Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/QHrhoLDtZR3zPElOqqmMq3qzkao.roa
File: QHrhoLDtZR3zPElOqqmMq3qzkao.roa (raw, json)
Hash identifier: NXLg9El+SZKbOxc9Fad+2P9R3XvjaMUu4aKcgfvxLco=
Subject key identifier: 40:7A:E1:A0:B0:ED:65:1D:F3:3C:49:4E:AA:A9:8C:AB:7A:B3:91:AA
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 01942369B15E174A7CBB9106EBD08481925B
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/QHrhoLDtZR3zPElOqqmMq3qzkao.roa
Signing time: Wed 01 Jan 2025 19:48:36 +0000
ROA not before: Wed 01 Jan 2025 19:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 91.223.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b1:5e:17:4a:7c:bb:91:06:eb:d0:84:81:92:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 19:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407ae1a0b0ed651df33c494eaaa98cab7ab391aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:13:55:23:fc:bb:0f:e2:6c:39:29:b7:d2:
6e:3a:67:a5:b2:78:0d:10:10:e5:70:71:ce:f4:32:
9a:5e:c5:bb:a6:cb:ae:74:47:d7:9c:2f:80:a4:de:
c2:77:06:68:69:ad:af:d3:39:36:06:6c:0a:1e:60:
05:b6:0b:6d:14:41:69:a7:5e:ec:e0:fe:78:ff:de:
9c:6f:2d:28:2c:26:bd:de:6f:ce:8e:dc:6a:1a:06:
97:ae:f4:fc:55:74:52:fb:aa:55:29:40:1a:77:74:
9b:b5:0b:c6:2e:63:48:72:f1:fd:20:1c:2b:da:7a:
ef:08:9a:3e:79:80:0a:88:1d:59:4f:2c:e5:3a:28:
14:af:1a:d6:04:07:aa:80:40:43:12:35:d8:18:40:
c4:7f:19:96:27:dd:8b:8a:3d:6d:de:e9:2f:30:34:
0a:88:38:4a:65:46:b4:91:28:03:83:e7:1e:2f:63:
e0:38:ff:49:c1:8e:b9:ec:6c:54:09:47:2d:89:30:
5c:4d:dc:83:18:53:4f:e7:7b:c3:16:66:de:07:42:
be:f9:5b:60:ee:e1:2a:51:9c:19:5b:9d:66:b5:3b:
27:7d:5c:af:b6:de:97:a7:98:3d:52:20:b5:80:31:
83:20:25:51:51:e6:d6:0a:43:12:87:64:df:2b:7b:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7A:E1:A0:B0:ED:65:1D:F3:3C:49:4E:AA:A9:8C:AB:7A:B3:91:AA
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/QHrhoLDtZR3zPElOqqmMq3qzkao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.94.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:9f:78:59:4c:54:9e:5f:e9:d5:48:dd:11:e8:25:4c:a8:45:
f5:31:0e:7c:99:32:ef:37:6b:f5:1d:42:3d:91:90:30:d0:76:
c8:83:dc:6f:d1:89:19:61:2e:c2:fc:fe:1b:bf:ce:bd:87:4c:
7d:5d:b3:f5:6b:93:9a:c4:80:ab:03:c0:e5:d0:a1:43:08:cb:
fd:6d:a8:02:1f:9b:57:2b:ae:98:a5:cb:27:b2:cf:4f:f6:6e:
b8:e1:95:57:1c:a1:6f:f5:36:9e:e5:be:92:4e:fe:5c:2a:00:
c7:78:9b:f2:06:aa:3f:45:f2:14:31:35:c9:12:be:6d:b0:28:
68:d8:3f:6d:2c:7c:9b:09:80:d1:d2:55:41:ed:7d:b9:86:c3:
75:bd:3e:be:69:ea:ee:40:03:df:83:4f:67:44:61:a4:e9:e7:
89:e1:a4:0e:6a:b3:0a:bf:40:58:bf:50:c7:8f:fd:d9:14:69:
a7:e6:81:10:a6:81:13:22:32:67:cb:7d:5f:05:88:a5:ab:a0:
8b:53:3f:ae:51:91:9c:41:82:66:8b:bd:ad:18:9a:68:a4:67:
34:4f:76:ca:0a:a9:67:2a:58:ce:a4:b1:2f:37:b7:a1:79:0e:
e1:dc:e2:2b:1e:c2:49:d5:18:bb:18:37:a2:27:e0:d2:7e:cc:
87:ef:c9:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjabFeF0p8u5EG69CEgZJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjUwMTAxMTk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdhZTFhMGIwZWQ2NTFkZjMzYzQ5NGVhYWE5OGNhYjdhYjM5MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV4TVSP8uw/ibDkpt9JuOmelsngN
EBDlcHHO9DKaXsW7psuudEfXnC+ApN7CdwZoaa2v0zk2BmwKHmAFtgttFEFpp17s
4P54/96cby0oLCa93m/OjtxqGgaXrvT8VXRS+6pVKUAad3SbtQvGLmNIcvH9IBwr
2nrvCJo+eYAKiB1ZTyzlOigUrxrWBAeqgEBDEjXYGEDEfxmWJ92Lij1t3ukvMDQK
iDhKZUa0kSgDg+ceL2PgOP9JwY657GxUCUctiTBcTdyDGFNP53vDFmbeB0K++Vtg
7uEqUZwZW51mtTsnfVyvtt6Xp5g9UiC1gDGDICVRUebWCkMSh2TfK3sS1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEB64aCw7WUd8zxJTqqpjKt6s5GqMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEvUUhyaG9MRHRaUjN6UEVsT3FxbU1xM3F6a2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99eMA0G
CSqGSIb3DQEBCwUAA4IBAQB9n3hZTFSeX+nVSN0R6CVMqEX1MQ58mTLvN2v1HUI9
kZAw0HbIg9xv0YkZYS7C/P4bv869h0x9XbP1a5OaxICrA8Dl0KFDCMv9bagCH5tX
K66Ypcsnss9P9m644ZVXHKFv9Tae5b6STv5cKgDHeJvyBqo/RfIUMTXJEr5tsCho
2D9tLHybCYDR0lVB7X25hsN1vT6+aeruQAPfg09nRGGk6eeJ4aQOarMKv0BYv1DH
j/3ZFGmn5oEQpoETIjJny31fBYilq6CLUz+uUZGcQYJmi72tGJpopGc0T3bKCqln
KljOpLEvN7eheQ7h3OIrHsJJ1Ri7GDeiJ+DSfsyH78ly
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:18 2025 by rpki-client