Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/579507-0f1c-4482-81f8-23becabee485/1/qretLq-2TRV_kLur_ZfrXtWfGk4.roa
File: qretLq-2TRV_kLur_ZfrXtWfGk4.roa (raw, json)
Hash identifier: K7yWDcrFHXcXI8MhU1CBJxRjChOhWDTmYbsiBA7G8MM=
Subject key identifier: AA:B7:AD:2E:AF:B6:4D:15:7F:90:BB:AB:FD:97:EB:5E:D5:9F:1A:4E
Certificate issuer: /CN=9e193d6f48067ffb8732cc432697542313dc6783
Certificate serial: 01941F8C25423D6E92A05928FFD04230AA68
Authority key identifier: 9E:19:3D:6F:48:06:7F:FB:87:32:CC:43:26:97:54:23:13:DC:67:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhk9b0gGf_uHMsxDJpdUIxPcZ4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/579507-0f1c-4482-81f8-23becabee485/1/qretLq-2TRV_kLur_ZfrXtWfGk4.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 91.217.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:25:42:3d:6e:92:a0:59:28:ff:d0:42:30:aa:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e193d6f48067ffb8732cc432697542313dc6783
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab7ad2eafb64d157f90bbabfd97eb5ed59f1a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:68:60:86:5d:35:1d:67:c8:8a:87:ef:e2:cf:
b0:2f:81:78:da:23:9f:3c:8a:e9:70:f3:b2:46:ea:
ab:a4:fb:2f:83:e1:f4:89:6b:9b:5f:50:20:a0:a8:
7f:03:f1:98:72:7d:de:1f:80:a3:74:4a:a3:ca:0c:
0d:91:d5:d2:67:89:18:49:58:39:0f:3a:ad:77:8b:
61:1a:ad:2b:7c:b1:89:ce:d7:5c:4a:69:89:61:c6:
69:4d:14:87:96:6d:fa:ad:01:0b:c1:9c:a0:6d:01:
d2:21:7f:62:98:5c:c0:3d:48:99:f5:65:55:e9:56:
f7:bd:e8:be:59:32:11:1c:70:82:0e:86:00:44:8a:
73:57:92:a0:01:76:a6:06:a1:5c:c4:2b:ad:74:6b:
38:b2:11:2e:f1:78:b7:51:f9:41:3a:10:10:ca:80:
d5:f8:8e:49:40:b6:39:71:87:fd:dd:8b:9f:84:85:
6a:b0:a6:1d:41:6d:f1:4e:12:4b:bc:69:f2:bd:28:
7e:89:17:7a:f3:ca:5d:9f:c8:12:0c:70:8c:13:86:
8e:32:57:08:cb:31:98:70:f6:b7:a6:5e:15:30:6f:
88:fa:1a:0c:b3:f0:dd:e2:b1:4f:e2:83:42:cc:e2:
ca:00:7c:26:9f:75:3b:0f:3a:01:ae:ec:c9:79:42:
16:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B7:AD:2E:AF:B6:4D:15:7F:90:BB:AB:FD:97:EB:5E:D5:9F:1A:4E
X509v3 Authority Key Identifier:
keyid:9E:19:3D:6F:48:06:7F:FB:87:32:CC:43:26:97:54:23:13:DC:67:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhk9b0gGf_uHMsxDJpdUIxPcZ4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/579507-0f1c-4482-81f8-23becabee485/1/qretLq-2TRV_kLur_ZfrXtWfGk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/579507-0f1c-4482-81f8-23becabee485/1/nhk9b0gGf_uHMsxDJpdUIxPcZ4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.226.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:a6:32:42:b3:ce:52:3a:16:1e:83:c3:85:0c:06:40:54:e6:
9d:c2:ca:db:bf:24:62:58:86:34:66:54:f0:ba:33:1f:64:72:
20:75:69:3a:b6:85:d6:a6:9c:1f:f3:b8:1f:e5:c7:fd:e5:25:
a8:00:97:9d:c4:11:ec:1a:43:23:5e:83:2a:3b:fb:e1:cf:83:
21:7f:73:16:d4:79:02:b0:df:41:48:05:26:17:8d:d4:66:0b:
34:b1:c8:0b:27:98:4f:30:bc:0a:bb:fc:b2:65:e8:84:ee:80:
c7:a2:6e:c9:f0:04:ce:90:6e:3f:73:18:e9:f2:03:90:62:8c:
1e:ca:fe:91:bd:35:1d:9c:bc:a7:21:31:2c:0c:74:d8:50:7f:
8d:14:83:36:4b:f9:0a:92:44:a5:e2:dc:ff:68:ff:f8:55:b1:
01:c4:31:4a:e2:4a:81:94:c5:c8:62:43:ef:37:2b:d6:48:a5:
31:3c:40:d6:5e:17:6d:4e:d4:f1:92:82:1e:df:3a:73:d2:6c:
29:e5:ad:0d:b7:7e:df:17:bd:09:38:68:ee:ca:57:25:38:c8:
a8:65:57:9f:5b:22:5d:59:de:95:e8:8c:05:79:bd:1b:05:ee:
54:09:69:0c:b4:68:8e:9a:61:69:df:f7:b7:c9:2a:df:63:75:
f5:5d:58:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCVCPW6SoFko/9BCMKpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMTkzZDZmNDgwNjdmZmI4NzMyY2M0MzI2OTc1NDIzMTNk
YzY3ODMwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI3YWQyZWFmYjY0ZDE1N2Y5MGJiYWJmZDk3ZWI1ZWQ1OWYxYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmhghl01HWfIiofv4s+wL4F42iOf
PIrpcPOyRuqrpPsvg+H0iWubX1AgoKh/A/GYcn3eH4CjdEqjygwNkdXSZ4kYSVg5
Dzqtd4thGq0rfLGJztdcSmmJYcZpTRSHlm36rQELwZygbQHSIX9imFzAPUiZ9WVV
6Vb3vei+WTIRHHCCDoYARIpzV5KgAXamBqFcxCutdGs4shEu8Xi3UflBOhAQyoDV
+I5JQLY5cYf93YufhIVqsKYdQW3xThJLvGnyvSh+iRd688pdn8gSDHCME4aOMlcI
yzGYcPa3pl4VMG+I+hoMs/Dd4rFP4oNCzOLKAHwmn3U7DzoBruzJeUIWpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq3rS6vtk0Vf5C7q/2X617VnxpOMB8GA1UdIwQY
MBaAFJ4ZPW9IBn/7hzLMQyaXVCMT3GeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhrOWIwZ0dmX3VITXN4REpwZFVJeFBjWjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny81Nzk1MDctMGYxYy00NDgyLTgxZjgt
MjNiZWNhYmVlNDg1LzEvcXJldExxLTJUUlZfa0x1cl9aZnJYdFdmR2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny81Nzk1MDctMGYxYy00NDgyLTgxZjgtMjNiZWNhYmVlNDg1
LzEvbmhrOWIwZ0dmX3VITXN4REpwZFVJeFBjWjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9niMA0G
CSqGSIb3DQEBCwUAA4IBAQCPpjJCs85SOhYeg8OFDAZAVOadwsrbvyRiWIY0ZlTw
ujMfZHIgdWk6toXWppwf87gf5cf95SWoAJedxBHsGkMjXoMqO/vhz4Mhf3MW1HkC
sN9BSAUmF43UZgs0scgLJ5hPMLwKu/yyZeiE7oDHom7J8ATOkG4/cxjp8gOQYowe
yv6RvTUdnLynITEsDHTYUH+NFIM2S/kKkkSl4tz/aP/4VbEBxDFK4kqBlMXIYkPv
NyvWSKUxPEDWXhdtTtTxkoIe3zpz0mwp5a0Nt37fF70JOGjuylclOMioZVefWyJd
Wd6V6IwFeb0bBe5UCWkMtGiOmmFp3/e3ySrfY3X1XViI
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:35:28 2025 by rpki-client