Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/suq-4i1VIRN9yv6iQS0q-KSnFeM.roa
File: suq-4i1VIRN9yv6iQS0q-KSnFeM.roa (raw, json)
Hash identifier: FmAlRdAl1RJnLpIpkPzJm51HwXqy7raAet8By/3fGB0=
Subject key identifier: B2:EA:BE:E2:2D:55:21:13:7D:CA:FE:A2:41:2D:2A:F8:A4:A7:15:E3
Certificate issuer: /CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Certificate serial: 018CC94AA9C475347C612DD4206068284D06
Authority key identifier: D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/suq-4i1VIRN9yv6iQS0q-KSnFeM.roa
Signing time: Tue 02 Jan 2024 08:29:22 +0000
ROA not before: Tue 02 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 91.223.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:a9:c4:75:34:7c:61:2d:d4:20:60:68:28:4d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Validity
Not Before: Jan 2 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2eabee22d5521137dcafea2412d2af8a4a715e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2a:9d:72:a0:db:03:a9:ba:e0:99:83:02:0f:
09:04:00:28:e1:75:72:b6:9c:a9:42:b9:f4:a4:f7:
8d:fd:fa:76:fd:02:6c:74:2f:3b:bb:ce:aa:4b:ae:
c1:06:94:b1:a2:e7:4f:39:95:e0:a5:38:fd:89:f8:
80:e2:71:8e:18:fe:4e:c7:a1:94:59:35:b4:2d:98:
e3:e0:d1:51:8c:8f:da:88:91:7a:3b:9b:b4:0b:0d:
f9:06:77:77:b6:4b:47:da:1e:8e:39:e9:4d:b9:03:
60:6e:45:c3:6e:e2:69:24:8a:1f:cc:7a:35:30:28:
1a:4b:4d:1a:6a:78:2a:04:87:4b:1d:c7:67:20:a7:
c9:27:11:43:ab:c1:60:98:b2:70:27:ac:fb:0f:d4:
3d:95:cd:ee:c7:c7:cc:89:08:26:fc:d4:4c:c8:59:
83:4f:54:fe:6e:01:47:80:e3:ec:f1:6f:bb:57:80:
55:fd:05:2b:37:a1:20:9a:c6:ae:a1:80:40:3a:0d:
56:b3:06:17:36:43:52:54:0f:65:a3:e5:97:b5:cf:
15:7b:59:a4:2d:9d:5f:15:f7:04:33:64:7f:36:ce:
bb:c3:e3:d4:f3:ef:29:12:fc:ea:e4:55:a8:12:ce:
7f:ef:3f:0d:f2:44:31:47:59:dd:55:00:52:8d:8f:
9b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EA:BE:E2:2D:55:21:13:7D:CA:FE:A2:41:2D:2A:F8:A4:A7:15:E3
X509v3 Authority Key Identifier:
keyid:D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/suq-4i1VIRN9yv6iQS0q-KSnFeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/1EWd1vfM7P6-tDT8CNuOItRWnCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.67.0/24
Signature Algorithm: sha256WithRSAEncryption
28:1d:ec:47:eb:96:5e:12:de:5a:e3:e2:0c:a5:5c:ed:f6:25:
53:b9:c5:14:ba:9e:ea:e7:4b:f7:71:6c:cc:d9:34:69:ba:87:
dc:e1:a6:60:6e:74:d5:12:d0:73:05:45:a1:6b:50:5f:ee:37:
7a:f9:cb:2f:55:dd:0a:fd:7d:80:69:79:eb:14:9c:e5:c9:9d:
48:de:73:d3:b1:5a:b2:0b:43:57:af:42:65:34:90:56:a3:e6:
fe:c7:02:41:69:47:a9:1e:f2:5a:8a:52:85:5f:61:63:8b:69:
c5:f8:4f:c2:fc:ff:e2:87:9d:2f:f6:d9:57:1b:6e:9d:9e:90:
a9:8b:d2:b1:06:2d:84:eb:5f:08:12:2b:7e:6c:fa:c3:f5:0b:
08:cc:3b:75:7e:69:a2:33:37:21:6e:9e:13:cb:cd:c7:a5:61:
d2:31:49:9b:c2:f5:dc:5e:95:ef:4f:cc:a5:7b:0a:fb:b8:7b:
93:6b:11:64:41:8d:bb:0a:f3:cb:ca:06:b0:d0:fe:c3:b6:39:
ae:4f:4a:00:db:a0:65:cf:6d:e7:0c:ee:8f:26:9a:06:b2:97:
d5:94:48:07:dd:b5:9d:6d:d8:65:bc:90:0b:a6:52:6f:af:1b:
63:76:be:1d:c9:76:05:df:eb:54:70:d5:ce:8d:94:79:e0:dd:
85:a4:a4:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSqnEdTR8YS3UIGBoKE0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDU5ZGQ2ZjdjY2VjZmViZWI0MzRmYzA4ZGI4ZTIyZDQ1
NjljMjMwHhcNMjQwMTAyMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVhYmVlMjJkNTUyMTEzN2RjYWZlYTI0MTJkMmFmOGE0YTcxNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yqdcqDbA6m64JmDAg8JBAAo4XVy
tpypQrn0pPeN/fp2/QJsdC87u86qS67BBpSxoudPOZXgpTj9ifiA4nGOGP5Ox6GU
WTW0LZjj4NFRjI/aiJF6O5u0Cw35Bnd3tktH2h6OOelNuQNgbkXDbuJpJIofzHo1
MCgaS00aangqBIdLHcdnIKfJJxFDq8FgmLJwJ6z7D9Q9lc3ux8fMiQgm/NRMyFmD
T1T+bgFHgOPs8W+7V4BV/QUrN6EgmsauoYBAOg1WswYXNkNSVA9lo+WXtc8Ve1mk
LZ1fFfcEM2R/Ns67w+PU8+8pEvzq5FWoEs5/7z8N8kQxR1ndVQBSjY+bswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLqvuItVSETfcr+okEtKvikpxXjMB8GA1UdIwQY
MBaAFNRFndb3zOz+vrQ0/AjbjiLUVpwjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUt
MWNhMmQ1NWUyMDYxLzEvc3VxLTRpMVZJUk45eXY2aVFTMHEtS1NuRmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUtMWNhMmQ1NWUyMDYx
LzEvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99DMA0G
CSqGSIb3DQEBCwUAA4IBAQAoHexH65ZeEt5a4+IMpVzt9iVTucUUup7q50v3cWzM
2TRpuofc4aZgbnTVEtBzBUWha1Bf7jd6+csvVd0K/X2AaXnrFJzlyZ1I3nPTsVqy
C0NXr0JlNJBWo+b+xwJBaUepHvJailKFX2Fji2nF+E/C/P/ih50v9tlXG26dnpCp
i9KxBi2E618IEit+bPrD9QsIzDt1fmmiMzchbp4Ty83HpWHSMUmbwvXcXpXvT8yl
ewr7uHuTaxFkQY27CvPLygaw0P7DtjmuT0oA26Blz23nDO6PJpoGspfVlEgH3bWd
bdhlvJALplJvrxtjdr4dyXYF3+tUcNXOjZR54N2FpKR2
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:18:29 2025 by rpki-client