Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/q9zx3y37CGvq7f_eoa_X5J6aUiQ.roa
File: q9zx3y37CGvq7f_eoa_X5J6aUiQ.roa (raw, json)
Hash identifier: VDm3O0ZHhZ/8aSTirgiKWAby76xfZls/qzdOQO5HVw8=
Subject key identifier: AB:DC:F1:DF:2D:FB:08:6B:EA:ED:FF:DE:A1:AF:D7:E4:9E:9A:52:24
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01941FFA15D2F3308E5614691D1A35ABD974
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/q9zx3y37CGvq7f_eoa_X5J6aUiQ.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 91.92.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:15:d2:f3:30:8e:56:14:69:1d:1a:35:ab:d9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abdcf1df2dfb086beaedffdea1afd7e49e9a5224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:38:dc:5d:c5:d8:46:73:2c:d0:78:60:05:2f:
7a:2e:83:d1:57:4e:99:36:c9:4b:da:81:89:37:85:
4e:15:11:f2:d6:bb:39:ea:c4:be:6e:0a:20:e4:b2:
9c:d3:7f:51:73:8d:df:fc:2c:82:2a:ef:8d:72:0f:
3a:9a:58:19:6e:32:c0:74:bc:6b:14:b0:70:c4:77:
e9:be:60:72:23:82:94:d6:61:92:5e:ff:0c:a4:cc:
60:44:69:d7:17:42:ea:4d:7a:f9:0a:e3:6e:61:46:
25:ef:43:1e:43:43:75:d5:ac:2f:82:fe:8b:21:a6:
57:f2:06:9c:c9:e8:d0:db:12:ea:4a:9f:97:f8:70:
dd:8f:75:72:7e:e0:93:b0:d6:1d:61:04:a1:54:01:
ff:97:e9:75:f8:26:08:9b:b5:97:0b:91:ee:7b:97:
bb:e2:d2:af:2c:27:d4:4a:b1:83:ab:66:6d:2a:90:
56:c3:88:4d:10:a2:99:1e:45:dc:87:47:1e:d9:0e:
fa:4c:da:2d:41:cb:69:7c:71:b1:68:1b:7d:80:14:
02:21:3e:f6:5c:e4:80:b2:c9:a2:7c:02:a8:8b:7d:
1f:b3:98:61:6a:67:05:16:85:67:43:ac:0d:78:42:
3e:e3:64:e6:9b:4b:90:1d:36:7b:cf:f6:0a:54:e4:
a5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DC:F1:DF:2D:FB:08:6B:EA:ED:FF:DE:A1:AF:D7:E4:9E:9A:52:24
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/q9zx3y37CGvq7f_eoa_X5J6aUiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.41.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f7:29:86:7a:e5:10:d2:ba:5d:95:4b:6d:ac:a9:7e:71:01:
0f:bf:e4:8c:e2:a6:88:5b:16:99:79:f3:bb:c4:95:4c:45:dd:
3a:2f:d2:ce:46:f3:3a:c5:36:04:19:6a:9f:01:e3:f7:d6:44:
e0:9d:93:bb:87:de:ad:ae:de:6e:97:0a:76:14:94:56:83:7b:
4c:06:80:c3:28:19:2b:99:bf:e8:d1:be:13:9d:83:b3:e9:72:
63:84:3a:6b:2f:7f:70:07:44:a4:ea:7b:9c:a7:f7:f5:ec:7e:
64:14:16:77:ba:c1:e2:a8:c3:41:a3:64:f7:a2:16:e6:64:86:
2a:da:ee:bd:7d:77:18:17:d1:fd:92:45:0e:8c:6d:60:0f:a2:
04:18:7b:f1:93:f4:df:27:08:68:8b:b4:b1:ed:81:9f:11:ae:
e0:99:63:74:e7:50:d8:0c:8b:c1:e9:50:96:63:b1:38:45:68:
85:d8:cf:d6:ab:8a:98:6a:92:17:54:a7:20:d6:a9:73:93:a1:
a7:29:56:fa:56:a0:92:24:ab:b7:e2:69:4b:71:d6:55:d2:cb:
b9:d1:e4:c4:ba:67:50:67:18:e9:15:f9:9a:04:00:77:8a:7a:
e3:1c:b1:92:79:e6:50:fc:43:10:02:b0:7e:11:fa:f4:dd:36:
2d:5e:3b:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+hXS8zCOVhRpHRo1q9l0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRjZjFkZjJkZmIwODZiZWFlZGZmZGVhMWFmZDdlNDllOWE1MjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzjcXcXYRnMs0HhgBS96LoPRV06Z
NslL2oGJN4VOFRHy1rs56sS+bgog5LKc039Rc43f/CyCKu+Ncg86mlgZbjLAdLxr
FLBwxHfpvmByI4KU1mGSXv8MpMxgRGnXF0LqTXr5CuNuYUYl70MeQ0N11awvgv6L
IaZX8gacyejQ2xLqSp+X+HDdj3VyfuCTsNYdYQShVAH/l+l1+CYIm7WXC5Hue5e7
4tKvLCfUSrGDq2ZtKpBWw4hNEKKZHkXch0ce2Q76TNotQctpfHGxaBt9gBQCIT72
XOSAssmifAKoi30fs5hhamcFFoVnQ6wNeEI+42Tmm0uQHTZ7z/YKVOSloQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvc8d8t+whr6u3/3qGv1+SemlIkMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvcTl6eDN5MzdDR3ZxN2ZfZW9hX1g1SjZhVWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW1wpMA0G
CSqGSIb3DQEBCwUAA4IBAQAi9ymGeuUQ0rpdlUttrKl+cQEPv+SM4qaIWxaZefO7
xJVMRd06L9LORvM6xTYEGWqfAeP31kTgnZO7h96trt5ulwp2FJRWg3tMBoDDKBkr
mb/o0b4TnYOz6XJjhDprL39wB0Sk6nucp/f17H5kFBZ3usHiqMNBo2T3ohbmZIYq
2u69fXcYF9H9kkUOjG1gD6IEGHvxk/TfJwhoi7Sx7YGfEa7gmWN051DYDIvB6VCW
Y7E4RWiF2M/Wq4qYapIXVKcg1qlzk6GnKVb6VqCSJKu34mlLcdZV0su50eTEumdQ
ZxjpFfmaBAB3inrjHLGSeeZQ/EMQArB+Efr03TYtXjsH
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:46 2025 by rpki-client