Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/999789-2631-4eb9-a5dc-c7d29b294170/1/1-RqK2rg0selylSqEAj3bND39Akc.roa
File: 1-RqK2rg0selylSqEAj3bND39Akc.roa (raw, json)
Hash identifier: A2OrL7i2XmymWp3HAJOi+3+TxFn3W1ehXjAW+lBUoNo=
Subject key identifier: F9:1A:8A:DA:B8:34:B1:E9:72:95:2A:84:02:3D:DB:34:3D:FD:02:47
Certificate issuer: /CN=35dbcef8b0c18dfd3d4aa2d6588e971dc9bdd39c
Certificate serial: 01674600
Authority key identifier: 35:DB:CE:F8:B0:C1:8D:FD:3D:4A:A2:D6:58:8E:97:1D:C9:BD:D3:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdvO-LDBjf09SqLWWI6XHcm905w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/999789-2631-4eb9-a5dc-c7d29b294170/1/1-RqK2rg0selylSqEAj3bND39Akc.roa
Signing time: Sat 01 Jan 2022 13:01:55 +0000
ROA not before: Sat 01 Jan 2022 13:01:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57554
IP address blocks: 91.223.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23545344 (0x1674600)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35dbcef8b0c18dfd3d4aa2d6588e971dc9bdd39c
Validity
Not Before: Jan 1 13:01:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f91a8adab834b1e972952a84023ddb343dfd0247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:fe:8a:aa:c7:ed:57:7b:fd:6e:ec:1d:6e:
09:63:ce:e5:ec:11:55:08:2c:e8:ea:50:35:a3:93:
af:2e:ba:d3:93:50:6c:e9:49:aa:48:de:70:98:1d:
a0:02:00:1b:5c:cb:64:2a:5e:2e:be:1c:26:d6:5c:
ec:ae:1a:05:69:68:68:8f:0d:59:b5:20:13:9c:e0:
97:35:3f:3b:49:cb:92:d3:7b:6b:d2:43:91:4b:f7:
b8:62:53:ab:f8:ab:b8:db:1f:ec:b0:47:42:c4:64:
8d:8d:7a:89:af:53:f5:0d:c9:c3:97:5d:ea:21:ef:
57:df:a3:0b:b2:77:73:32:fd:cb:a2:2e:cc:06:69:
90:a0:1a:22:b8:69:22:10:c2:48:a4:e4:be:39:a3:
c5:da:bf:09:0e:e2:8a:98:67:90:3c:83:85:0b:a0:
70:54:75:39:75:59:8c:5b:67:ae:57:bd:52:b9:86:
a6:fa:60:ad:1e:8a:60:c7:5e:5e:9d:ca:87:b3:2f:
f5:47:c4:69:f0:02:89:ce:1e:9c:84:69:49:29:64:
4c:a5:3f:69:1e:f0:e2:62:c0:6f:c7:23:9c:f8:95:
dd:8a:bc:aa:e3:88:71:f6:4e:c0:aa:01:39:17:44:
2e:56:6f:09:25:f4:d6:d6:c6:61:f4:03:05:f4:0f:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1A:8A:DA:B8:34:B1:E9:72:95:2A:84:02:3D:DB:34:3D:FD:02:47
X509v3 Authority Key Identifier:
keyid:35:DB:CE:F8:B0:C1:8D:FD:3D:4A:A2:D6:58:8E:97:1D:C9:BD:D3:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdvO-LDBjf09SqLWWI6XHcm905w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/999789-2631-4eb9-a5dc-c7d29b294170/1/1-RqK2rg0selylSqEAj3bND39Akc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/999789-2631-4eb9-a5dc-c7d29b294170/1/NdvO-LDBjf09SqLWWI6XHcm905w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.189.0/24
