Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/ojqzm1WVnOB7vsu9340f9HR7484.roa
File: ojqzm1WVnOB7vsu9340f9HR7484.roa (raw, json)
Hash identifier: fMJAmwD5O+Vok7lvTIFDerOXura/7Kbd0ByjbHDi0VE=
Subject key identifier: A2:3A:B3:9B:55:95:9C:E0:7B:BE:CB:BD:DF:8D:1F:F4:74:7B:E3:CE
Certificate issuer: /CN=92b9279622a0cd7d58aa2ba436fbe3f20b17eb3d
Certificate serial: 018CC2DAD7FACFF307F46AB36B4567DFC30E
Authority key identifier: 92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/krknliKgzX1YqiukNvvj8gsX6z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/ojqzm1WVnOB7vsu9340f9HR7484.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209428
IP address blocks: 91.206.229.0/24 maxlen: 24
2a09:5ec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d7:fa:cf:f3:07:f4:6a:b3:6b:45:67:df:c3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92b9279622a0cd7d58aa2ba436fbe3f20b17eb3d
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a23ab39b55959ce07bbecbbddf8d1ff4747be3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7d:ed:cb:49:e4:ea:a9:7b:98:85:bd:99:a4:
ae:f4:b2:97:c3:18:64:04:9e:fd:1a:12:2b:02:3d:
90:6b:a2:9e:dd:ab:a2:f7:6f:ef:03:78:ca:1c:89:
fe:26:4e:d3:7c:aa:c9:e6:bf:54:1b:99:23:0d:88:
ef:0b:74:ce:dd:ab:c0:3f:ec:ae:66:3d:5a:3d:d4:
43:d4:ed:d2:0a:7d:71:31:7a:54:ac:18:31:ea:9d:
98:12:70:db:97:64:de:33:53:48:48:11:62:e7:cf:
3b:49:5e:2f:40:b2:1c:5e:2c:99:cd:83:32:ed:a3:
c4:f0:70:fa:d8:19:8b:14:bc:92:8d:dd:53:7b:61:
02:80:7b:9e:79:96:3f:29:ac:cc:99:7f:32:cf:25:
f4:b9:c7:19:f8:26:42:49:f8:d8:6a:6b:9c:86:61:
01:55:07:9c:d9:95:d0:2b:7e:72:18:79:00:c5:b1:
55:c5:04:7e:71:11:97:40:e9:77:12:0a:0e:c9:9f:
e7:ca:db:19:98:44:fd:94:51:98:1e:e6:45:44:eb:
2e:7a:a5:de:e8:fd:b6:83:54:64:4b:4a:8b:3b:48:
6e:94:47:a9:d5:52:b1:c8:e6:f9:07:e9:35:e2:f3:
e8:1d:ed:a5:f6:cb:f0:93:bd:c0:9f:cd:16:fa:04:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3A:B3:9B:55:95:9C:E0:7B:BE:CB:BD:DF:8D:1F:F4:74:7B:E3:CE
X509v3 Authority Key Identifier:
keyid:92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/krknliKgzX1YqiukNvvj8gsX6z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/ojqzm1WVnOB7vsu9340f9HR7484.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/krknliKgzX1YqiukNvvj8gsX6z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.229.0/24
IPv6:
2a09:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
00:14:62:49:68:84:6d:6d:5d:c6:e1:1d:28:67:c9:0f:7d:26:
6f:d7:c3:ee:8b:b9:88:8b:3e:48:0b:ca:08:bc:dd:98:3b:ce:
