Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8b46f6-eff8-448c-8f15-51f797c532fc/1/9QeIwNXiFdYME7KdP-iTkCKzrEU.roa
File: 9QeIwNXiFdYME7KdP-iTkCKzrEU.roa (raw, json)
Hash identifier: rNETYDAJX1LZYPTEFyEw3VfljGkEASOgABQV5PB4+4s=
Subject key identifier: F5:07:88:C0:D5:E2:15:D6:0C:13:B2:9D:3F:E8:93:90:22:B3:AC:45
Certificate issuer: /CN=b4880ab49c8fb49dc31cba1c7b8e78eb166ad430
Certificate serial: 08348567
Authority key identifier: B4:88:0A:B4:9C:8F:B4:9D:C3:1C:BA:1C:7B:8E:78:EB:16:6A:D4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIgKtJyPtJ3DHLoce4546xZq1DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8b46f6-eff8-448c-8f15-51f797c532fc/1/9QeIwNXiFdYME7KdP-iTkCKzrEU.roa
Signing time: Sat 01 Jan 2022 04:04:13 +0000
ROA not before: Sat 01 Jan 2022 04:04:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57752
IP address blocks: 91.236.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137659751 (0x8348567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4880ab49c8fb49dc31cba1c7b8e78eb166ad430
Validity
Not Before: Jan 1 04:04:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f50788c0d5e215d60c13b29d3fe8939022b3ac45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:35:7b:ea:36:14:b3:4a:fd:97:85:a1:bd:1b:
b1:f8:3e:f9:cb:a7:af:fa:a5:98:b9:91:f6:19:54:
7b:24:0b:f0:ba:0d:8e:45:4e:99:93:a8:a4:fd:fb:
a8:31:39:93:cd:cd:62:2d:2b:f4:ed:1e:13:30:e0:
21:5d:c1:e3:a8:4b:1b:00:bd:55:28:df:00:66:1d:
ff:6f:57:e2:bd:26:26:6d:22:a8:41:9c:5c:92:af:
45:34:32:9c:2c:e0:c1:11:6e:d0:93:e6:64:2c:26:
84:bc:4b:fa:0f:61:18:48:6c:67:0d:c1:fb:d8:b5:
c4:96:b3:be:8c:d3:04:5f:83:88:16:a2:26:b2:10:
66:fe:2c:f8:69:21:fb:3e:b4:93:0f:09:aa:da:32:
cb:2b:89:5b:61:4f:03:15:4d:d8:6e:9b:5c:e6:44:
08:63:b1:b1:6e:82:0a:49:71:9b:39:42:5e:95:f2:
a4:eb:44:c0:b4:6f:aa:31:f0:3e:53:f2:21:24:07:
21:20:6e:25:62:1d:b8:a3:13:3e:64:34:50:80:66:
42:63:dc:78:f1:3c:22:d9:05:9b:f6:b4:e8:b3:d3:
84:4f:62:78:fc:39:6e:22:96:c8:01:df:d0:f4:33:
aa:90:29:9e:79:bd:5f:50:a2:f2:dc:6a:8a:c7:05:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:07:88:C0:D5:E2:15:D6:0C:13:B2:9D:3F:E8:93:90:22:B3:AC:45
X509v3 Authority Key Identifier:
keyid:B4:88:0A:B4:9C:8F:B4:9D:C3:1C:BA:1C:7B:8E:78:EB:16:6A:D4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIgKtJyPtJ3DHLoce4546xZq1DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8b46f6-eff8-448c-8f15-51f797c532fc/1/9QeIwNXiFdYME7KdP-iTkCKzrEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8b46f6-eff8-448c-8f15-51f797c532fc/1/tIgKtJyPtJ3DHLoce4546xZq1DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.161.0/24