Signature Algorithm: sha256WithRSAEncryption
13:cd:14:12:22:3f:ff:45:9a:66:71:5e:04:51:53:20:ce:84:
d1:8e:ef:c7:13:5f:07:a4:59:39:a7:1f:18:1a:6e:e7:32:8f:
4b:8d:e1:e1:5e:d3:58:fc:35:64:55:ea:f3:a4:fb:ae:8d:e0:
c7:ad:8c:74:4f:c2:31:c6:6a:d1:2f:9f:92:5a:90:61:31:d1:
09:53:be:00:ea:2d:98:3f:d3:36:24:4f:91:25:65:bf:ab:a2:
8b:ae:d3:e6:a7:fa:fa:94:35:e8:21:57:ab:7b:6d:b2:d9:a7:
48:b8:74:b0:d2:7e:2a:11:25:bd:42:32:b4:f6:1a:6c:b3:a8:
43:0a:5f:31:28:9c:67:80:4b:d7:9a:c3:b1:a7:8d:f1:04:0f:
70:4d:28:dd:50:5f:47:96:3e:a0:a4:bd:04:7d:81:80:6b:0c:
fd:40:63:a8:03:80:2d:8f:59:99:93:34:16:de:83:d9:8e:28:
2e:95:ae:39:92:00:0f:d0:d3:4b:89:5f:28:e1:a1:97:b5:0e:
33:0f:3d:ab:59:ed:54:c5:31:6f:96:31:23:8d:b4:5f:ed:b8:
0d:29:80:46:0e:79:bc:4c:10:d3:17:fa:d3:21:8e:d7:00:6b:
60:ca:2f:b5:cf:aa:e2:54:7b:1c:eb:56:60:52:d8:41:c3:0a:
84:78:15:58
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAWdGADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NWRiY2VmOGIwYzE4ZGZkM2Q0YWEyZDY1ODhlOTcxZGM5YmRkMzljMB4XDTIyMDEw
MTEzMDE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkxYThhZGFiODM0
YjFlOTcyOTUyYTg0MDIzZGRiMzQzZGZkMDI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYo/oqqx+1Xe/1u7B1uCWPO5ewRVQgs6OpQNaOTry6605NQ
bOlJqkjecJgdoAIAG1zLZCpeLr4cJtZc7K4aBWloaI8NWbUgE5zglzU/O0nLktN7
a9JDkUv3uGJTq/iruNsf7LBHQsRkjY16ia9T9Q3Jw5dd6iHvV9+jC7J3czL9y6Iu
zAZpkKAaIrhpIhDCSKTkvjmjxdq/CQ7iiphnkDyDhQugcFR1OXVZjFtnrle9UrmG
pvpgrR6KYMdeXp3Kh7Mv9UfEafACic4enIRpSSlkTKU/aR7w4mLAb8cjnPiV3Yq8
quOIcfZOwKoBORdELlZvCSX01tbGYfQDBfQP+yECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5GorauDSx6XKVKoQCPds0Pf0CRzAfBgNVHSMEGDAWgBQ12874sMGN/T1K
otZYjpcdyb3TnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05kdk8tTERCamYwOVNxTFdXSTZYSGNtOTA1dy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvOTk5Nzg5LTI2MzEtNGViOS1hNWRjLWM3ZDI5YjI5NDE3MC8x
LzEtUnFLMnJnMHNlbHlsU3FFQWozYk5EMzlBa2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAx
Lzk5OTc4OS0yNjMxLTRlYjktYTVkYy1jN2QyOWIyOTQxNzAvMS9OZHZPLUxEQmpm
MDlTcUxXV0k2WEhjbTkwNXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb370wDQYJKoZIhvcNAQELBQAD
ggEBABPNFBIiP/9FmmZxXgRRUyDOhNGO78cTXwekWTmnHxgabucyj0uN4eFe01j8
NWRV6vOk+66N4MetjHRPwjHGatEvn5JakGEx0QlTvgDqLZg/0zYkT5ElZb+roouu
0+an+vqUNeghV6t7bbLZp0i4dLDSfioRJb1CMrT2GmyzqEMKXzEonGeAS9eaw7Gn
jfEED3BNKN1QX0eWPqCkvQR9gYBrDP1AY6gDgC2PWZmTNBbeg9mOKC6VrjmSAA/Q
00uJXyjhoZe1DjMPPatZ7VTFMW+WMSONtF/tuA0pgEYOebxMENMX+tMhjtcAa2DK
L7XPquJUexzrVmBS2EHDCoR4FVg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:41:54 2025 by rpki-client