Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/gLQdUENVXGMq4s0E2-s0exbZJTQ.roa
File: gLQdUENVXGMq4s0E2-s0exbZJTQ.roa (raw, json)
Hash identifier: qPXxxb8wbYIQ57DIruVSOJKF4C7lGWbN67ERbUHU99A=
Subject key identifier: 80:B4:1D:50:43:55:5C:63:2A:E2:CD:04:DB:EB:34:7B:16:D9:25:34
Certificate issuer: /CN=4de4f96771d91f87c21be9f00d120327f5bbf2ea
Certificate serial: 01941FFA6063E8890AE72BB4F232F123C54D
Authority key identifier: 4D:E4:F9:67:71:D9:1F:87:C2:1B:E9:F0:0D:12:03:27:F5:BB:F2:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/gLQdUENVXGMq4s0E2-s0exbZJTQ.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28907
IP address blocks: 91.228.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:63:e8:89:0a:e7:2b:b4:f2:32:f1:23:c5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4de4f96771d91f87c21be9f00d120327f5bbf2ea
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80b41d5043555c632ae2cd04dbeb347b16d92534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:83:65:b3:d1:10:a1:76:37:15:f8:c5:fe:
26:77:a5:11:e1:64:21:43:68:6c:d7:23:a9:13:ea:
1c:a5:cc:15:8f:f5:93:79:23:31:8f:b9:98:ff:f3:
53:33:2c:a2:ef:b4:8c:33:71:0c:3d:ed:e1:dc:99:
8c:e9:1a:dd:40:b1:c4:75:19:e3:aa:86:71:ec:d8:
09:30:42:eb:ec:72:d4:0a:e7:0e:01:39:6c:b5:82:
4a:8c:c8:4c:88:1e:70:22:3b:83:7f:64:85:61:c3:
41:29:12:df:5f:55:6a:2d:7b:fb:c0:38:16:3c:c1:
9e:63:1a:e9:3c:c0:69:9c:bc:55:f3:95:0e:8d:b2:
a9:ae:13:95:33:23:db:10:39:ee:bd:59:9d:97:d4:
a8:cf:6a:73:41:1d:c8:18:57:8a:d4:f5:cf:33:ac:
93:46:d1:d7:02:5d:ee:e4:0e:fd:4d:90:0f:0a:50:
0c:4f:6a:76:51:3e:dd:0f:00:0e:fa:b2:2e:ed:1a:
32:01:fe:b1:64:0e:53:ef:2e:46:e0:89:a9:49:74:
0a:7f:2f:25:74:92:18:1f:3a:2d:ca:6e:b3:53:89:
e9:6d:91:07:ee:7e:cc:f4:07:ec:36:d6:85:40:13:
a3:5f:3a:7a:c7:09:ab:01:55:70:a8:0b:ed:3c:61:
ea:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B4:1D:50:43:55:5C:63:2A:E2:CD:04:DB:EB:34:7B:16:D9:25:34
X509v3 Authority Key Identifier:
keyid:4D:E4:F9:67:71:D9:1F:87:C2:1B:E9:F0:0D:12:03:27:F5:BB:F2:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/gLQdUENVXGMq4s0E2-s0exbZJTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.146.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:57:f5:f6:b7:37:e2:41:cd:66:b1:fc:f4:b6:10:e8:b4:25:
e8:aa:90:52:98:3a:9e:24:71:2c:52:f0:57:1f:d0:51:c5:df:
94:88:2e:2a:af:e2:c2:04:6f:b2:1c:0d:73:63:0f:09:31:07:
92:ce:68:75:0c:dc:3d:ef:15:65:89:78:ad:95:26:ff:36:c0:
b9:9d:05:0a:2f:ed:b5:db:04:7a:98:37:e9:2a:3f:e5:99:2c:
7c:63:f8:b7:37:9f:be:6f:54:40:f6:4b:43:fc:62:f9:7e:d3:
0f:db:94:c0:05:24:44:53:c7:db:ef:8a:ce:ba:15:79:81:c3:
f7:02:b7:87:56:03:04:8d:41:3a:29:38:c5:e1:e8:87:e5:7c:
bd:e3:05:06:b1:12:b9:52:9c:c0:86:fd:14:1f:1a:14:29:3b:
3b:38:c7:ee:a9:a8:1d:06:a7:27:38:db:7c:59:5f:18:8d:49:
94:ce:69:4e:1a:10:b5:84:17:9f:0f:68:09:16:bd:9d:02:d1:
13:3e:d3:5b:fb:25:76:fe:94:5d:cf:57:9a:c0:0c:53:47:2f:
45:b1:c8:b9:d4:73:6d:3b:3a:56:a0:7e:d9:8d:cd:e4:d0:fc:
f0:c7:aa:f3:61:8a:d6:12:dc:62:cd:f6:d9:df:b4:30:ff:dd:
4d:11:8f:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mBj6IkK5yu08jLxI8VNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZTRmOTY3NzFkOTFmODdjMjFiZTlmMDBkMTIwMzI3ZjVi
YmYyZWEwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI0MWQ1MDQzNTU1YzYzMmFlMmNkMDRkYmViMzQ3YjE2ZDkyNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUWDZbPREKF2NxX4xf4md6UR4WQh
Q2hs1yOpE+ocpcwVj/WTeSMxj7mY//NTMyyi77SMM3EMPe3h3JmM6RrdQLHEdRnj
qoZx7NgJMELr7HLUCucOATlstYJKjMhMiB5wIjuDf2SFYcNBKRLfX1VqLXv7wDgW
PMGeYxrpPMBpnLxV85UOjbKprhOVMyPbEDnuvVmdl9Soz2pzQR3IGFeK1PXPM6yT
RtHXAl3u5A79TZAPClAMT2p2UT7dDwAO+rIu7RoyAf6xZA5T7y5G4ImpSXQKfy8l
dJIYHzotym6zU4npbZEH7n7M9AfsNtaFQBOjXzp6xwmrAVVwqAvtPGHqmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIC0HVBDVVxjKuLNBNvrNHsW2SU0MB8GA1UdIwQY
MBaAFE3k+Wdx2R+Hwhvp8A0SAyf1u/LqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGVUNVozSFpINGZDRy1ud0RSSURKX1c3OHVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wMmY5YmItNmU2YS00NzhhLWJhYzgt
NTkxMWZlNjNhZjc5LzEvZ0xRZFVFTlZYR01xNHMwRTItczBleGJaSlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wMmY5YmItNmU2YS00NzhhLWJhYzgtNTkxMWZlNjNhZjc5
LzEvVGVUNVozSFpINGZDRy1ud0RSSURKX1c3OHVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+SSMA0G
CSqGSIb3DQEBCwUAA4IBAQAfV/X2tzfiQc1msfz0thDotCXoqpBSmDqeJHEsUvBX
H9BRxd+UiC4qr+LCBG+yHA1zYw8JMQeSzmh1DNw97xVliXitlSb/NsC5nQUKL+21
2wR6mDfpKj/lmSx8Y/i3N5++b1RA9ktD/GL5ftMP25TABSREU8fb74rOuhV5gcP3
AreHVgMEjUE6KTjF4eiH5Xy94wUGsRK5UpzAhv0UHxoUKTs7OMfuqagdBqcnONt8
WV8YjUmUzmlOGhC1hBefD2gJFr2dAtETPtNb+yV2/pRdz1eawAxTRy9Fsci51HNt
OzpWoH7Zjc3k0Pzwx6rzYYrWEtxizfbZ37Qw/91NEY80
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:38 2025 by rpki-client