Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/i5QXiPkXceFCKpymhBdKs-kxqdg.roa
File: i5QXiPkXceFCKpymhBdKs-kxqdg.roa (raw, json)
Hash identifier: JW9l6XsHQNvt/hO+lQdoU/xk33G+5qgeiTQZTkcdU8Y=
Subject key identifier: 8B:94:17:88:F9:17:71:E1:42:2A:9C:A6:84:17:4A:B3:E9:31:A9:D8
Certificate issuer: /CN=9f9467efa0994f8a31f3343dc300baa4936a82dc
Certificate serial: 019423D6ED23B1632EF385CC685B4132C994
Authority key identifier: 9F:94:67:EF:A0:99:4F:8A:31:F3:34:3D:C3:00:BA:A4:93:6A:82:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/i5QXiPkXceFCKpymhBdKs-kxqdg.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62342
IP address blocks: 91.198.162.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ed:23:b1:63:2e:f3:85:cc:68:5b:41:32:c9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f9467efa0994f8a31f3343dc300baa4936a82dc
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b941788f91771e1422a9ca684174ab3e931a9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c9:e0:3c:af:41:0e:ce:da:2f:f5:94:aa:c7:
41:9c:ab:80:c8:1a:6d:e5:e4:7f:87:71:24:4f:a2:
ba:b4:e1:06:00:8c:45:6c:07:9d:d6:6b:71:5d:92:
71:ad:bb:b1:67:a5:6f:c7:01:b2:be:23:0c:2c:81:
f9:5a:26:60:ea:2c:4f:44:ea:0d:01:21:6e:2c:05:
21:54:66:88:4d:6e:4a:fb:18:48:1e:9d:00:c8:8a:
7c:d6:f9:1d:d3:58:06:0e:60:bb:01:88:56:f0:5c:
7e:67:c2:46:93:08:da:02:cf:62:06:49:05:f7:5e:
bd:c1:3e:55:c2:b1:4a:3d:62:3b:b0:f3:85:a9:b8:
48:4a:f1:88:37:ed:90:c1:84:eb:82:54:ed:0c:73:
08:f1:4a:de:a4:61:d4:75:c3:e5:c5:52:0e:bc:1f:
a0:b9:d2:a7:0f:21:dd:06:e7:18:8f:1f:f5:19:c6:
37:1b:b3:43:06:91:25:c0:84:ba:60:58:74:5c:a2:
c2:73:36:74:75:54:70:88:ab:d9:64:8a:84:dd:eb:
24:40:6f:3d:8a:77:43:5b:aa:e9:b6:b6:2b:74:a5:
3a:73:7a:2e:76:03:66:60:96:e7:77:69:f1:03:44:
c1:76:e6:8d:29:ce:af:8e:7c:19:f5:40:04:de:65:
ed:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:94:17:88:F9:17:71:E1:42:2A:9C:A6:84:17:4A:B3:E9:31:A9:D8
X509v3 Authority Key Identifier:
keyid:9F:94:67:EF:A0:99:4F:8A:31:F3:34:3D:C3:00:BA:A4:93:6A:82:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/i5QXiPkXceFCKpymhBdKs-kxqdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.162.0/24
Signature Algorithm: sha256WithRSAEncryption
39:82:d8:dd:d4:d8:67:09:27:4e:6d:67:fe:63:90:70:ec:bc:
a1:0f:d0:31:06:60:13:5d:f2:7c:59:4d:5a:32:4a:d8:a9:1a:
05:ee:9e:16:2e:a4:62:21:ad:44:b0:10:e4:a5:58:a6:68:42:
b9:aa:3f:de:9c:ca:85:68:86:30:09:22:c8:07:3b:b2:91:d4:
13:fa:e6:19:f2:0a:da:c9:11:70:7a:4b:d0:ff:38:2c:b3:67:
5f:c8:f0:a5:fb:1d:07:19:68:d1:5d:f5:91:7f:13:5c:dd:9a:
31:a4:fc:ec:6a:81:27:e0:5e:2e:94:b3:d5:dc:cc:3a:44:a4:
b3:92:7c:34:9e:f7:c5:4d:86:79:ac:26:11:48:78:0e:8e:1b:
c5:07:4b:68:6f:09:1f:c3:9e:7c:b9:12:34:9f:9a:ef:a9:19:
66:32:7d:af:b7:7f:18:7d:c4:f4:1b:55:48:68:e5:a8:5d:0c:
a7:8c:62:b7:42:b8:91:5d:bf:e0:d7:0a:45:46:ba:44:aa:9d:
e7:f2:e7:91:03:67:87:17:71:13:26:5f:58:df:5a:9d:5d:40:
87:26:04:e4:59:62:a4:30:b8:98:4c:f4:b9:0c:1c:f0:14:9b:
e0:3b:e3:12:91:c6:cc:53:0c:c1:27:d6:a6:c3:78:c6:23:53:
8f:f6:c3:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1u0jsWMu84XMaFtBMsmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOTQ2N2VmYTA5OTRmOGEzMWYzMzQzZGMzMDBiYWE0OTM2
YTgyZGMwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk0MTc4OGY5MTc3MWUxNDIyYTljYTY4NDE3NGFiM2U5MzFhOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8ngPK9BDs7aL/WUqsdBnKuAyBpt
5eR/h3EkT6K6tOEGAIxFbAed1mtxXZJxrbuxZ6VvxwGyviMMLIH5WiZg6ixPROoN
ASFuLAUhVGaITW5K+xhIHp0AyIp81vkd01gGDmC7AYhW8Fx+Z8JGkwjaAs9iBkkF
9169wT5VwrFKPWI7sPOFqbhISvGIN+2QwYTrglTtDHMI8UrepGHUdcPlxVIOvB+g
udKnDyHdBucYjx/1GcY3G7NDBpElwIS6YFh0XKLCczZ0dVRwiKvZZIqE3eskQG89
indDW6rptrYrdKU6c3oudgNmYJbnd2nxA0TBduaNKc6vjnwZ9UAE3mXt7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuUF4j5F3HhQiqcpoQXSrPpManYMB8GA1UdIwQY
MBaAFJ+UZ++gmU+KMfM0PcMAuqSTaoLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjVSbjc2Q1pUNG94OHpROXd3QzZwSk5xZ3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iMmQyNzQtYTk1MS00Mzk3LWI5OWQt
YzMwYzdiNTVjMmJjLzEvaTVRWGlQa1hjZUZDS3B5bWhCZEtzLWt4cWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iMmQyNzQtYTk1MS00Mzk3LWI5OWQtYzMwYzdiNTVjMmJj
LzEvbjVSbjc2Q1pUNG94OHpROXd3QzZwSk5xZ3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8aiMA0G
CSqGSIb3DQEBCwUAA4IBAQA5gtjd1NhnCSdObWf+Y5Bw7LyhD9AxBmATXfJ8WU1a
MkrYqRoF7p4WLqRiIa1EsBDkpVimaEK5qj/enMqFaIYwCSLIBzuykdQT+uYZ8gra
yRFwekvQ/zgss2dfyPCl+x0HGWjRXfWRfxNc3ZoxpPzsaoEn4F4ulLPV3Mw6RKSz
knw0nvfFTYZ5rCYRSHgOjhvFB0tobwkfw558uRI0n5rvqRlmMn2vt38YfcT0G1VI
aOWoXQynjGK3QriRXb/g1wpFRrpEqp3n8ueRA2eHF3ETJl9Y31qdXUCHJgTkWWKk
MLiYTPS5DBzwFJvgO+MSkcbMUwzBJ9amw3jGI1OP9sMh
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:39:01 2025 by rpki-client