Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/162832-e9fb-4f36-b206-027bd73a5104/1/ihUJobeqsWSV0_6mEN7SOTaK4zw.roa
File: ihUJobeqsWSV0_6mEN7SOTaK4zw.roa (raw, json)
Hash identifier: L2owEfhAQociYg63uRie5sVlnAJHAlT4KzUCJhsYNBw=
Subject key identifier: 8A:15:09:A1:B7:AA:B1:64:95:D3:FE:A6:10:DE:D2:39:36:8A:E3:3C
Certificate issuer: /CN=6c1f4681e8c7e796d1bc5ad986705d998a8ad4ef
Certificate serial: 01856FF97DD5AFAFA4163398DC9A75023B44
Authority key identifier: 6C:1F:46:81:E8:C7:E7:96:D1:BC:5A:D9:86:70:5D:99:8A:8A:D4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bB9GgejH55bRvFrZhnBdmYqK1O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/162832-e9fb-4f36-b206-027bd73a5104/1/ihUJobeqsWSV0_6mEN7SOTaK4zw.roa
Signing time: Mon 02 Jan 2023 00:54:59 +0000
ROA not before: Mon 02 Jan 2023 00:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42423
IP address blocks: 80.91.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:7d:d5:af:af:a4:16:33:98:dc:9a:75:02:3b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c1f4681e8c7e796d1bc5ad986705d998a8ad4ef
Validity
Not Before: Jan 2 00:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a1509a1b7aab16495d3fea610ded239368ae33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3a:05:ce:9f:d0:70:03:67:db:86:16:97:2b:
fb:02:28:c1:f1:e6:80:f6:94:26:40:e6:97:c9:b1:
4f:f3:ba:ea:06:63:59:42:3a:ea:8c:26:f9:93:7f:
ff:df:28:78:e2:79:73:3a:8b:04:31:f0:1f:0a:06:
01:5e:e0:dd:03:75:d1:63:95:e7:8f:4a:e6:5b:41:
59:e3:ab:a9:26:5b:35:e4:2a:c6:87:e1:2e:8e:8f:
86:1e:6a:01:b8:a6:45:1f:a3:29:57:c8:dd:bb:29:
73:11:b2:73:98:6e:db:6a:36:57:bd:84:ac:25:13:
88:13:4b:5d:d6:29:a9:e3:07:a0:e2:6e:b5:be:08:
b9:31:37:5d:16:e6:fd:a5:8f:77:2e:fd:95:90:29:
11:e7:68:a5:82:c3:c8:ee:f3:56:f3:57:b6:78:7d:
0e:45:00:71:8c:44:c5:79:96:7d:16:c3:4a:a7:1c:
69:c5:36:75:d2:eb:39:71:e9:87:bd:76:e5:6a:28:
cc:87:7a:8c:99:f7:a4:dc:14:66:20:15:1c:81:81:
20:f6:11:b1:da:ad:00:ad:c0:2d:7b:fd:e9:d5:37:
59:c5:19:2e:8d:ca:51:5c:21:d0:2a:41:47:0a:8f:
f9:db:a3:99:9a:44:4f:de:46:c2:3e:52:b5:b3:34:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:15:09:A1:B7:AA:B1:64:95:D3:FE:A6:10:DE:D2:39:36:8A:E3:3C
X509v3 Authority Key Identifier:
keyid:6C:1F:46:81:E8:C7:E7:96:D1:BC:5A:D9:86:70:5D:99:8A:8A:D4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bB9GgejH55bRvFrZhnBdmYqK1O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/162832-e9fb-4f36-b206-027bd73a5104/1/ihUJobeqsWSV0_6mEN7SOTaK4zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/162832-e9fb-4f36-b206-027bd73a5104/1/bB9GgejH55bRvFrZhnBdmYqK1O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.221.0/24
