Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/KqFYxEWrdBP5_WdyXRa-ITRyV24.roa
File: KqFYxEWrdBP5_WdyXRa-ITRyV24.roa (raw, json)
Hash identifier: vqxQtdasBJcl6VgvYzPzoC8JKGZWIRjtdhf0lDZH8tE=
Subject key identifier: 2A:A1:58:C4:45:AB:74:13:F9:FD:67:72:5D:16:BE:21:34:72:57:6E
Certificate issuer: /CN=63c657190fed73f6bbe765f4b68201fd5555e3c8
Certificate serial: 01942827E4A07A257E460A8431B4DBE5A73B
Authority key identifier: 63:C6:57:19:0F:ED:73:F6:BB:E7:65:F4:B6:82:01:FD:55:55:E3:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8ZXGQ_tc_a752X0toIB_VVV48g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/KqFYxEWrdBP5_WdyXRa-ITRyV24.roa
Signing time: Thu 02 Jan 2025 17:54:50 +0000
ROA not before: Thu 02 Jan 2025 17:54:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198356
IP address blocks: 91.234.24.0/22 maxlen: 22
91.234.24.0/23 maxlen: 23
91.234.24.0/24 maxlen: 24
91.234.25.0/24 maxlen: 24
91.234.26.0/23 maxlen: 23
91.234.26.0/24 maxlen: 24
91.234.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:e4:a0:7a:25:7e:46:0a:84:31:b4:db:e5:a7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c657190fed73f6bbe765f4b68201fd5555e3c8
Validity
Not Before: Jan 2 17:54:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aa158c445ab7413f9fd67725d16be213472576e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:14:b6:1b:43:0f:1d:39:45:49:66:23:3f:96:
39:d3:0c:c1:b1:2c:30:98:a8:84:07:8b:87:23:6d:
6a:bb:a5:15:6c:ae:fd:43:4d:0e:1f:12:ae:1b:b0:
eb:d8:a3:a0:5f:dc:7d:64:e6:13:c0:6c:15:5d:ff:
87:84:57:7a:3e:2f:54:a1:b8:a3:75:df:7b:74:2e:
30:31:f8:b3:35:dc:b0:73:28:3c:30:43:a9:c5:3d:
4d:b9:60:71:5a:73:95:be:98:eb:ee:67:5a:06:38:
00:3c:92:89:1a:89:04:ce:9f:a1:c1:69:43:ef:03:
3f:81:23:b8:66:94:72:3b:1c:a1:bf:1a:f5:b8:ce:
b2:78:ac:6b:4e:da:df:ab:f5:a1:9c:af:b0:cd:41:
c7:ce:b7:be:80:ef:30:40:ff:e1:31:76:22:94:f6:
b5:75:35:9f:c2:ed:54:a7:af:4b:06:b0:c6:95:89:
fb:de:d4:71:27:c2:7f:8b:23:d6:d8:db:af:7b:fd:
07:92:3f:b0:9c:f1:7c:e6:40:0c:59:dd:0b:bb:38:
44:00:2e:d2:5c:a3:d4:0e:88:56:13:df:3a:01:d2:
91:7d:40:e3:46:5d:5d:80:53:64:c9:33:e2:fb:23:
3f:c3:a1:13:96:41:dd:b3:c9:42:a6:4f:ea:d9:54:
1a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A1:58:C4:45:AB:74:13:F9:FD:67:72:5D:16:BE:21:34:72:57:6E
X509v3 Authority Key Identifier:
keyid:63:C6:57:19:0F:ED:73:F6:BB:E7:65:F4:B6:82:01:FD:55:55:E3:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8ZXGQ_tc_a752X0toIB_VVV48g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/KqFYxEWrdBP5_WdyXRa-ITRyV24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/150b88-88ee-4234-a5e8-aa7730b2b4f3/1/Y8ZXGQ_tc_a752X0toIB_VVV48g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.24.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:74:4c:f8:f9:9b:82:7b:bb:c5:98:51:e1:93:2c:d5:c1:18:
f3:da:9d:65:c6:a0:aa:02:1d:d7:7b:6b:de:90:d3:47:78:76:
eb:8d:5c:28:be:f9:26:16:78:81:a0:87:e4:f6:7d:70:52:25:
ce:00:db:01:1d:fd:c8:b6:8b:3e:7f:e4:52:e3:5e:0e:0f:44:
20:3e:7f:01:30:e5:d9:ad:ae:ef:8f:6e:76:65:13:db:1f:42:
00:04:10:83:e6:fc:07:af:0d:f0:3f:e9:c9:10:01:96:6c:40:
e8:c8:6d:37:29:e9:26:b1:1f:f7:62:d7:95:95:af:9a:bb:b0:
30:9e:4d:0e:c3:e9:be:fd:de:3a:ff:7b:b5:53:c7:ae:f7:2b:
f2:0d:6e:34:e9:32:00:07:48:37:6e:7d:af:8d:86:36:49:6e:
db:fa:ac:aa:d6:2f:89:a9:0b:2e:a3:c0:73:52:8b:3d:c0:3d:
04:23:60:f9:37:98:de:fc:ef:64:6d:1c:e3:12:70:92:b2:61:
f7:0d:66:56:cf:7e:c3:9a:7c:93:0f:5f:c6:28:8e:0b:56:73:
65:f0:1e:e8:93:dd:65:b6:90:05:b9:fc:60:cd:28:5f:13:2a:
09:74:65:04:7c:79:54:83:1f:d9:c4:ea:b6:b9:48:2d:eb:b5:
61:f1:47:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ+SgeiV+RgqEMbTb5ac7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzY1NzE5MGZlZDczZjZiYmU3NjVmNGI2ODIwMWZkNTU1
NWUzYzgwHhcNMjUwMTAyMTc1NDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWExNThjNDQ1YWI3NDEzZjlmZDY3NzI1ZDE2YmUyMTM0NzI1NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RS2G0MPHTlFSWYjP5Y50wzBsSww
mKiEB4uHI21qu6UVbK79Q00OHxKuG7Dr2KOgX9x9ZOYTwGwVXf+HhFd6Pi9Uobij
dd97dC4wMfizNdywcyg8MEOpxT1NuWBxWnOVvpjr7mdaBjgAPJKJGokEzp+hwWlD
7wM/gSO4ZpRyOxyhvxr1uM6yeKxrTtrfq/WhnK+wzUHHzre+gO8wQP/hMXYilPa1
dTWfwu1Up69LBrDGlYn73tRxJ8J/iyPW2Nuve/0Hkj+wnPF85kAMWd0LuzhEAC7S
XKPUDohWE986AdKRfUDjRl1dgFNkyTPi+yM/w6ETlkHds8lCpk/q2VQajwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqhWMRFq3QT+f1ncl0WviE0clduMB8GA1UdIwQY
MBaAFGPGVxkP7XP2u+dl9LaCAf1VVePIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThaWEdRX3RjX2E3NTJYMHRvSUJfVlZWNDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNTBiODgtODhlZS00MjM0LWE1ZTgt
YWE3NzMwYjJiNGYzLzEvS3FGWXhFV3JkQlA1X1dkeVhSYS1JVFJ5VjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNTBiODgtODhlZS00MjM0LWE1ZTgtYWE3NzMwYjJiNGYz
LzEvWThaWEdRX3RjX2E3NTJYMHRvSUJfVlZWNDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+oYMA0G
CSqGSIb3DQEBCwUAA4IBAQAPdEz4+ZuCe7vFmFHhkyzVwRjz2p1lxqCqAh3Xe2ve
kNNHeHbrjVwovvkmFniBoIfk9n1wUiXOANsBHf3Itos+f+RS414OD0QgPn8BMOXZ
ra7vj252ZRPbH0IABBCD5vwHrw3wP+nJEAGWbEDoyG03KekmsR/3YteVla+au7Aw
nk0Ow+m+/d46/3u1U8eu9yvyDW406TIAB0g3bn2vjYY2SW7b+qyq1i+JqQsuo8Bz
Uos9wD0EI2D5N5je/O9kbRzjEnCSsmH3DWZWz37DmnyTD1/GKI4LVnNl8B7ok91l
tpAFufxgzShfEyoJdGUEfHlUgx/ZxOq2uUgt67Vh8UdB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:23 2025 by rpki-client