Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/1-QbsigNOAsIOrzATvCDKf5YVw3s.roa
File: 1-QbsigNOAsIOrzATvCDKf5YVw3s.roa (raw, json)
Hash identifier: gWNRwRZG0Ifn0uSFb+Au9uZSZqHds/SqKOwbteITnow=
Subject key identifier: F9:06:EC:8A:03:4E:02:C2:0E:AF:30:13:BC:20:CA:7F:96:15:C3:7B
Certificate issuer: /CN=4cea66adda9df9625a3d78d628fb05e2484dd878
Certificate serial: 019422FC252D20F6DC172F2133EC4F85BC1E
Authority key identifier: 4C:EA:66:AD:DA:9D:F9:62:5A:3D:78:D6:28:FB:05:E2:48:4D:D8:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOpmrdqd-WJaPXjWKPsF4khN2Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/1-QbsigNOAsIOrzATvCDKf5YVw3s.roa
Signing time: Wed 01 Jan 2025 17:48:57 +0000
ROA not before: Wed 01 Jan 2025 17:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56721
IP address blocks: 91.227.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:25:2d:20:f6:dc:17:2f:21:33:ec:4f:85:bc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cea66adda9df9625a3d78d628fb05e2484dd878
Validity
Not Before: Jan 1 17:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f906ec8a034e02c20eaf3013bc20ca7f9615c37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:ac:8b:dd:38:2c:42:5c:0b:56:6f:27:35:
9c:66:f5:29:14:e5:7d:d3:f6:2b:14:d2:b7:d4:cb:
4a:c5:d7:07:1d:4b:ed:d5:d1:22:46:75:f4:22:c9:
b3:91:6b:88:f6:80:85:97:a4:2e:48:70:74:cf:90:
f0:61:94:43:86:55:7a:38:45:df:c6:8f:79:92:a6:
7d:66:0d:6d:ee:14:5d:e7:11:0a:a5:ed:04:dc:40:
93:a7:1f:a7:0a:d1:6a:ce:19:3e:30:f8:61:e3:11:
fa:2a:f5:40:f8:0d:8f:f1:93:90:8f:97:75:db:4f:
e5:56:1b:15:7e:11:20:1b:83:6a:8e:e2:ac:bc:e6:
bc:f3:9d:55:eb:cd:42:f0:8a:25:e7:eb:4d:da:6e:
c9:ef:b0:f2:67:95:a6:40:59:62:00:ee:e5:3d:02:
fb:78:f6:7e:a2:79:37:83:a2:70:1d:29:fb:93:91:
18:b6:4d:dd:70:99:0b:5e:b6:98:68:62:7c:57:95:
25:f1:d9:8d:c6:6a:84:08:88:3b:73:6b:7c:8a:93:
8c:53:44:ae:dc:a8:84:9c:5a:70:0e:f1:70:bd:93:
cc:45:f9:f5:ed:55:88:60:6a:bf:8d:6a:e8:8b:a0:
4b:11:92:3a:53:6f:29:20:76:4c:58:2e:f4:c2:50:
e6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:06:EC:8A:03:4E:02:C2:0E:AF:30:13:BC:20:CA:7F:96:15:C3:7B
X509v3 Authority Key Identifier:
keyid:4C:EA:66:AD:DA:9D:F9:62:5A:3D:78:D6:28:FB:05:E2:48:4D:D8:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOpmrdqd-WJaPXjWKPsF4khN2Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/1-QbsigNOAsIOrzATvCDKf5YVw3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.23.0/24
Signature Algorithm: sha256WithRSAEncryption
