Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/1fc53e-78f4-4230-ab19-c75eef8b6e82/1/9qi9mF0VJ_pHu9rStAxkEvSkQE0.roa
File: 9qi9mF0VJ_pHu9rStAxkEvSkQE0.roa (raw, json)
Hash identifier: x8RQEVhYG054AY7+a3pmPcQTUo4z8wxT2s5jf85mbpg=
Subject key identifier: F6:A8:BD:98:5D:15:27:FA:47:BB:DA:D2:B4:0C:64:12:F4:A4:40:4D
Certificate issuer: /CN=9f740b2d865dd989fc4b556854712cb1efc5f3d2
Certificate serial: 01856F14C6763671E035F86F4054E7CBBCA9
Authority key identifier: 9F:74:0B:2D:86:5D:D9:89:FC:4B:55:68:54:71:2C:B1:EF:C5:F3:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3QLLYZd2Yn8S1VoVHEsse_F89I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/1fc53e-78f4-4230-ab19-c75eef8b6e82/1/9qi9mF0VJ_pHu9rStAxkEvSkQE0.roa
Signing time: Sun 01 Jan 2023 20:45:10 +0000
ROA not before: Sun 01 Jan 2023 20:45:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 91.224.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:c6:76:36:71:e0:35:f8:6f:40:54:e7:cb:bc:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f740b2d865dd989fc4b556854712cb1efc5f3d2
Validity
Not Before: Jan 1 20:45:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6a8bd985d1527fa47bbdad2b40c6412f4a4404d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:5c:94:55:cb:eb:e4:2d:a1:c2:22:91:61:
f4:af:89:80:6c:8c:46:02:22:d9:40:b7:26:b7:81:
6a:76:10:a6:ee:45:19:c3:4b:07:0b:23:67:c0:c9:
13:81:e4:32:98:0f:1f:69:91:6a:64:b6:9b:77:15:
e6:8e:71:ba:ad:76:48:86:50:ff:bf:cb:41:dd:01:
a9:2a:b4:a1:fd:f6:c4:ab:c0:c6:90:3f:cc:db:e3:
6d:9c:63:20:36:f8:c4:e3:a5:22:de:ac:53:a3:c5:
9a:c2:4c:c3:9e:60:66:b4:31:6e:5a:bb:25:7b:6e:
ae:13:5b:b2:f7:eb:fa:29:51:7f:45:c7:6e:95:b3:
45:9b:42:21:30:01:06:e2:c6:1b:cc:f3:53:5c:3c:
66:cf:fd:73:42:eb:0d:13:2d:80:b7:00:3c:77:07:
bb:55:24:96:6a:b6:60:d7:45:11:3b:45:83:b3:e9:
b3:7d:09:91:a4:37:28:5e:0e:c5:d0:20:dd:9b:3f:
47:57:75:83:31:24:24:f3:05:c8:a8:ba:9e:40:1d:
aa:b8:a1:d3:2b:63:fe:c4:cc:08:e4:7a:35:b2:14:
d0:97:a1:1f:67:ab:63:ce:cd:6b:c6:be:89:59:ed:
b3:42:23:57:97:9e:e5:77:da:a3:13:8b:50:aa:2c:
71:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A8:BD:98:5D:15:27:FA:47:BB:DA:D2:B4:0C:64:12:F4:A4:40:4D
X509v3 Authority Key Identifier:
keyid:9F:74:0B:2D:86:5D:D9:89:FC:4B:55:68:54:71:2C:B1:EF:C5:F3:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3QLLYZd2Yn8S1VoVHEsse_F89I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1fc53e-78f4-4230-ab19-c75eef8b6e82/1/9qi9mF0VJ_pHu9rStAxkEvSkQE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1fc53e-78f4-4230-ab19-c75eef8b6e82/1/n3QLLYZd2Yn8S1VoVHEsse_F89I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.140.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b4:41:36:60:a9:21:4c:9b:a4:4b:f0:51:de:f6:6b:77:06:
06:af:ac:51:94:ec:f8:b2:00:a9:d5:cb:04:ba:53:8b:26:96:
13:e3:cb:a0:54:d3:54:e2:29:b1:89:ae:78:db:d8:1d:b4:0e:
9d:c6:7f:b0:13:8c:d4:23:63:16:fc:bc:67:43:43:97:fe:39:
6f:bf:31:c6:e9:1a:b2:10:18:1b:d7:51:bd:c3:fa:44:86:c7:
fe:e6:66:e0:34:e1:cf:24:0c:ac:9d:b7:9c:de:65:51:fd:d9:
8d:70:19:6e:56:a6:2d:fd:68:30:82:64:2c:bb:d3:a2:bd:c9:
44:50:12:89:ed:54:d4:ea:b1:a9:6d:64:38:1d:3c:e4:85:0c:
c1:92:3f:c4:58:f1:e8:67:e3:10:95:72:5c:cf:01:e0:c7:7c:
fb:c0:14:18:ca:b6:50:2d:27:d2:ad:a8:ca:b4:51:82:02:ac:
a4:71:b4:1d:fd:1f:10:c4:d0:14:ef:99:f7:5b:bf:ba:ef:9f:
55:2e:ee:10:ac:05:55:52:d7:4c:53:db:36:0e:84:4a:bf:fb:
5e:76:8f:a1:5a:93:d8:1e:4b:b9:05:04:36:61:0e:88:7a:2e:
26:78:f6:b8:67:32:d5:46:51:d8:99:51:c1:d2:8f:8c:13:68:
f6:f5:93:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMZ2NnHgNfhvQFTny7ypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNzQwYjJkODY1ZGQ5ODlmYzRiNTU2ODU0NzEyY2IxZWZj
NWYzZDIwHhcNMjMwMTAxMjA0NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmE4YmQ5ODVkMTUyN2ZhNDdiYmRhZDJiNDBjNjQxMmY0YTQ0MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqxclFXL6+QtocIikWH0r4mAbIxG
AiLZQLcmt4FqdhCm7kUZw0sHCyNnwMkTgeQymA8faZFqZLabdxXmjnG6rXZIhlD/
v8tB3QGpKrSh/fbEq8DGkD/M2+NtnGMgNvjE46Ui3qxTo8WawkzDnmBmtDFuWrsl
e26uE1uy9+v6KVF/RcdulbNFm0IhMAEG4sYbzPNTXDxmz/1zQusNEy2AtwA8dwe7
VSSWarZg10URO0WDs+mzfQmRpDcoXg7F0CDdmz9HV3WDMSQk8wXIqLqeQB2quKHT
K2P+xMwI5Ho1shTQl6EfZ6tjzs1rxr6JWe2zQiNXl57ld9qjE4tQqixxCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPaovZhdFSf6R7va0rQMZBL0pEBNMB8GA1UdIwQY
MBaAFJ90Cy2GXdmJ/EtVaFRxLLHvxfPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjNRTExZWmQyWW44UzFWb1ZIRXNzZV9GODlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8xZmM1M2UtNzhmNC00MjMwLWFiMTkt
Yzc1ZWVmOGI2ZTgyLzEvOXFpOW1GMFZKX3BIdTlyU3RBeGtFdlNrUUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8xZmM1M2UtNzhmNC00MjMwLWFiMTktYzc1ZWVmOGI2ZTgy
LzEvbjNRTExZWmQyWW44UzFWb1ZIRXNzZV9GODlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+CMMA0G
CSqGSIb3DQEBCwUAA4IBAQB5tEE2YKkhTJukS/BR3vZrdwYGr6xRlOz4sgCp1csE
ulOLJpYT48ugVNNU4imxia5429gdtA6dxn+wE4zUI2MW/LxnQ0OX/jlvvzHG6Rqy
EBgb11G9w/pEhsf+5mbgNOHPJAysnbec3mVR/dmNcBluVqYt/WgwgmQsu9OivclE
UBKJ7VTU6rGpbWQ4HTzkhQzBkj/EWPHoZ+MQlXJczwHgx3z7wBQYyrZQLSfSrajK
tFGCAqykcbQd/R8QxNAU75n3W7+6759VLu4QrAVVUtdMU9s2DoRKv/tedo+hWpPY
Hku5BQQ2YQ6Iei4mePa4ZzLVRlHYmVHB0o+ME2j29ZOu
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:51:29 2025 by rpki-client