Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c58421-0961-4d47-a7f9-39ab65bcea49/1/qYKB2N--IMRwN744ZXcFTgRpU30.roa
File: qYKB2N--IMRwN744ZXcFTgRpU30.roa (raw, json)
Hash identifier: VnF23v5WdmUUFhYWoqoPT12JxPvJNbIWBVsLiNSM8vY=
Subject key identifier: A9:82:81:D8:DF:BE:20:C4:70:37:BE:38:65:77:05:4E:04:69:53:7D
Certificate issuer: /CN=d688c95a5dd17b4f57d1fab01876eb7d7ab1ca03
Certificate serial: 0190E55226E0C55269E622A0BFCF37D8217E
Authority key identifier: D6:88:C9:5A:5D:D1:7B:4F:57:D1:FA:B0:18:76:EB:7D:7A:B1:CA:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ojJWl3Re09X0fqwGHbrfXqxygM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/c58421-0961-4d47-a7f9-39ab65bcea49/1/qYKB2N--IMRwN744ZXcFTgRpU30.roa
Signing time: Wed 24 Jul 2024 15:18:04 +0000
ROA not before: Wed 24 Jul 2024 15:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31734
IP address blocks: 91.208.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e5:52:26:e0:c5:52:69:e6:22:a0:bf:cf:37:d8:21:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d688c95a5dd17b4f57d1fab01876eb7d7ab1ca03
Validity
Not Before: Jul 24 15:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a98281d8dfbe20c47037be386577054e0469537d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ad:5c:ac:1e:de:49:fc:c4:ce:0d:ab:81:17:
bd:80:9d:58:9a:8e:2e:d8:3c:55:7a:89:50:0f:e6:
a5:7a:0a:37:96:d1:73:43:b4:ae:ef:43:02:25:b3:
6a:d6:c0:4f:69:d9:a8:f1:f7:10:5f:e5:51:e8:fe:
94:86:ec:aa:39:2d:de:0f:41:c6:15:83:bd:b3:15:
b8:d3:c9:2f:53:70:cc:40:fc:94:21:8d:c2:a0:5e:
3a:68:31:c3:95:0a:c3:d0:31:7f:15:28:c4:44:22:
03:b9:4a:22:b7:ea:4d:7e:e1:e8:c4:a8:51:b5:1b:
78:6d:48:ce:17:e9:bf:5f:a4:66:b9:06:d9:84:52:
07:68:8b:23:f3:9e:b5:9a:e8:eb:4b:8f:d4:d5:fb:
dd:18:85:c6:8e:36:02:58:40:7d:25:fe:71:52:30:
1a:25:59:b0:32:6e:23:a5:06:84:1a:26:b7:98:91:
35:09:db:66:e2:a5:e2:82:d3:34:ee:7b:2c:d2:16:
28:52:0d:f9:9c:a3:e5:cf:ec:48:04:ea:33:a3:30:
69:54:54:b5:a6:e1:7f:4a:ef:dc:7e:26:0f:03:95:
ab:f2:e1:ad:75:36:5e:ab:be:62:3e:1e:11:68:a7:
6d:84:a3:1c:79:88:2e:5c:e7:c6:22:1d:23:3f:d5:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:82:81:D8:DF:BE:20:C4:70:37:BE:38:65:77:05:4E:04:69:53:7D
X509v3 Authority Key Identifier:
keyid:D6:88:C9:5A:5D:D1:7B:4F:57:D1:FA:B0:18:76:EB:7D:7A:B1:CA:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ojJWl3Re09X0fqwGHbrfXqxygM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c58421-0961-4d47-a7f9-39ab65bcea49/1/qYKB2N--IMRwN744ZXcFTgRpU30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c58421-0961-4d47-a7f9-39ab65bcea49/1/1ojJWl3Re09X0fqwGHbrfXqxygM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.223.0/24
