:72:be:4c:
92:74:83:1b:ed:dd:a6:71:ea:63:2f:05:d8:50:a5:54:42:45:
67:20:55:3f:5f:cf:65:f8:61:90:f1:ad:ff:69:0f:20:10:bf:
a6:4f:61:7e:c8:82:78:68:b6:aa:8e:0c:66:c8:51:b4:24:fc:
cb:e7:b9:2e:78:a5:db:b8:08:48:8b:d4:d1:62:dd:82:fb:06:
21:79:35:cd:6f:32:73:b0:99:36:94:f2:54:e0:db:55:14:4a:
31:a9:bd:46:25:57:fb:50:85:bd:62:f5:f4:95:26:b4:81:b7:
0d:71:07:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+o8VJpUVdAlOYdYVLM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTE1YmE4MGQzZWQ3MDQ1MjQ2ODE0ODhhNzJiZTk5MWZh
NjcwZGMwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThkYWYzOGIyZTliZWEwMTdlNTczZjI3ZTM0MGVkYjAyZTcxZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+mHiSjI8IqIA/v5mHqxyz4S0UU+
6GJRWVTdhpk8QH7gHLIMiadh2VudXBDH7ybQVA4QpLSMliiAQAHoTcZz74jnA7kz
/xmSy/MtgFzOJrKivVXG8QJ84Twntpp8qDXMXcKOmES/Q92h8QM8eZHLfOWlV8bU
NC7eSJf7D3xEY7fqXlDd4HlPJ3/WCQBeEa/fY0r+B8ZZ4Mw5GlLaThi0O7S76Ogh
RsUPS1ERMCB603KtMgd4eaiTSFNyI2gedx7vVGi2zsmJkOZWkkK8h4xq5iKQoS3Y
zjsMBUP+H8ZZ0Vi3rLngsnOltoOrt8W2xj6LmwSXIR2LWUD8amKGAobFIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqNrziy6b6gF+Vz8n40DtsC5x6gMB8GA1UdIwQY
MBaAFJeRW6gNPtcEUkaBSIpyvpkfpnDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVGYnFBMC0xd1JTUm9GSWluSy1tUi1tY053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NzBiZjAtOTE2Ni00ZjYwLWE2MDMt
NzA3YjBhMzhiMWUwLzEvcW8ydk9MTHB2cUFYNVhQeWZqUU8yd0xuSHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NzBiZjAtOTE2Ni00ZjYwLWE2MDMtNzA3YjBhMzhiMWUw
LzEvbDVGYnFBMC0xd1JTUm9GSWluSy1tUi1tY053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8EYMA0G
CSqGSIb3DQEBCwUAA4IBAQBxdGUBA9guDftKYWgfBSUVVPRKc5ZpU14GseiiLv1o
sOhjIxGTC+SkOss3CUz9ZnvutoaRlF8GjV7t9o2LqYhTragEbiPYXLQu0WVAiZ13
nU5ut4zL0ZOVT/3Am217nNt5H2GTm/uQMh1MjzhqhoyBepNrHzzhTli0eizKWblg
WC8bE429V38X6EyIPoRyvkySdIMb7d2mcepjLwXYUKVUQkVnIFU/X89l+GGQ8a3/
aQ8gEL+mT2F+yIJ4aLaqjgxmyFG0JPzL57kueKXbuAhIi9TRYt2C+wYheTXNbzJz
sJk2lPJU4NtVFEoxqb1GJVf7UIW9YvX0lSa0gbcNcQd8
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:59 2025 by rpki-client