Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/h-443lIcQwaCD-veVnsP1XadsaM.roa
File: h-443lIcQwaCD-veVnsP1XadsaM.roa (raw, json)
Hash identifier: uxNRsQLOloFwdBYO7Waw1zzjDGFDTlmJ+O6WZ2De+qs=
Subject key identifier: 87:EE:38:DE:52:1C:43:06:82:0F:EB:DE:56:7B:0F:D5:76:9D:B1:A3
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 01856F8B746F5CEE2A9D513D678EA1B459B3
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/h-443lIcQwaCD-veVnsP1XadsaM.roa
Signing time: Sun 01 Jan 2023 22:54:48 +0000
ROA not before: Sun 01 Jan 2023 22:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 91.231.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:74:6f:5c:ee:2a:9d:51:3d:67:8e:a1:b4:59:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Jan 1 22:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87ee38de521c4306820febde567b0fd5769db1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ce:46:ff:95:25:64:53:10:d0:b1:8d:7b:96:
8e:54:e1:3d:d7:f7:7c:f6:da:ff:a2:e8:27:08:27:
63:a0:56:92:f6:d0:a2:af:05:e5:52:95:e5:e1:3b:
7d:2b:04:c5:dc:07:b3:80:ed:0e:e0:cf:32:78:41:
5e:c0:be:11:46:af:bb:33:83:66:e0:5e:71:57:0b:
57:2b:ef:89:a4:59:6b:11:56:7b:47:db:f6:37:b8:
74:32:88:78:39:4a:33:dc:c3:f5:7b:d5:88:3a:7c:
64:2c:90:f3:13:f7:65:76:f7:e6:1d:cc:ae:08:c6:
0a:cf:87:9a:60:39:12:47:47:5d:d2:5f:8b:93:d5:
ac:d0:a0:48:9e:e6:79:15:23:a8:8b:65:b1:88:32:
84:f5:93:6b:c7:7c:7c:77:9c:1f:a9:3c:94:16:8b:
63:80:a1:21:7c:46:92:9c:25:d4:39:5a:33:e8:8c:
37:a0:96:5e:36:a3:b3:e4:e8:90:a4:e1:e3:36:1c:
77:da:49:b8:cd:03:0c:09:d7:8b:fe:9d:88:2c:cd:
d0:70:cc:00:f4:bc:a2:62:99:26:80:40:09:66:c0:
a8:ae:35:d4:0c:84:4f:e6:bc:6a:96:56:a1:32:10:
90:4f:e8:f8:67:28:62:65:21:d5:9f:13:08:23:1c:
96:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EE:38:DE:52:1C:43:06:82:0F:EB:DE:56:7B:0F:D5:76:9D:B1:A3
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/h-443lIcQwaCD-veVnsP1XadsaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.156.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:53:9a:c4:a4:8c:d9:36:a3:6d:48:1d:9a:ea:8e:e8:b4:8f:
63:67:ec:65:b1:e7:d3:07:3e:80:d5:20:de:39:fc:fb:db:a5:
2c:79:bf:bb:82:f4:08:02:db:64:63:d3:3b:65:ad:86:91:8c:
5d:83:f9:99:bc:95:0f:ca:03:5b:37:b5:4c:68:2a:e0:9c:9d:
43:e7:15:f2:2c:4d:f0:4d:c2:44:cb:2b:1a:68:aa:84:00:53:
82:5b:a2:98:2f:54:66:3a:2f:df:50:37:08:d8:88:3f:54:17:
1f:de:1e:1d:bc:4d:27:a7:37:b2:23:c8:1e:79:69:15:d4:78:
55:01:fd:f2:6d:93:52:eb:99:e2:e1:1d:04:76:36:27:81:88:
32:72:26:f4:a7:54:6b:ff:ba:1d:5f:db:e9:8c:c4:30:be:2a:
1b:48:26:8c:e6:5b:00:ed:7e:6d:93:9b:88:90:f1:b4:82:6b:
d4:d8:39:21:14:ac:f6:d5:27:6e:fe:d6:18:1d:57:d0:f0:11:
bd:43:d5:74:12:db:34:9e:d5:87:9d:62:d9:1f:eb:f3:b9:35:
ab:e1:db:a6:17:10:e2:5c:85:14:cf:ad:6b:ec:fb:43:90:07:
a5:9e:6a:cb:0c:b2:0a:c3:10:13:9a:8b:6e:0c:6f:91:d4:dc:
aa:39:21:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi3RvXO4qnVE9Z46htFmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjMwMTAxMjI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VlMzhkZTUyMWM0MzA2ODIwZmViZGU1NjdiMGZkNTc2OWRiMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0s5G/5UlZFMQ0LGNe5aOVOE91/d8
9tr/ougnCCdjoFaS9tCirwXlUpXl4Tt9KwTF3AezgO0O4M8yeEFewL4RRq+7M4Nm
4F5xVwtXK++JpFlrEVZ7R9v2N7h0Moh4OUoz3MP1e9WIOnxkLJDzE/dldvfmHcyu
CMYKz4eaYDkSR0dd0l+Lk9Ws0KBInuZ5FSOoi2WxiDKE9ZNrx3x8d5wfqTyUFotj
gKEhfEaSnCXUOVoz6Iw3oJZeNqOz5OiQpOHjNhx32km4zQMMCdeL/p2ILM3QcMwA
9LyiYpkmgEAJZsCorjXUDIRP5rxqllahMhCQT+j4ZyhiZSHVnxMIIxyWkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfuON5SHEMGgg/r3lZ7D9V2nbGjMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvaC00NDNsSWNRd2FDRC12ZVZuc1AxWGFkc2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ecMA0G
CSqGSIb3DQEBCwUAA4IBAQAaU5rEpIzZNqNtSB2a6o7otI9jZ+xlsefTBz6A1SDe
Ofz726Useb+7gvQIAttkY9M7Za2GkYxdg/mZvJUPygNbN7VMaCrgnJ1D5xXyLE3w
TcJEyysaaKqEAFOCW6KYL1RmOi/fUDcI2Ig/VBcf3h4dvE0npzeyI8geeWkV1HhV
Af3ybZNS65ni4R0EdjYngYgycib0p1Rr/7odX9vpjMQwviobSCaM5lsA7X5tk5uI
kPG0gmvU2DkhFKz21Sdu/tYYHVfQ8BG9Q9V0Ets0ntWHnWLZH+vzuTWr4dumFxDi
XIUUz61r7PtDkAelnmrLDLIKwxATmotuDG+R1NyqOSF9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:27 2025 by rpki-client