Signature Algorithm: sha256WithRSAEncryption
38:7e:54:be:b6:f0:a1:6a:be:c4:c2:e5:c8:b9:d7:59:a5:5a:
65:ba:e7:99:14:3c:52:16:7f:99:82:ab:7f:64:d3:10:59:fd:
ab:16:9c:5f:5e:8e:0b:6f:10:df:8b:e3:83:95:83:51:fc:66:
b7:7c:6c:95:39:2e:9d:7c:fb:31:48:b3:11:03:c7:fc:80:e7:
70:b5:a4:f1:e1:ff:a5:0f:5c:0f:f0:18:c9:d7:fd:0c:df:0d:
e9:45:9e:ee:ad:8f:12:c8:93:da:f3:25:0c:3b:f5:0a:9a:be:
7b:58:17:51:5c:44:f9:86:a3:56:d4:6d:47:ec:44:e5:b6:c3:
7a:a0:74:4e:5e:f0:8d:8c:2a:5a:30:9b:a2:a6:a1:3a:be:22:
c7:fe:db:fa:72:11:45:52:f3:fa:fe:a6:7a:88:4f:bb:0f:8b:
97:a7:76:0b:18:09:aa:f7:16:eb:56:85:33:3b:b0:32:7a:8b:
9a:3f:fc:2d:c0:28:d8:72:f4:98:10:6e:59:a0:49:39:14:dd:
58:c9:81:1b:0c:d7:bc:af:7d:2c:1a:2d:46:96:1a:96:bc:bc:
94:43:25:43:cb:c2:3e:89:e3:f1:dc:b2:49:4c:f1:4c:1d:e9:
81:bc:04:67:8a:33:d0:3f:e9:72:55:05:fe:35:df:de:40:66:
ed:86:bc:47
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECDSFZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDg4MGFiNDljOGZiNDlkYzMxY2JhMWM3YjhlNzhlYjE2NmFkNDMwMB4XDTIyMDEw
MTA0MDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjUwNzg4YzBkNWUy
MTVkNjBjMTNiMjlkM2ZlODkzOTAyMmIzYWM0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw1e+o2FLNK/ZeFob0bsfg++cunr/qlmLmR9hlUeyQL8LoN
jkVOmZOopP37qDE5k83NYi0r9O0eEzDgIV3B46hLGwC9VSjfAGYd/29X4r0mJm0i
qEGcXJKvRTQynCzgwRFu0JPmZCwmhLxL+g9hGEhsZw3B+9i1xJazvozTBF+DiBai
JrIQZv4s+Gkh+z60kw8JqtoyyyuJW2FPAxVN2G6bXOZECGOxsW6CCklxmzlCXpXy
pOtEwLRvqjHwPlPyISQHISBuJWIduKMTPmQ0UIBmQmPcePE8ItkFm/a06LPThE9i
ePw5biKWyAHf0PQzqpApnnm9X1Ci8txqiscFHRcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1B4jA1eIV1gwTsp0/6JOQIrOsRTAfBgNVHSMEGDAWgBS0iAq0nI+0ncMc
uhx7jnjrFmrUMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RJZ0t0SnlQdEozREhMb2NlNDU0NnhacTFEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvOGI0NmY2LWVmZjgtNDQ4Yy04ZjE1LTUxZjc5N2M1MzJmYy8x
LzlRZUl3TlhpRmRZTUU3S2RQLWlUa0NLenJFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
OGI0NmY2LWVmZjgtNDQ4Yy04ZjE1LTUxZjc5N2M1MzJmYy8xL3RJZ0t0SnlQdEoz
REhMb2NlNDU0NnhacTFEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvsoTANBgkqhkiG9w0BAQsFAAOC
AQEAOH5UvrbwoWq+xMLlyLnXWaVaZbrnmRQ8UhZ/mYKrf2TTEFn9qxacX16OC28Q
34vjg5WDUfxmt3xslTkunXz7MUizEQPH/IDncLWk8eH/pQ9cD/AYydf9DN8N6UWe
7q2PEsiT2vMlDDv1Cpq+e1gXUVxE+YajVtRtR+xE5bbDeqB0Tl7wjYwqWjCboqah
Or4ix/7b+nIRRVLz+v6meohPuw+Ll6d2CxgJqvcW61aFMzuwMnqLmj/8LcAo2HL0
mBBuWaBJORTdWMmBGwzXvK99LBotRpYalry8lEMlQ8vCPonj8dyySUzxTB3pgbwE
Z4oz0D/pclUF/jXf3kBm7Ya8Rw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:48 2025 by rpki-client