Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/395b0b-ea14-419e-b2f3-94eb300a7c9f/1/qIk9qgKswVnOk-gLqbN4Hqxpy4I.roa
File: qIk9qgKswVnOk-gLqbN4Hqxpy4I.roa (raw, json)
Hash identifier: kfGtNVAbpV8OYsdXmk7bn4BM2RB8c2irP7amTHzNBrw=
Subject key identifier: A8:89:3D:AA:02:AC:C1:59:CE:93:E8:0B:A9:B3:78:1E:AC:69:CB:82
Certificate issuer: /CN=96cc9c72622c64b762e4dbe76405cbf72a7b1f08
Certificate serial: 018570CBD608E7AA2D266795C52C2504D6E4
Authority key identifier: 96:CC:9C:72:62:2C:64:B7:62:E4:DB:E7:64:05:CB:F7:2A:7B:1F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsyccmIsZLdi5NvnZAXL9yp7Hwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/395b0b-ea14-419e-b2f3-94eb300a7c9f/1/qIk9qgKswVnOk-gLqbN4Hqxpy4I.roa
Signing time: Mon 02 Jan 2023 04:44:44 +0000
ROA not before: Mon 02 Jan 2023 04:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 91.242.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d6:08:e7:aa:2d:26:67:95:c5:2c:25:04:d6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96cc9c72622c64b762e4dbe76405cbf72a7b1f08
Validity
Not Before: Jan 2 04:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8893daa02acc159ce93e80ba9b3781eac69cb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:17:16:2c:9e:19:41:03:a3:56:70:7b:1d:
4a:85:e6:e1:10:e1:67:ed:e7:de:05:99:ef:fd:96:
eb:df:c5:0a:1d:23:43:a7:91:97:7d:e3:36:29:9a:
b5:ea:86:e3:b7:16:a5:5e:dc:2e:67:0e:c5:f4:54:
53:6e:83:10:f1:b4:a6:56:18:6b:0a:f5:8c:98:46:
a8:37:06:a6:86:87:b9:f1:66:3a:14:41:62:c6:04:
84:6b:82:ec:4c:96:18:d3:08:34:a0:4d:d1:c9:cb:
90:ab:a9:ad:c9:bb:44:5b:90:86:8f:f9:8e:1a:de:
03:50:8a:f2:53:45:a0:bb:bd:3a:1e:3e:96:84:e3:
1a:27:f4:16:90:48:6c:66:7d:7a:45:70:b3:35:43:
fe:7d:7d:73:26:07:c3:3d:c3:86:e4:aa:8f:d8:c6:
7a:66:01:63:35:f0:c4:5c:8c:9b:5e:b4:64:44:c2:
93:23:e7:ac:1d:7f:da:91:61:67:ce:b7:04:03:da:
07:7d:a4:82:c7:23:e5:3a:80:f3:be:ff:d1:a6:51:
d6:89:7f:80:f7:c8:7d:2b:4c:a0:ea:e7:5d:5a:f1:
a9:bc:ea:b2:30:6d:77:1b:29:a1:f3:27:b3:0e:1f:
58:ca:59:5b:b6:08:71:4d:5d:2d:f1:fa:b5:46:85:
1d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:89:3D:AA:02:AC:C1:59:CE:93:E8:0B:A9:B3:78:1E:AC:69:CB:82
X509v3 Authority Key Identifier:
keyid:96:CC:9C:72:62:2C:64:B7:62:E4:DB:E7:64:05:CB:F7:2A:7B:1F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsyccmIsZLdi5NvnZAXL9yp7Hwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/395b0b-ea14-419e-b2f3-94eb300a7c9f/1/qIk9qgKswVnOk-gLqbN4Hqxpy4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/395b0b-ea14-419e-b2f3-94eb300a7c9f/1/lsyccmIsZLdi5NvnZAXL9yp7Hwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.229.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:3e:6c:95:dd:0a:07:3a:2e:22:17:c7:ff:79:8b:1e:d9:91:
87:4b:1a:83:57:6b:21:73:a4:db:ab:26:e0:f1:68:87:9c:a8:
a4:3b:fb:77:78:81:51:1e:13:06:80:79:80:67:86:b6:aa:f1:
c0:00:63:db:6e:b0:1d:3d:92:83:04:e9:6e:71:70:4d:02:43:
95:e0:a8:6b:ac:bb:bc:41:83:f5:17:85:c0:ac:46:4c:65:90:
27:f0:d2:d3:f1:d3:83:69:c2:ed:32:60:24:7a:58:5e:16:08:
af:67:c9:85:8f:1a:9e:cb:2e:58:4d:a4:7a:fd:4f:1e:b8:ef:
b6:f9:5b:80:0f:2e:1c:fa:bb:99:ad:5f:99:0b:5f:50:ee:91:
33:90:2a:e6:51:ad:b3:26:99:e2:1d:19:72:3c:ea:d0:e6:02:
8a:b0:4b:9b:fd:f4:08:7b:f1:43:af:fd:08:49:0c:44:19:f9:
b7:0b:fb:48:f9:21:a0:20:5e:43:8a:f2:d6:4c:44:37:bd:c3:
ff:60:e1:8a:93:35:4c:e9:5b:52:76:ce:20:9b:04:78:22:f9:
da:45:d6:ae:1c:0f:2d:2d:20:7b:27:9a:24:65:34:b1:1c:71:
98:2a:4d:12:ad:b0:8d:50:a6:13:55:6d:54:cd:ff:3d:64:22:
56:44:4f:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9YI56otJmeVxSwlBNbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Y2M5YzcyNjIyYzY0Yjc2MmU0ZGJlNzY0MDVjYmY3MmE3
YjFmMDgwHhcNMjMwMTAyMDQ0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg5M2RhYTAyYWNjMTU5Y2U5M2U4MGJhOWIzNzgxZWFjNjljYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrsXFiyeGUEDo1Zwex1KhebhEOFn
7efeBZnv/Zbr38UKHSNDp5GXfeM2KZq16objtxalXtwuZw7F9FRTboMQ8bSmVhhr
CvWMmEaoNwamhoe58WY6FEFixgSEa4LsTJYY0wg0oE3RycuQq6mtybtEW5CGj/mO
Gt4DUIryU0Wgu706Hj6WhOMaJ/QWkEhsZn16RXCzNUP+fX1zJgfDPcOG5KqP2MZ6
ZgFjNfDEXIybXrRkRMKTI+esHX/akWFnzrcEA9oHfaSCxyPlOoDzvv/RplHWiX+A
98h9K0yg6uddWvGpvOqyMG13Gymh8yezDh9YyllbtghxTV0t8fq1RoUd3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiJPaoCrMFZzpPoC6mzeB6sacuCMB8GA1UdIwQY
MBaAFJbMnHJiLGS3YuTb52QFy/cqex8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHN5Y2NtSXNaTGRpNU52blpBWEw5eXA3SHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zOTViMGItZWExNC00MTllLWIyZjMt
OTRlYjMwMGE3YzlmLzEvcUlrOXFnS3N3Vm5Pay1nTHFiTjRIcXhweTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zOTViMGItZWExNC00MTllLWIyZjMtOTRlYjMwMGE3Yzlm
LzEvbHN5Y2NtSXNaTGRpNU52blpBWEw5eXA3SHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/LlMA0G
CSqGSIb3DQEBCwUAA4IBAQDUPmyV3QoHOi4iF8f/eYse2ZGHSxqDV2shc6Tbqybg
8WiHnKikO/t3eIFRHhMGgHmAZ4a2qvHAAGPbbrAdPZKDBOlucXBNAkOV4KhrrLu8
QYP1F4XArEZMZZAn8NLT8dODacLtMmAkelheFgivZ8mFjxqeyy5YTaR6/U8euO+2
+VuADy4c+ruZrV+ZC19Q7pEzkCrmUa2zJpniHRlyPOrQ5gKKsEub/fQIe/FDr/0I
SQxEGfm3C/tI+SGgIF5DivLWTEQ3vcP/YOGKkzVM6VtSds4gmwR4IvnaRdauHA8t
LSB7J5okZTSxHHGYKk0SrbCNUKYTVW1Uzf89ZCJWRE9l
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:39:20 2025 by rpki-client