Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/oQC9sPpcZyPZwpQuNTqhI-X9Nlw.roa
File: oQC9sPpcZyPZwpQuNTqhI-X9Nlw.roa (raw, json)
Hash identifier: vCUpk6P/EjQs3Tpm0wCNehcuCpZGGg9z5aDmzRFQJKA=
Subject key identifier: A1:00:BD:B0:FA:5C:67:23:D9:C2:94:2E:35:3A:A1:23:E5:FD:36:5C
Certificate issuer: /CN=407bc1dc2e11d491b9b85e08d01c222f9776c3cc
Certificate serial: 019421B1F3A781EED837144665453491698C
Authority key identifier: 40:7B:C1:DC:2E:11:D4:91:B9:B8:5E:08:D0:1C:22:2F:97:76:C3:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHvB3C4R1JG5uF4I0BwiL5d2w8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/oQC9sPpcZyPZwpQuNTqhI-X9Nlw.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 91.198.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f3:a7:81:ee:d8:37:14:46:65:45:34:91:69:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407bc1dc2e11d491b9b85e08d01c222f9776c3cc
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a100bdb0fa5c6723d9c2942e353aa123e5fd365c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a6:33:c0:e6:03:8e:63:f3:f2:2f:10:62:c9:
4c:e5:f8:a7:63:c2:e2:63:f8:64:0c:1b:19:1c:6f:
2e:68:c7:4d:d4:e5:78:fe:d4:4c:b2:bc:e6:70:69:
f0:d7:4a:6c:7d:2e:b8:c2:79:98:c8:a5:73:0e:fe:
56:d0:2f:c3:17:75:cb:11:70:4c:a1:26:aa:d2:6f:
b8:24:a6:3c:83:7a:36:a2:88:44:44:e3:7a:1a:60:
f1:f5:15:b2:47:e0:70:87:7d:35:c5:4f:3b:cc:79:
e9:28:68:8a:76:ae:b4:d2:05:e2:e1:62:09:df:c2:
c1:04:7e:07:d2:d7:bd:9e:de:c7:08:33:14:d5:12:
9d:23:16:bd:e9:3c:e7:e7:f9:60:df:70:9b:56:00:
c7:09:76:aa:2e:22:a4:e0:87:4a:8b:82:bc:17:c8:
c2:3b:0d:a4:54:d8:39:83:80:d4:49:68:e1:81:70:
41:1f:d0:a0:4b:e1:d6:dd:21:a5:cf:08:2c:ad:3e:
b1:08:8e:ba:6e:d4:d2:d6:c3:43:3a:3d:33:aa:2f:
1b:d2:0f:8b:08:f4:fc:a1:5e:6b:8b:bb:b4:1d:69:
89:8a:bf:30:78:bc:c9:f1:08:3e:c6:0d:93:6f:4d:
b2:2a:a3:4d:32:f3:c7:a8:dc:d3:db:06:ec:45:6b:
53:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:00:BD:B0:FA:5C:67:23:D9:C2:94:2E:35:3A:A1:23:E5:FD:36:5C
X509v3 Authority Key Identifier:
keyid:40:7B:C1:DC:2E:11:D4:91:B9:B8:5E:08:D0:1C:22:2F:97:76:C3:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHvB3C4R1JG5uF4I0BwiL5d2w8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/oQC9sPpcZyPZwpQuNTqhI-X9Nlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/QHvB3C4R1JG5uF4I0BwiL5d2w8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.197.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:70:91:d3:bf:ab:2a:ee:c5:66:da:48:3a:90:a0:67:a6:53:
ce:c6:da:90:0e:fc:e4:7f:c0:3e:59:d1:89:ee:08:2f:cb:16:
41:26:83:78:92:4e:e4:a5:b3:07:a4:f4:c6:fb:65:80:4f:2f:
d9:fa:ea:d4:53:52:09:d8:ec:7c:65:c5:0a:79:18:39:db:7c:
f7:77:e1:a6:b7:d1:6b:50:e9:0c:e6:79:06:b2:9e:f6:6e:68:
48:e2:3f:c8:4e:34:f5:9b:30:f7:dd:30:55:78:aa:f5:6f:f6:
f9:f2:1c:9c:be:a5:04:ac:8d:28:a2:fe:bb:13:f4:35:b7:29:
fd:ce:73:44:f3:92:6d:b9:56:62:5b:a2:12:90:5d:48:6b:c8:
8e:1d:66:87:d6:20:9f:5c:0d:7a:76:7d:77:b6:a1:30:dc:fb:
0c:96:21:4c:2d:48:e0:1f:84:20:af:db:c6:fc:75:24:9f:53:
35:e9:17:e1:8f:9f:94:e0:bc:05:42:cd:63:db:73:74:63:21:
ad:d2:e7:a0:29:05:1a:4f:58:db:d8:a6:2c:78:83:b2:83:c8:
0d:7a:47:76:eb:36:dc:4b:e6:d5:3d:2e:09:a0:56:d4:33:98:
e5:47:72:21:31:31:4d:b1:15:22:5e:af:dd:48:91:1b:08:74:
8d:44:c9:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsfOnge7YNxRGZUU0kWmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2JjMWRjMmUxMWQ0OTFiOWI4NWUwOGQwMWMyMjJmOTc3
NmMzY2MwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTAwYmRiMGZhNWM2NzIzZDljMjk0MmUzNTNhYTEyM2U1ZmQzNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaYzwOYDjmPz8i8QYslM5finY8Li
Y/hkDBsZHG8uaMdN1OV4/tRMsrzmcGnw10psfS64wnmYyKVzDv5W0C/DF3XLEXBM
oSaq0m+4JKY8g3o2oohERON6GmDx9RWyR+Bwh301xU87zHnpKGiKdq600gXi4WIJ
38LBBH4H0te9nt7HCDMU1RKdIxa96Tzn5/lg33CbVgDHCXaqLiKk4IdKi4K8F8jC
Ow2kVNg5g4DUSWjhgXBBH9CgS+HW3SGlzwgsrT6xCI66btTS1sNDOj0zqi8b0g+L
CPT8oV5ri7u0HWmJir8weLzJ8Qg+xg2Tb02yKqNNMvPHqNzT2wbsRWtTRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEAvbD6XGcj2cKULjU6oSPl/TZcMB8GA1UdIwQY
MBaAFEB7wdwuEdSRubheCNAcIi+XdsPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh2QjNDNFIxSkc1dUY0STBCd2lMNWQydzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mMTBiYzctN2M5ZS00ZDk4LThkN2It
N2FmMGExNWY0MGI1LzEvb1FDOXNQcGNaeVBad3BRdU5UcWhJLVg5Tmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mMTBiYzctN2M5ZS00ZDk4LThkN2ItN2FmMGExNWY0MGI1
LzEvUUh2QjNDNFIxSkc1dUY0STBCd2lMNWQydzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bFMA0G
CSqGSIb3DQEBCwUAA4IBAQALcJHTv6sq7sVm2kg6kKBnplPOxtqQDvzkf8A+WdGJ
7ggvyxZBJoN4kk7kpbMHpPTG+2WATy/Z+urUU1IJ2Ox8ZcUKeRg523z3d+Gmt9Fr
UOkM5nkGsp72bmhI4j/ITjT1mzD33TBVeKr1b/b58hycvqUErI0oov67E/Q1tyn9
znNE85JtuVZiW6ISkF1Ia8iOHWaH1iCfXA16dn13tqEw3PsMliFMLUjgH4Qgr9vG
/HUkn1M16Rfhj5+U4LwFQs1j23N0YyGt0uegKQUaT1jb2KYseIOyg8gNekd26zbc
S+bVPS4JoFbUM5jlR3IhMTFNsRUiXq/dSJEbCHSNRMk+
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:20 2025 by rpki-client