Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c7120e-d797-4b5c-a5a7-16b55ed49053/1/qOKPFULN86IT59ZJBGNCjgvryTs.roa
File: qOKPFULN86IT59ZJBGNCjgvryTs.roa (raw, json)
Hash identifier: JR7qV5VpwV1/mMT7KJUTU4N5QjE5TGDNGGqsDDp/JVI=
Subject key identifier: A8:E2:8F:15:42:CD:F3:A2:13:E7:D6:49:04:63:42:8E:0B:EB:C9:3B
Certificate issuer: /CN=e4e1770df8c6e803fceb364c868e3246e4d33742
Certificate serial: 018CC94AD2E652BB30809F81193437A9E00B
Authority key identifier: E4:E1:77:0D:F8:C6:E8:03:FC:EB:36:4C:86:8E:32:46:E4:D3:37:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5OF3DfjG6AP86zZMho4yRuTTN0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c7120e-d797-4b5c-a5a7-16b55ed49053/1/qOKPFULN86IT59ZJBGNCjgvryTs.roa
Signing time: Tue 02 Jan 2024 08:29:33 +0000
ROA not before: Tue 02 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57122
IP address blocks: 91.230.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d2:e6:52:bb:30:80:9f:81:19:34:37:a9:e0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4e1770df8c6e803fceb364c868e3246e4d33742
Validity
Not Before: Jan 2 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e28f1542cdf3a213e7d6490463428e0bebc93b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f4:d5:06:66:61:ef:ac:d5:2a:3c:d8:7c:9b:
46:8d:ce:25:d0:df:e9:12:7c:58:94:71:52:25:a8:
7e:99:d6:0f:ae:e4:5b:44:20:00:ee:da:16:48:80:
8b:82:1b:dd:f3:a6:84:24:c9:c8:4a:e4:a2:3a:38:
bf:26:9f:6c:b7:89:74:41:85:a8:87:4a:ee:9c:02:
c4:91:cd:6a:ba:d3:10:09:a1:0e:4a:d5:b0:45:c0:
12:7c:e5:70:d0:c6:ab:01:ff:fc:19:6e:fa:78:84:
58:2c:d2:79:11:26:0c:0d:16:a0:bc:c9:5f:28:c5:
5f:d6:03:84:1a:58:35:a7:ff:27:07:d3:cf:73:e9:
8d:27:f9:2c:ca:6d:36:1a:6f:7f:2d:3f:d5:f2:3d:
7a:32:5a:b6:fc:8e:b3:3c:5c:47:9e:bb:a5:f4:38:
af:e1:c5:c0:df:2c:dd:14:5f:01:21:a2:01:3f:72:
ea:18:c2:58:5c:1d:5c:a8:d1:3b:f5:3b:0e:db:db:
30:1c:11:a2:b0:51:a8:5c:15:a5:dd:49:ad:e1:4a:
84:d3:24:39:c0:88:a3:0a:6a:fd:7d:b8:a2:37:d2:
95:89:c5:d9:45:91:64:be:32:18:b6:8f:66:22:30:
b4:98:c1:8d:77:3d:3d:b2:23:60:2d:d9:40:c9:50:
d7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E2:8F:15:42:CD:F3:A2:13:E7:D6:49:04:63:42:8E:0B:EB:C9:3B
X509v3 Authority Key Identifier:
keyid:E4:E1:77:0D:F8:C6:E8:03:FC:EB:36:4C:86:8E:32:46:E4:D3:37:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5OF3DfjG6AP86zZMho4yRuTTN0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c7120e-d797-4b5c-a5a7-16b55ed49053/1/qOKPFULN86IT59ZJBGNCjgvryTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c7120e-d797-4b5c-a5a7-16b55ed49053/1/5OF3DfjG6AP86zZMho4yRuTTN0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.231.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:79:14:e0:d1:e4:75:58:ad:a5:ef:bd:79:f3:7c:fc:12:ef:
e2:91:25:9e:bc:2b:9c:82:6b:46:95:d3:d3:c1:96:cf:22:b4:
ee:05:7e:b2:4d:c8:3b:d9:bc:f8:f0:cc:69:41:c5:c2:05:88:
6e:73:11:5b:60:c6:9f:87:d6:76:8c:e0:f6:2f:86:57:73:40:
8a:6f:0d:c1:54:f2:39:5a:9d:72:0b:ef:fd:75:bf:00:a1:c6:
96:c3:99:9e:70:61:00:7e:77:b3:51:f1:14:6f:73:40:4c:64:
ee:99:0f:4e:ca:db:af:41:88:ee:ba:e1:ce:5c:84:d9:0f:b5:
03:dc:de:cf:13:41:60:7c:e4:75:84:ff:9d:67:2f:a6:b3:c5:
8c:93:c7:c9:8a:78:60:4b:07:37:e0:8d:45:5a:40:04:80:82:
b1:a1:9d:c7:bc:cd:9e:a5:e8:af:db:95:90:ae:7b:ca:29:c6:
ed:4f:c7:2d:e5:6e:52:b5:85:9c:50:0b:1a:fe:bc:ea:2c:25:
20:f2:cc:eb:fb:a6:4c:7a:ef:82:ad:f1:8c:35:e3:cf:2d:00:
80:ea:db:ec:82:49:b1:e2:46:2a:79:2d:98:a2:d1:60:92:7d:
65:62:19:43:ca:a3:cf:4b:43:22:7b:4c:64:9c:2f:74:b6:fa:
b0:4e:2f:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJStLmUrswgJ+BGTQ3qeALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZTE3NzBkZjhjNmU4MDNmY2ViMzY0Yzg2OGUzMjQ2ZTRk
MzM3NDIwHhcNMjQwMTAyMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGUyOGYxNTQyY2RmM2EyMTNlN2Q2NDkwNDYzNDI4ZTBiZWJjOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPTVBmZh76zVKjzYfJtGjc4l0N/p
EnxYlHFSJah+mdYPruRbRCAA7toWSICLghvd86aEJMnISuSiOji/Jp9st4l0QYWo
h0runALEkc1qutMQCaEOStWwRcASfOVw0MarAf/8GW76eIRYLNJ5ESYMDRagvMlf
KMVf1gOEGlg1p/8nB9PPc+mNJ/ksym02Gm9/LT/V8j16Mlq2/I6zPFxHnrul9Div
4cXA3yzdFF8BIaIBP3LqGMJYXB1cqNE79TsO29swHBGisFGoXBWl3Umt4UqE0yQ5
wIijCmr9fbiiN9KVicXZRZFkvjIYto9mIjC0mMGNdz09siNgLdlAyVDXaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjijxVCzfOiE+fWSQRjQo4L68k7MB8GA1UdIwQY
MBaAFOThdw34xugD/Os2TIaOMkbk0zdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU9GM0Rmakc2QVA4NnpaTWhvNHlSdVRUTjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzEyMGUtZDc5Ny00YjVjLWE1YTct
MTZiNTVlZDQ5MDUzLzEvcU9LUEZVTE44NklUNTlaSkJHTkNqZ3ZyeVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNzEyMGUtZDc5Ny00YjVjLWE1YTctMTZiNTVlZDQ5MDUz
LzEvNU9GM0Rmakc2QVA4NnpaTWhvNHlSdVRUTjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+bnMA0G
CSqGSIb3DQEBCwUAA4IBAQCgeRTg0eR1WK2l771583z8Eu/ikSWevCucgmtGldPT
wZbPIrTuBX6yTcg72bz48MxpQcXCBYhucxFbYMafh9Z2jOD2L4ZXc0CKbw3BVPI5
Wp1yC+/9db8AocaWw5mecGEAfnezUfEUb3NATGTumQ9OytuvQYjuuuHOXITZD7UD
3N7PE0FgfOR1hP+dZy+ms8WMk8fJinhgSwc34I1FWkAEgIKxoZ3HvM2epeiv25WQ
rnvKKcbtT8ct5W5StYWcUAsa/rzqLCUg8szr+6ZMeu+CrfGMNePPLQCA6tvsgkmx
4kYqeS2YotFgkn1lYhlDyqPPS0Mie0xknC90tvqwTi/s
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:00:12 2025 by rpki-client