Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/qAtvOAhBvQYE7yv7PeEUUCZq2ds.roa
File: qAtvOAhBvQYE7yv7PeEUUCZq2ds.roa (raw, json)
Hash identifier: aU/6fU3hsdU9Q0TXkIhgO8Q067+WiToUGD/UX8nOBtA=
Subject key identifier: A8:0B:6F:38:08:41:BD:06:04:EF:2B:FB:3D:E1:14:50:26:6A:D9:DB
Certificate issuer: /CN=ab2e5b67f25cbd882ca4d023d21ef98d483735db
Certificate serial: 01936AD0834AD46BC92B140F17429842B1A7
Authority key identifier: AB:2E:5B:67:F2:5C:BD:88:2C:A4:D0:23:D2:1E:F9:8D:48:37:35:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy5bZ_JcvYgspNAj0h75jUg3Nds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/qAtvOAhBvQYE7yv7PeEUUCZq2ds.roa
Signing time: Tue 26 Nov 2024 23:31:10 +0000
ROA not before: Tue 26 Nov 2024 23:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 91.244.236.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6a:d0:83:4a:d4:6b:c9:2b:14:0f:17:42:98:42:b1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2e5b67f25cbd882ca4d023d21ef98d483735db
Validity
Not Before: Nov 26 23:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a80b6f380841bd0604ef2bfb3de11450266ad9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:25:8a:6a:e0:23:da:cb:96:85:5a:82:d3:ba:
9d:e7:d8:1f:fc:c7:8b:26:fd:73:9c:23:a8:f3:93:
a7:f9:2d:78:df:de:29:58:ee:ba:4b:1b:b2:60:bb:
13:72:57:26:84:ab:a1:43:67:b8:10:ac:d2:24:e1:
86:59:f7:fc:e5:57:64:59:76:fa:47:4f:59:de:b7:
56:b0:2b:07:29:ff:e7:9a:00:4b:0e:3c:bb:4b:40:
dd:68:3c:53:b2:3a:10:79:41:91:e7:0b:4b:0c:20:
46:33:f7:ce:85:d1:99:ee:4a:99:62:82:12:39:ad:
b7:a6:11:2e:49:3e:71:2e:3a:04:cc:f9:9a:c9:ad:
4d:e5:64:ad:c7:6a:a5:c4:8f:56:8b:3b:39:64:79:
60:62:c6:6f:d0:d8:3c:9d:83:d1:d8:2d:a1:92:43:
f8:59:8b:6b:bb:a3:94:bf:24:68:fb:81:86:6c:88:
d1:b9:4b:d2:15:e2:87:22:a2:cd:dd:25:0e:21:62:
fc:80:39:18:c7:ef:dc:bb:57:2a:8a:d0:f4:e4:42:
f2:7a:3d:cc:25:cf:c2:ce:9d:0c:a5:da:22:24:7b:
d3:14:87:f7:2c:17:49:f3:4b:51:b5:61:1b:a0:24:
6c:83:52:4c:67:e5:1a:d9:b7:32:db:91:61:f9:52:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0B:6F:38:08:41:BD:06:04:EF:2B:FB:3D:E1:14:50:26:6A:D9:DB
X509v3 Authority Key Identifier:
keyid:AB:2E:5B:67:F2:5C:BD:88:2C:A4:D0:23:D2:1E:F9:8D:48:37:35:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy5bZ_JcvYgspNAj0h75jUg3Nds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/qAtvOAhBvQYE7yv7PeEUUCZq2ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/qy5bZ_JcvYgspNAj0h75jUg3Nds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.236.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:72:46:ac:62:bd:82:c0:f9:df:81:aa:68:e1:b1:89:08:83:
