Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/SJOQlX1jHsEEVj-tph7DxG9u5rk.roa
File: SJOQlX1jHsEEVj-tph7DxG9u5rk.roa (raw, json)
Hash identifier: w8QYX+K3vMZgebKREyXhAwxDpAvUHXUNn2N7P4B3cXI=
Subject key identifier: 48:93:90:95:7D:63:1E:C1:04:56:3F:AD:A6:1E:C3:C4:6F:6E:E6:B9
Certificate issuer: /CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Certificate serial: 0185704BC82AA038B2E5DAAAFE31829CFD9C
Authority key identifier: E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/SJOQlX1jHsEEVj-tph7DxG9u5rk.roa
Signing time: Mon 02 Jan 2023 02:24:52 +0000
ROA not before: Mon 02 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.190.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c8:2a:a0:38:b2:e5:da:aa:fe:31:82:9c:fd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Validity
Not Before: Jan 2 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489390957d631ec104563fada61ec3c46f6ee6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4c:c7:4e:3a:00:c1:01:3a:a2:4e:cf:98:1c:
a2:5c:3f:41:99:72:72:d3:f2:ac:ed:c9:ba:17:3c:
51:68:39:8a:ae:04:dd:d6:37:3b:d8:c9:ad:aa:53:
8c:c0:a5:12:95:96:50:18:2d:9e:62:28:00:02:2a:
ab:d0:c8:ae:5e:fc:6b:18:00:79:93:e8:2f:5e:3c:
44:dd:35:25:68:a5:f9:db:1c:c7:01:a2:e8:18:61:
f4:03:6e:66:7f:ca:23:5d:eb:2c:d1:a0:eb:b4:89:
4d:9f:f1:d2:f0:f3:31:a6:25:66:4b:87:44:57:4a:
69:8d:15:40:9c:6f:d8:bc:65:c1:98:99:fe:2f:ad:
e0:57:8d:87:51:7b:0c:39:3e:38:06:00:e1:b7:d2:
bd:fc:fc:ee:d9:cf:70:87:bc:61:8e:82:ba:d1:cc:
48:d5:5c:a1:7e:1e:64:d9:00:0c:12:9f:ca:7b:58:
9b:ed:69:ba:74:e4:42:be:e4:09:b6:7d:ff:09:50:
ef:49:41:c3:88:4b:43:da:eb:fd:b2:1f:3f:e9:ea:
ae:be:81:f1:ee:5c:a0:5b:f6:b3:e7:2f:36:a4:9a:
eb:a8:f7:7e:78:f0:1d:e9:06:c5:a5:6a:41:2c:e8:
e1:1c:ad:8b:b1:ae:db:d1:cd:7c:2c:9a:89:18:55:
9c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:93:90:95:7D:63:1E:C1:04:56:3F:AD:A6:1E:C3:C4:6F:6E:E6:B9
X509v3 Authority Key Identifier:
keyid:E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/SJOQlX1jHsEEVj-tph7DxG9u5rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/6AIkMlKcjDzGq3ECROXwNSA-cKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.154.0/24
Signature Algorithm: sha256WithRSAEncryption
96:7c:d1:19:f0:6a:54:41:35:6b:e8:58:2f:1f:93:b8:82:0d:
a5:d4:1f:64:db:1f:d9:e0:65:bb:fe:7b:23:5b:4e:8b:69:12:
28:3d:8a:bc:b6:42:1b:3b:11:55:f5:4c:73:d9:87:65:00:55:
c4:1c:a1:de:48:67:c4:cf:b5:64:7f:05:74:df:35:bc:ff:f4:
74:b1:4f:41:25:b6:c6:c1:c1:1c:e2:5c:b2:b7:9c:93:92:62:
9b:e1:db:26:98:43:25:2b:29:3f:6a:da:c6:ef:2c:e8:41:ed:
bd:01:6b:9c:5f:60:a1:d5:f8:9e:43:34:e0:03:70:fb:b1:71:
a0:67:64:7b:94:0a:67:6f:91:01:d0:03:60:23:34:00:26:29:
60:39:77:c6:f8:39:76:8c:48:07:ac:05:c4:67:fa:fc:db:6a:
38:5b:d2:a6:94:72:47:88:36:1f:da:f0:62:00:3b:07:a9:be:
74:8d:59:d0:67:db:eb:8a:08:be:32:fd:56:a2:12:7a:c9:c4:
2a:55:7d:26:8b:7a:78:72:ad:86:e7:de:c6:88:8c:1b:3d:c2:
ca:8f:ee:b7:7f:4e:88:a4:7d:e5:58:55:8e:b6:41:d4:96:2b:
03:26:5b:d9:3f:39:b3:83:1b:06:7e:7b:19:85:9c:3d:a0:80:
9e:7d:3d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8gqoDiy5dqq/jGCnP2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDIyNDMyNTI5YzhjM2NjNmFiNzEwMjQ0ZTVmMDM1MjAz
ZTcwYTEwHhcNMjMwMTAyMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODkzOTA5NTdkNjMxZWMxMDQ1NjNmYWRhNjFlYzNjNDZmNmVlNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEzHTjoAwQE6ok7PmByiXD9BmXJy
0/Ks7cm6FzxRaDmKrgTd1jc72MmtqlOMwKUSlZZQGC2eYigAAiqr0MiuXvxrGAB5
k+gvXjxE3TUlaKX52xzHAaLoGGH0A25mf8ojXess0aDrtIlNn/HS8PMxpiVmS4dE
V0ppjRVAnG/YvGXBmJn+L63gV42HUXsMOT44BgDht9K9/Pzu2c9wh7xhjoK60cxI
1Vyhfh5k2QAMEp/Ke1ib7Wm6dORCvuQJtn3/CVDvSUHDiEtD2uv9sh8/6equvoHx
7lygW/az5y82pJrrqPd+ePAd6QbFpWpBLOjhHK2Lsa7b0c18LJqJGFWcfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiTkJV9Yx7BBFY/raYew8Rvbua5MB8GA1UdIwQY
MBaAFOgCJDJSnIw8xqtxAkTl8DUgPnChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFJa01sS2NqRHpHcTNFQ1JPWHdOU0EtY0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDI5YTAtZGE0Yi00MWExLWI1NjQt
NDljYzY3YmExYjYzLzEvU0pPUWxYMWpIc0VFVmotdHBoN0R4Rzl1NXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDI5YTAtZGE0Yi00MWExLWI1NjQtNDljYzY3YmExYjYz
LzEvNkFJa01sS2NqRHpHcTNFQ1JPWHdOU0EtY0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76aMA0G
CSqGSIb3DQEBCwUAA4IBAQCWfNEZ8GpUQTVr6FgvH5O4gg2l1B9k2x/Z4GW7/nsj
W06LaRIoPYq8tkIbOxFV9Uxz2YdlAFXEHKHeSGfEz7VkfwV03zW8//R0sU9BJbbG
wcEc4lyyt5yTkmKb4dsmmEMlKyk/atrG7yzoQe29AWucX2Ch1fieQzTgA3D7sXGg
Z2R7lApnb5EB0ANgIzQAJilgOXfG+Dl2jEgHrAXEZ/r822o4W9KmlHJHiDYf2vBi
ADsHqb50jVnQZ9vrigi+Mv1WohJ6ycQqVX0mi3p4cq2G597GiIwbPcLKj+63f06I
pH3lWFWOtkHUlisDJlvZPzmzgxsGfnsZhZw9oICefT0m
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:03 2025 by rpki-client