Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5rMK6wfEh1PT-zid99NkC-dchA.roa
File: Q5rMK6wfEh1PT-zid99NkC-dchA.roa (raw, json)
Hash identifier: fJ5ZufmpkJOnwS0ntILiqBDYuB7f4rNk7nNhfnkcfSs=
Subject key identifier: 43:9A:CC:2B:AC:1F:12:1D:4F:4F:EC:E2:77:DF:4D:90:2F:9D:72:10
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC2858C6E9B1D4ECADB2B9DC434C88
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5rMK6wfEh1PT-zid99NkC-dchA.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399091
IP address blocks: 91.242.100.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:28:58:c6:e9:b1:d4:ec:ad:b2:b9:dc:43:4c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=439acc2bac1f121d4f4fece277df4d902f9d7210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:94:c7:88:71:8c:65:db:9a:35:13:03:a9:
25:dc:12:4b:69:b3:15:1a:e6:78:d5:3b:4b:ec:62:
a9:55:76:09:45:59:e8:b7:f5:41:70:9b:bf:3a:b8:
7f:3e:34:99:97:ea:9a:ce:0c:92:99:87:86:78:54:
3c:be:3b:ce:9e:7f:4f:1a:99:eb:86:ca:b1:bf:75:
ec:b5:74:4c:21:f3:38:0f:d5:33:8f:39:e3:95:29:
17:15:b6:64:8f:03:25:49:b8:69:48:5e:ab:d3:6d:
6c:7c:e0:84:5b:2c:5e:92:f8:9e:ff:e7:a5:c4:76:
db:fb:c9:e1:a6:9a:f9:c6:e4:c6:a3:40:b3:59:f3:
17:07:0a:97:63:b2:76:b5:83:c0:65:71:78:78:4a:
8e:65:95:7d:0e:0d:83:10:1a:19:29:11:33:02:05:
66:17:81:c4:3b:e8:c4:2d:11:c0:cf:e2:cc:d4:46:
fa:32:cb:e4:25:94:94:7a:04:64:9d:06:38:40:cf:
c3:19:62:94:dd:c2:29:4e:1e:f7:fa:b1:3c:cb:f9:
b5:de:e9:67:4d:f4:e3:87:56:c5:41:f5:46:d4:47:
ba:cd:bf:65:56:64:8f:f9:3f:39:88:61:fe:58:db:
2a:f4:68:9b:b4:27:1c:83:b2:a1:34:f9:05:3c:f9:
b0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9A:CC:2B:AC:1F:12:1D:4F:4F:EC:E2:77:DF:4D:90:2F:9D:72:10
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Q5rMK6wfEh1PT-zid99NkC-dchA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.100.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:fa:1d:9d:a0:51:7d:b4:33:81:b6:49:41:2a:fa:12:09:ab:
72:1e:a6:9c:4e:1d:0b:58:22:a5:b2:ad:58:0e:fe:9a:35:2a:
e4:92:29:31:c8:a2:c1:f8:28:e0:b6:7f:83:c6:3f:2c:c0:dd:
3b:d6:8a:80:2f:4c:77:b1:3d:eb:c2:b6:d5:69:e1:53:be:d5:
df:2c:5c:e1:f3:0e:e9:f7:f5:b7:2f:95:d7:4d:cc:e5:dd:e0:
03:17:6d:21:bd:d1:67:73:c3:11:3c:db:a9:e3:57:47:11:f0:
1b:75:47:33:e3:a0:be:97:9b:c9:be:45:8a:3f:16:83:44:dc:
ac:25:fa:66:a7:26:ad:0f:6b:42:66:91:58:f8:d4:89:ec:97:
b3:53:d5:64:f0:2b:fc:83:ac:f9:42:ed:8f:68:80:1c:57:6a:
c3:d3:75:8b:b7:17:2e:59:2b:fe:0f:69:c7:20:c1:46:36:76:
af:e6:e9:f6:85:99:54:a9:0c:96:e3:c5:af:79:83:ff:aa:6f:
5e:40:9b:12:a8:42:7f:dc:c5:01:40:46:c4:1c:de:fd:29:3d:
3b:bc:90:ed:6d:8f:2f:65:ee:6e:b8:98:77:7e:ef:fd:c3:97:
06:ec:49:10:cf:36:39:d5:d9:01:04:0f:e9:c5:7e:b4:4f:d9:
d5:e9:54:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/ChYxumx1OytsrncQ0yIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzlhY2MyYmFjMWYxMjFkNGY0ZmVjZTI3N2RmNGQ5MDJmOWQ3MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWuUx4hxjGXbmjUTA6kl3BJLabMV
GuZ41TtL7GKpVXYJRVnot/VBcJu/Orh/PjSZl+qazgySmYeGeFQ8vjvOnn9PGpnr
hsqxv3XstXRMIfM4D9UzjznjlSkXFbZkjwMlSbhpSF6r021sfOCEWyxekvie/+el
xHbb+8nhppr5xuTGo0CzWfMXBwqXY7J2tYPAZXF4eEqOZZV9Dg2DEBoZKREzAgVm
F4HEO+jELRHAz+LM1Eb6MsvkJZSUegRknQY4QM/DGWKU3cIpTh73+rE8y/m13uln
TfTjh1bFQfVG1Ee6zb9lVmSP+T85iGH+WNsq9GibtCccg7KhNPkFPPmw8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOazCusHxIdT0/s4nffTZAvnXIQMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUTVyTUs2d2ZFaDFQVC16aWQ5OU5rQy1kY2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/JkMA0G
CSqGSIb3DQEBCwUAA4IBAQCe+h2doFF9tDOBtklBKvoSCatyHqacTh0LWCKlsq1Y
Dv6aNSrkkikxyKLB+Cjgtn+Dxj8swN071oqAL0x3sT3rwrbVaeFTvtXfLFzh8w7p
9/W3L5XXTczl3eADF20hvdFnc8MRPNup41dHEfAbdUcz46C+l5vJvkWKPxaDRNys
JfpmpyatD2tCZpFY+NSJ7JezU9Vk8Cv8g6z5Qu2PaIAcV2rD03WLtxcuWSv+D2nH
IMFGNnav5un2hZlUqQyW48WveYP/qm9eQJsSqEJ/3MUBQEbEHN79KT07vJDtbY8v
Ze5uuJh3fu/9w5cG7EkQzzY51dkBBA/pxX60T9nV6VQZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:23 2025 by rpki-client