ed:2e:26:da:36:15:10:68:4a:69:27:dd:52:10:c1:d3:32:84:
63:e4:af:7c:5f:bb:2c:fe:31:31:f1:f7:f9:e9:d2:9d:83:01:
9c:9a:51:3e:69:e7:1e:0d:94:28:d1:29:49:fe:b8:95:7a:a9:
ca:ee:2b:84:c6:50:91:40:f2:a0:3e:ec:7b:f4:38:60:ee:97:
6d:83:64:46:b7:ae:f7:f2:b7:9f:4d:de:dd:7b:81:65:21:53:
3a:68:25:ce:00:bd:3b:ba:c0:c7:c9:4f:07:76:75:4e:22:71:
ba:65:38:26:a7:d7:fd:f7:d0:3b:fe:24:42:43:2f:ab:f0:2f:
71:17:a6:ce:22:87:64:e1:e4:e8:dd:1e:59:29:cf:c9:96:bc:
63:84:30:11:bf:93:dc:8d:67:6f:64:77:ae:c7:5f:b2:35:f1:
88:b5:58:f7:00:b5:32:7f:13:cb:a6:49:8e:28:fe:f1:f5:b8:
6e:cb:dd:c9:07:c6:96:38:72:d9:3d:80:4c:18:71:ad:56:8e:
65:7b:af:b3:f4:21:24:36:71:b1:f5:a1:23:1a:27:41:79:2e:
da:ec:33:08:67:c7:ff:ff:59:f9:af:69:28:29:22:50:89:e1:
eb:e8:5e:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNq0INK1GvJKxQPF0KYQrGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmU1YjY3ZjI1Y2JkODgyY2E0ZDAyM2QyMWVmOThkNDgz
NzM1ZGIwHhcNMjQxMTI2MjMzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBiNmYzODA4NDFiZDA2MDRlZjJiZmIzZGUxMTQ1MDI2NmFkOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziWKauAj2suWhVqC07qd59gf/MeL
Jv1znCOo85On+S14394pWO66SxuyYLsTclcmhKuhQ2e4EKzSJOGGWff85VdkWXb6
R09Z3rdWsCsHKf/nmgBLDjy7S0DdaDxTsjoQeUGR5wtLDCBGM/fOhdGZ7kqZYoIS
Oa23phEuST5xLjoEzPmaya1N5WStx2qlxI9Wizs5ZHlgYsZv0Ng8nYPR2C2hkkP4
WYtru6OUvyRo+4GGbIjRuUvSFeKHIqLN3SUOIWL8gDkYx+/cu1cqitD05ELyej3M
Jc/Czp0MpdoiJHvTFIf3LBdJ80tRtWEboCRsg1JMZ+Ua2bcy25Fh+VLRUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgLbzgIQb0GBO8r+z3hFFAmatnbMB8GA1UdIwQY
MBaAFKsuW2fyXL2ILKTQI9Ie+Y1INzXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXk1YlpfSmN2WWdzcE5BajBoNzVqVWczTmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2ZmZTktOGQ5OC00YzZkLWJlMmEt
M2Y2ZWMyNDk3MTdjLzEvcUF0dk9BaEJ2UVlFN3l2N1BlRVVVQ1pxMmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2ZmZTktOGQ5OC00YzZkLWJlMmEtM2Y2ZWMyNDk3MTdj
LzEvcXk1YlpfSmN2WWdzcE5BajBoNzVqVWczTmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/TsMA0G
CSqGSIb3DQEBCwUAA4IBAQCkckasYr2CwPnfgapo4bGJCIPtLibaNhUQaEppJ91S
EMHTMoRj5K98X7ss/jEx8ff56dKdgwGcmlE+aeceDZQo0SlJ/riVeqnK7iuExlCR
QPKgPux79Dhg7pdtg2RGt6738refTd7de4FlIVM6aCXOAL07usDHyU8HdnVOInG6
ZTgmp9f999A7/iRCQy+r8C9xF6bOIodk4eTo3R5ZKc/JlrxjhDARv5PcjWdvZHeu
x1+yNfGItVj3ALUyfxPLpkmOKP7x9bhuy93JB8aWOHLZPYBMGHGtVo5le6+z9CEk
NnGx9aEjGidBeS7a7DMIZ8f//1n5r2koKSJQieHr6F6U
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:52:12 2025 by rpki-client