Signature Algorithm: sha256WithRSAEncryption
62:e0:3c:39:ab:13:78:e3:b9:eb:71:1f:e0:63:99:cc:0a:0b:
4e:b8:3d:e2:60:e8:ab:30:23:da:0a:46:74:06:c1:a4:8c:3a:
5d:1d:9c:8e:74:24:4b:55:a8:e0:d5:8f:82:8b:42:b2:98:a7:
15:2a:78:3c:67:ab:eb:53:ed:eb:3a:c3:b0:a9:64:c0:b1:93:
09:6c:bb:37:eb:22:ea:08:a3:01:7a:88:1d:c2:90:da:30:0f:
1e:23:a0:96:04:25:5d:83:0d:52:24:1f:66:3f:37:9d:c8:4b:
24:95:0c:76:7e:de:5b:7a:f5:3d:c1:f4:54:26:ea:b6:4a:1f:
b7:be:10:07:c8:4d:f9:25:fe:ca:2e:28:65:30:4b:e1:22:cf:
33:f5:c5:0e:bd:f3:73:5f:d5:8a:73:2f:bf:c8:3e:27:c8:6b:
25:cc:57:b1:76:50:20:f0:1a:e3:e6:bd:30:a5:94:21:c5:aa:
52:3d:35:a2:6a:b3:5e:31:a5:17:93:45:93:80:db:aa:be:8d:
d2:a6:05:21:b3:6d:92:dc:0a:70:34:22:af:4e:18:da:42:42:
f6:e4:52:cc:36:ce:4b:32:eb:b9:0c:2d:5f:9a:1c:5e:96:c2:
96:91:1a:fb:39:df:92:4e:39:9f:fb:32:71:ca:4b:85:3e:1a:
05:52:65:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDlUibgxVJp5iKgv8832CF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODhjOTVhNWRkMTdiNGY1N2QxZmFiMDE4NzZlYjdkN2Fi
MWNhMDMwHhcNMjQwNzI0MTUxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTgyODFkOGRmYmUyMGM0NzAzN2JlMzg2NTc3MDU0ZTA0Njk1MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla1crB7eSfzEzg2rgRe9gJ1Ymo4u
2DxVeolQD+alego3ltFzQ7Su70MCJbNq1sBPadmo8fcQX+VR6P6UhuyqOS3eD0HG
FYO9sxW408kvU3DMQPyUIY3CoF46aDHDlQrD0DF/FSjERCIDuUoit+pNfuHoxKhR
tRt4bUjOF+m/X6RmuQbZhFIHaIsj8561mujrS4/U1fvdGIXGjjYCWEB9Jf5xUjAa
JVmwMm4jpQaEGia3mJE1Cdtm4qXigtM07nss0hYoUg35nKPlz+xIBOozozBpVFS1
puF/Su/cfiYPA5Wr8uGtdTZeq75iPh4RaKdthKMceYguXOfGIh0jP9W1kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmCgdjfviDEcDe+OGV3BU4EaVN9MB8GA1UdIwQY
MBaAFNaIyVpd0XtPV9H6sBh26316scoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9qSldsM1JlMDlYMGZxd0dIYnJmWHF4eWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9jNTg0MjEtMDk2MS00ZDQ3LWE3Zjkt
MzlhYjY1YmNlYTQ5LzEvcVlLQjJOLS1JTVJ3Tjc0NFpYY0ZUZ1JwVTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9jNTg0MjEtMDk2MS00ZDQ3LWE3ZjktMzlhYjY1YmNlYTQ5
LzEvMW9qSldsM1JlMDlYMGZxd0dIYnJmWHF4eWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DfMA0G
CSqGSIb3DQEBCwUAA4IBAQBi4Dw5qxN447nrcR/gY5nMCgtOuD3iYOirMCPaCkZ0
BsGkjDpdHZyOdCRLVajg1Y+Ci0KymKcVKng8Z6vrU+3rOsOwqWTAsZMJbLs36yLq
CKMBeogdwpDaMA8eI6CWBCVdgw1SJB9mPzedyEsklQx2ft5bevU9wfRUJuq2Sh+3
vhAHyE35Jf7KLihlMEvhIs8z9cUOvfNzX9WKcy+/yD4nyGslzFexdlAg8Brj5r0w
pZQhxapSPTWiarNeMaUXk0WTgNuqvo3SpgUhs22S3ApwNCKvThjaQkL25FLMNs5L
Muu5DC1fmhxelsKWkRr7Od+STjmf+zJxykuFPhoFUmXq
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:16:53 2025 by rpki-client