Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/0q6rS3kCSSVMJf4Lxo24nXGtx0w.roa
File: 0q6rS3kCSSVMJf4Lxo24nXGtx0w.roa (raw, json)
Hash identifier: nQoSNvRe66iz7Z0KtPDokjStMToAkByLIey4nC3zNBs=
Subject key identifier: D2:AE:AB:4B:79:02:49:25:4C:25:FE:0B:C6:8D:B8:9D:71:AD:C7:4C
Certificate issuer: /CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Certificate serial: 0185704BC91849FC8CE73E971457005C3F8A
Authority key identifier: E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/0q6rS3kCSSVMJf4Lxo24nXGtx0w.roa
Signing time: Mon 02 Jan 2023 02:24:52 +0000
ROA not before: Mon 02 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.190.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c9:18:49:fc:8c:e7:3e:97:14:57:00:5c:3f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Validity
Not Before: Jan 2 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2aeab4b790249254c25fe0bc68db89d71adc74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:3c:fc:a2:53:8e:4a:78:ea:a8:3b:86:fd:
f6:a4:d5:03:e7:e6:af:9c:14:99:d5:54:36:c6:c4:
1b:fd:32:1f:8b:e8:81:b5:d4:87:b2:0d:56:00:e7:
cd:21:6a:86:7d:d8:42:7b:61:ab:03:c1:f5:e8:5f:
58:72:3e:fc:ef:d9:bb:bb:bf:6a:6d:70:2c:80:6b:
e6:2b:5e:98:77:cd:6e:5a:06:1c:59:5a:f0:fb:d0:
84:f6:41:1c:ec:b2:67:21:8b:32:f2:20:e4:f4:4d:
5f:54:d9:65:dc:5b:9c:5f:7b:f5:85:13:1c:16:ea:
40:03:2d:a4:66:63:96:a4:87:55:28:93:2d:de:c0:
52:d1:8d:6b:c2:b3:bf:35:4a:c0:cf:a8:90:67:6d:
12:a4:d5:ab:85:5e:e4:87:14:fd:0a:f6:20:a6:d7:
f7:43:05:fd:d1:0e:d9:97:9d:f8:a6:2d:49:47:00:
e3:6c:a2:33:80:d6:98:6f:29:4a:bf:88:7f:51:01:
3b:9d:d7:27:14:1c:5c:3b:68:55:d4:89:bc:c4:e0:
c4:80:c1:70:19:61:12:db:ad:2c:69:cb:08:47:6e:
47:db:7e:90:d6:82:f2:7a:02:44:0c:e2:14:1a:71:
df:e9:ce:0a:37:c0:54:6e:46:e6:2c:ac:45:fe:76:
e2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AE:AB:4B:79:02:49:25:4C:25:FE:0B:C6:8D:B8:9D:71:AD:C7:4C
X509v3 Authority Key Identifier:
keyid:E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/0q6rS3kCSSVMJf4Lxo24nXGtx0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/6AIkMlKcjDzGq3ECROXwNSA-cKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.154.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:66:80:c1:7c:f9:fa:c3:be:fb:d9:f1:51:ca:a3:ec:1e:5e:
4e:d1:f9:aa:ff:36:c8:f5:db:ac:76:b5:19:a8:af:91:78:e7:
30:ce:93:d6:a8:f9:2b:15:e1:bb:40:3a:fd:93:95:30:95:f3:
14:c8:fa:43:c1:fe:ec:42:8b:cd:2b:bc:c9:60:8c:6c:0e:43:
8a:6f:76:cd:b2:86:83:cc:c0:af:c3:6d:c4:14:fe:bf:06:45:
5f:52:23:da:85:7d:4b:fc:7e:c0:07:39:b5:58:19:8e:05:79:
69:01:07:f3:1c:79:19:42:d5:ac:70:35:f0:0e:01:b1:dc:fc:
91:d9:28:9d:93:77:5a:81:e7:b2:42:0f:4a:ba:59:6a:1a:37:
a0:45:72:09:4c:35:8a:e9:33:b0:42:03:bb:2b:3f:99:94:2d:
74:a3:94:59:b4:b4:a1:fd:5e:92:89:3f:ee:fa:9f:34:b6:a5:
80:68:95:30:63:17:5f:3d:ab:46:40:74:25:85:36:4a:7f:97:
11:ab:b1:e1:f8:27:d9:90:5f:4c:b9:ae:4e:9f:2e:97:a4:2c:
9b:de:dd:06:3e:2e:c1:3e:56:79:1f:3d:b7:46:2b:cc:c7:d9:
c2:ce:0e:85:71:f5:28:bb:a5:8f:61:12:82:b3:66:79:ef:d0:
0e:de:1d:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8kYSfyM5z6XFFcAXD+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDIyNDMyNTI5YzhjM2NjNmFiNzEwMjQ0ZTVmMDM1MjAz
ZTcwYTEwHhcNMjMwMTAyMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFlYWI0Yjc5MDI0OTI1NGMyNWZlMGJjNjhkYjg5ZDcxYWRjNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogw8/KJTjkp46qg7hv32pNUD5+av
nBSZ1VQ2xsQb/TIfi+iBtdSHsg1WAOfNIWqGfdhCe2GrA8H16F9Ycj7879m7u79q
bXAsgGvmK16Yd81uWgYcWVrw+9CE9kEc7LJnIYsy8iDk9E1fVNll3FucX3v1hRMc
FupAAy2kZmOWpIdVKJMt3sBS0Y1rwrO/NUrAz6iQZ20SpNWrhV7khxT9CvYgptf3
QwX90Q7Zl534pi1JRwDjbKIzgNaYbylKv4h/UQE7ndcnFBxcO2hV1Im8xODEgMFw
GWES260sacsIR25H236Q1oLyegJEDOIUGnHf6c4KN8BUbkbmLKxF/nbicwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKuq0t5AkklTCX+C8aNuJ1xrcdMMB8GA1UdIwQY
MBaAFOgCJDJSnIw8xqtxAkTl8DUgPnChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFJa01sS2NqRHpHcTNFQ1JPWHdOU0EtY0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDI5YTAtZGE0Yi00MWExLWI1NjQt
NDljYzY3YmExYjYzLzEvMHE2clMza0NTU1ZNSmY0THhvMjRuWEd0eDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDI5YTAtZGE0Yi00MWExLWI1NjQtNDljYzY3YmExYjYz
LzEvNkFJa01sS2NqRHpHcTNFQ1JPWHdOU0EtY0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76aMA0G
CSqGSIb3DQEBCwUAA4IBAQBfZoDBfPn6w7772fFRyqPsHl5O0fmq/zbI9dusdrUZ
qK+ReOcwzpPWqPkrFeG7QDr9k5UwlfMUyPpDwf7sQovNK7zJYIxsDkOKb3bNsoaD
zMCvw23EFP6/BkVfUiPahX1L/H7ABzm1WBmOBXlpAQfzHHkZQtWscDXwDgGx3PyR
2Sidk3dageeyQg9KullqGjegRXIJTDWK6TOwQgO7Kz+ZlC10o5RZtLSh/V6SiT/u
+p80tqWAaJUwYxdfPatGQHQlhTZKf5cRq7Hh+CfZkF9Mua5Ony6XpCyb3t0GPi7B
PlZ5Hz23RivMx9nCzg6FcfUou6WPYRKCs2Z579AO3h12
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:37 2025 by rpki-client