25:fd:f0:84:be:e2:7b:52:8e:0a:4a:d5:7c:9f:8d:88:a3:2a:
b3:6a:0f:ab:6f:6f:49:87:c7:b5:90:07:5f:ac:95:2a:9b:d6:
1b:fb:1d:4e:85:69:ba:b1:ee:d4:28:de:74:f4:5d:0f:de:ae:
09:f4:e2:4f:ff:e4:29:3d:d6:40:91:a6:a4:71:37:80:2d:c7:
33:18:70:a8:3d:19:f2:25:c7:15:ff:e9:4d:ce:04:3b:46:4d:
62:b2:47:b5:d9:3c:fc:6e:39:06:ad:69:b9:51:4c:f3:d3:50:
0a:69:0f:8a:99:61:11:e0:c7:65:b8:bf:4e:3a:fd:62:c3:e6:
b6:94:3c:89:2f:21:4f:d1:04:52:f7:e8:94:bc:2f:4d:00:d1:
b6:76:c0:fc:72:5c:27:d6:c6:d5:04:df:d9:2f:10:77:bd:2a:
d1:05:7f:4a:59:0d:58:be:e1:77:58:cc:56:7b:ed:8a:63:73:
28:94:b9:0a:db:f8:69:e6:44:9a:88:7b:8c:ca:c9:ad:f2:9c:
eb:9c:36:bd:f0:8e:da:d8:b7:5b:23:d4:e3:aa:0b:1d:4e:11:
f5:26:60:e5:bc:7d:d9:ac:e5:2d:b8:b7:85:c7:98:8c:24:27:
26:41:04:86:4c:b5:b3:47:81:92:48:37:99:e5:46:c7:38:9f:
b0:ad:68:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi/CUtIPbcFy8hM+xPhbweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZWE2NmFkZGE5ZGY5NjI1YTNkNzhkNjI4ZmIwNWUyNDg0
ZGQ4NzgwHhcNMjUwMTAxMTc0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA2ZWM4YTAzNGUwMmMyMGVhZjMwMTNiYzIwY2E3Zjk2MTVjMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqqsi904LEJcC1ZvJzWcZvUpFOV9
0/YrFNK31MtKxdcHHUvt1dEiRnX0IsmzkWuI9oCFl6QuSHB0z5DwYZRDhlV6OEXf
xo95kqZ9Zg1t7hRd5xEKpe0E3ECTpx+nCtFqzhk+MPhh4xH6KvVA+A2P8ZOQj5d1
20/lVhsVfhEgG4NqjuKsvOa8851V681C8Iol5+tN2m7J77DyZ5WmQFliAO7lPQL7
ePZ+onk3g6JwHSn7k5EYtk3dcJkLXraYaGJ8V5Ul8dmNxmqECIg7c2t8ipOMU0Su
3KiEnFpwDvFwvZPMRfn17VWIYGq/jWroi6BLEZI6U28pIHZMWC70wlDmyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkG7IoDTgLCDq8wE7wgyn+WFcN7MB8GA1UdIwQY
MBaAFEzqZq3anfliWj141ij7BeJITdh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9wbXJkcWQtV0phUFhqV0tQc0Y0a2hOMkhnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81NzBkOTMtNjk2ZC00N2ViLTkzYjEt
Nzc4MzZlMmZjYmRkLzEvMS1RYnNpZ05PQXNJT3J6QVR2Q0RLZjVZVnczcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvNTcwZDkzLTY5NmQtNDdlYi05M2IxLTc3ODM2ZTJmY2Jk
ZC8xL1RPcG1yZHFkLVdKYVBYaldLUHNGNGtoTjJIZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvjFzAN
BgkqhkiG9w0BAQsFAAOCAQEAJf3whL7ie1KOCkrVfJ+NiKMqs2oPq29vSYfHtZAH
X6yVKpvWG/sdToVpurHu1CjedPRdD96uCfTiT//kKT3WQJGmpHE3gC3HMxhwqD0Z
8iXHFf/pTc4EO0ZNYrJHtdk8/G45Bq1puVFM89NQCmkPiplhEeDHZbi/Tjr9YsPm
tpQ8iS8hT9EEUvfolLwvTQDRtnbA/HJcJ9bG1QTf2S8Qd70q0QV/SlkNWL7hd1jM
VnvtimNzKJS5Ctv4aeZEmoh7jMrJrfKc65w2vfCO2ti3WyPU46oLHU4R9SZg5bx9
2azlLbi3hceYjCQnJkEEhky1s0eBkkg3meVGxzifsK1oBQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:22 2025 by rpki-client