a9:68:b1:ad:6d:25:52:c3:32:20:06:bd:a8:7f:5e:ff:83:7f:
4a:38:e1:d1:1f:b5:c8:02:31:22:77:9b:72:15:ce:e0:36:b9:
5a:9e:47:b7:10:63:09:72:ee:14:3e:75:ec:ec:09:45:9c:41:
23:37:c7:4c:10:6f:bf:08:82:3f:71:19:f4:01:a6:85:2c:49:
44:71:b6:9b:b1:61:bf:4c:50:64:55:d7:a1:56:57:43:e1:00:
16:c2:ec:38:a5:05:2c:2d:3b:69:bc:09:6e:5b:97:16:1b:a2:
63:82:d7:bc:0f:57:c3:71:15:10:f4:c0:d1:46:05:96:04:17:
df:6b:79:8d:61:5c:6a:18:5d:1a:54:28:4f:fe:62:88:ff:0d:
6e:da:bd:e4:49:57:df:da:97:67:18:64:ce:c8:4e:84:06:54:
75:95:18:6d:fc:c4:48:e2:e3:8d:7b:35:e6:c2:45:cf:7e:25:
b5:4f:fb:ba:af:97:92:80:eb:29:95:0a:67:b5:a3:9f:6d:e9:
e8:9d:cb:de:d2:f7:e3:e0:1d:ef:aa:09:e3:03:b6:e6:12:1a:
35:b8:48:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2tf6z/MH9Gqza0Vn38MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYjkyNzk2MjJhMGNkN2Q1OGFhMmJhNDM2ZmJlM2YyMGIx
N2ViM2QwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNhYjM5YjU1OTU5Y2UwN2JiZWNiYmRkZjhkMWZmNDc0N2JlM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX3ty0nk6ql7mIW9maSu9LKXwxhk
BJ79GhIrAj2Qa6Ke3aui92/vA3jKHIn+Jk7TfKrJ5r9UG5kjDYjvC3TO3avAP+yu
Zj1aPdRD1O3SCn1xMXpUrBgx6p2YEnDbl2TeM1NISBFi5887SV4vQLIcXiyZzYMy
7aPE8HD62BmLFLySjd1Te2ECgHueeZY/KazMmX8yzyX0uccZ+CZCSfjYamuchmEB
VQec2ZXQK35yGHkAxbFVxQR+cRGXQOl3EgoOyZ/nytsZmET9lFGYHuZFROsueqXe
6P22g1RkS0qLO0hulEep1VKxyOb5B+k14vPoHe2l9svwk73An80W+gTD6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKI6s5tVlZzge77Lvd+NH/R0e+POMB8GA1UdIwQY
MBaAFJK5J5YioM19WKorpDb74/ILF+s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3JrbmxpS2d6WDFZcWl1a052dmo4Z3NYNnowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iMjRiZGItYTYwNC00YjJhLTkwOGYt
Yzk4Yjg4ZTcxOTQ4LzEvb2pxem0xV1ZuT0I3dnN1OTM0MGY5SFI3NDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iMjRiZGItYTYwNC00YjJhLTkwOGYtYzk4Yjg4ZTcxOTQ4
LzEva3JrbmxpS2d6WDFZcWl1a052dmo4Z3NYNnowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW87lMA0E
AgACMAcDBQMqCV7AMA0GCSqGSIb3DQEBCwUAA4IBAQAAFGJJaIRtbV3G4R0oZ8kP
fSZv18Pui7mIiz5IC8oIvN2YO86paLGtbSVSwzIgBr2of17/g39KOOHRH7XIAjEi
d5tyFc7gNrlanke3EGMJcu4UPnXs7AlFnEEjN8dMEG+/CII/cRn0AaaFLElEcbab
sWG/TFBkVdehVldD4QAWwuw4pQUsLTtpvAluW5cWG6Jjgte8D1fDcRUQ9MDRRgWW
BBffa3mNYVxqGF0aVChP/mKI/w1u2r3kSVff2pdnGGTOyE6EBlR1lRht/MRI4uON
ezXmwkXPfiW1T/u6r5eSgOsplQpntaOfbenoncve0vfj4B3vqgnjA7bmEho1uEit
-----END CERTIFICATE-----
Generated at Mon Nov 4 18:13:02 2024 by rpki-client on console-fra.rpki-client.org