Signature Algorithm: sha256WithRSAEncryption
86:4d:04:8e:bf:4d:93:f6:e1:5f:1f:47:10:71:bc:16:3f:e2:
f6:98:a5:1e:a3:61:f9:e8:d9:b3:0b:1f:55:3a:d1:c0:5b:10:
d5:12:a4:71:28:1c:50:94:6a:69:02:78:19:91:ab:df:c7:07:
45:51:f0:c5:a9:53:3c:e6:1f:b4:de:fd:a2:ef:fd:7d:56:1f:
2c:b3:82:cc:c9:e3:e8:1a:11:51:1a:2b:57:19:90:19:40:c2:
b5:ca:a5:36:8a:dc:64:56:22:a7:b6:05:51:71:6c:6e:4c:7f:
f9:89:49:2e:37:83:37:18:b1:f9:02:01:f1:cc:32:01:47:c1:
8b:91:84:b1:57:55:d5:84:b1:5d:d2:79:7a:59:34:9d:6c:60:
3f:f0:e8:57:96:69:8d:0b:57:bb:ba:aa:b8:d3:93:d8:cd:f3:
1f:51:fc:a9:9e:51:0d:c4:de:53:15:1d:04:e4:4a:7c:47:0d:
44:29:5a:f4:44:4a:c0:20:72:06:82:a1:63:3f:81:81:a5:cb:
f7:3a:e5:96:16:75:5c:57:94:02:ec:c7:9a:69:8d:9b:d6:d9:
27:43:3a:3f:7a:b3:dd:90:b7:a6:44:59:af:54:fc:6d:d3:ac:
92:5b:b3:3c:71:e4:1a:48:d4:fe:93:43:20:19:10:a4:fb:0f:
d0:47:bc:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+X3Vr6+kFjOY3Jp1AjtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMWY0NjgxZThjN2U3OTZkMWJjNWFkOTg2NzA1ZDk5OGE4
YWQ0ZWYwHhcNMjMwMTAyMDA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE1MDlhMWI3YWFiMTY0OTVkM2ZlYTYxMGRlZDIzOTM2OGFlMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDoFzp/QcANn24YWlyv7AijB8eaA
9pQmQOaXybFP87rqBmNZQjrqjCb5k3//3yh44nlzOosEMfAfCgYBXuDdA3XRY5Xn
j0rmW0FZ46upJls15CrGh+Eujo+GHmoBuKZFH6MpV8jduylzEbJzmG7bajZXvYSs
JROIE0td1imp4weg4m61vgi5MTddFub9pY93Lv2VkCkR52ilgsPI7vNW81e2eH0O
RQBxjETFeZZ9FsNKpxxpxTZ10us5cemHvXblaijMh3qMmfek3BRmIBUcgYEg9hGx
2q0ArcAte/3p1TdZxRkujcpRXCHQKkFHCo/526OZmkRP3kbCPlK1szSJpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoVCaG3qrFkldP+phDe0jk2iuM8MB8GA1UdIwQY
MBaAFGwfRoHox+eW0bxa2YZwXZmKitTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkI5R2dlakg1NWJSdkZyWmhuQmRtWXFLMU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xNjI4MzItZTlmYi00ZjM2LWIyMDYt
MDI3YmQ3M2E1MTA0LzEvaWhVSm9iZXFzV1NWMF82bUVON1NPVGFLNHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xNjI4MzItZTlmYi00ZjM2LWIyMDYtMDI3YmQ3M2E1MTA0
LzEvYkI5R2dlakg1NWJSdkZyWmhuQmRtWXFLMU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvdMA0G
CSqGSIb3DQEBCwUAA4IBAQCGTQSOv02T9uFfH0cQcbwWP+L2mKUeo2H56NmzCx9V
OtHAWxDVEqRxKBxQlGppAngZkavfxwdFUfDFqVM85h+03v2i7/19Vh8ss4LMyePo
GhFRGitXGZAZQMK1yqU2itxkViKntgVRcWxuTH/5iUkuN4M3GLH5AgHxzDIBR8GL
kYSxV1XVhLFd0nl6WTSdbGA/8OhXlmmNC1e7uqq405PYzfMfUfypnlENxN5TFR0E
5Ep8Rw1EKVr0RErAIHIGgqFjP4GBpcv3OuWWFnVcV5QC7MeaaY2b1tknQzo/erPd
kLemRFmvVPxt06ySW7M8ceQaSNT+k0MgGRCk+w/QR7wR
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:51 2025 by rpki-client