Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/aqUv6JcauwLOaXIrzkdqs5db1aQ.roa
File: aqUv6JcauwLOaXIrzkdqs5db1aQ.roa (raw, json)
Hash identifier: NdyIEEu3hsLlGcyjjPLmB9llRk69HhK0D8Xg38RlSUE=
Subject key identifier: 6A:A5:2F:E8:97:1A:BB:02:CE:69:72:2B:CE:47:6A:B3:97:5B:D5:A4
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 01942444AA2DFE09BA57D10854EAB4A7C5C7
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/aqUv6JcauwLOaXIrzkdqs5db1aQ.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.233.120.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:aa:2d:fe:09:ba:57:d1:08:54:ea:b4:a7:c5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aa52fe8971abb02ce69722bce476ab3975bd5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ad:b5:75:ff:17:86:9f:3b:2e:db:50:9d:3d:
d5:ed:f5:7f:50:41:95:a7:ac:cd:0d:09:66:ca:d6:
1a:8f:03:28:c7:8a:46:2e:bd:f8:c9:68:71:0c:37:
6c:2c:97:c1:74:41:2f:b8:2c:43:ac:1c:6a:c4:41:
52:2d:0a:c9:aa:48:64:25:37:7a:35:9e:ad:30:9f:
97:45:b3:90:6e:47:9a:52:10:9a:b8:e6:85:7e:37:
24:ab:c7:ba:a9:40:0c:b1:71:83:5f:0d:e7:4a:47:
cf:55:af:03:6e:fb:c2:ea:df:1f:3a:1b:20:58:49:
f2:ae:f4:0f:c7:44:63:42:d4:84:f9:72:28:79:28:
41:b6:c5:e2:7e:8e:85:21:26:85:3f:e4:19:aa:a2:
ef:ce:05:5d:f5:b4:63:71:94:22:9e:c3:d1:ad:c0:
87:31:b1:73:c4:c6:cd:67:0c:a3:3a:3e:41:3f:77:
91:a0:70:a9:1f:ff:46:68:c9:7e:cf:d3:e8:52:d3:
3b:87:a7:a2:24:ef:04:1c:9d:36:ea:b8:0e:fa:39:
ba:35:24:60:f2:69:77:a8:8d:7f:5d:33:4c:3a:85:
b5:8e:c0:c1:54:ef:3d:9d:34:a9:f7:d7:4d:79:a7:
2c:ef:28:91:1e:72:e4:39:c2:88:23:ff:b1:a0:e2:
e4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A5:2F:E8:97:1A:BB:02:CE:69:72:2B:CE:47:6A:B3:97:5B:D5:A4
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/aqUv6JcauwLOaXIrzkdqs5db1aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
43:61:9c:6b:79:90:aa:e3:53:be:09:d0:1d:f9:07:cc:21:d3:
0a:38:85:5c:73:f6:dc:d9:85:b8:a1:25:9c:26:d6:1f:40:ba:
37:d4:b2:67:19:15:e2:2c:48:50:c1:18:cb:03:3f:6b:2f:39:
b6:44:d2:20:6a:b7:00:89:97:7a:63:68:8f:67:93:a5:18:45:
fc:df:80:91:d1:0f:79:48:45:3f:64:7d:2f:c8:cc:54:a8:a5:
ce:7f:4b:fa:55:19:7f:d9:c7:35:11:c2:c7:fe:c1:82:32:75:
19:08:97:10:52:48:d7:b4:29:57:55:27:8a:29:15:07:0b:8e:
58:4e:f4:ab:a6:e5:1a:bd:47:b6:e5:3d:55:fb:d8:fe:db:49:
88:ea:c9:93:35:87:62:71:a3:48:36:39:ee:8c:e3:69:87:b3:
10:30:d7:7b:77:20:95:65:6f:2d:fb:0c:94:4c:33:fd:5f:03:
1e:e1:dd:b7:01:75:1a:15:15:df:0a:97:a4:92:46:79:a6:a3:
5b:6a:56:dc:95:d1:6b:36:fb:66:01:b6:1c:1b:3b:ab:a3:80:
68:81:96:65:49:38:e2:15:65:6f:bd:d7:ad:43:b8:70:0e:5c:
f8:16:83:cb:b9:a0:f8:4a:58:db:42:01:07:6c:db:4d:a2:cd:
ae:1f:a4:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRKot/gm6V9EIVOq0p8XHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE1MmZlODk3MWFiYjAyY2U2OTcyMmJjZTQ3NmFiMzk3NWJkNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7K21df8Xhp87LttQnT3V7fV/UEGV
p6zNDQlmytYajwMox4pGLr34yWhxDDdsLJfBdEEvuCxDrBxqxEFSLQrJqkhkJTd6
NZ6tMJ+XRbOQbkeaUhCauOaFfjckq8e6qUAMsXGDXw3nSkfPVa8DbvvC6t8fOhsg
WEnyrvQPx0RjQtSE+XIoeShBtsXifo6FISaFP+QZqqLvzgVd9bRjcZQinsPRrcCH
MbFzxMbNZwyjOj5BP3eRoHCpH/9GaMl+z9PoUtM7h6eiJO8EHJ026rgO+jm6NSRg
8ml3qI1/XTNMOoW1jsDBVO89nTSp99dNeacs7yiRHnLkOcKII/+xoOLkkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGqlL+iXGrsCzmlyK85HarOXW9WkMB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvYXFVdjZKY2F1d0xPYVhJcnprZHFzNWRiMWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l4MA0E
AgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQBDYZxreZCq41O+CdAd+QfM
IdMKOIVcc/bc2YW4oSWcJtYfQLo31LJnGRXiLEhQwRjLAz9rLzm2RNIgarcAiZd6
Y2iPZ5OlGEX834CR0Q95SEU/ZH0vyMxUqKXOf0v6VRl/2cc1EcLH/sGCMnUZCJcQ
UkjXtClXVSeKKRUHC45YTvSrpuUavUe25T1V+9j+20mI6smTNYdicaNINjnujONp
h7MQMNd7dyCVZW8t+wyUTDP9XwMe4d23AXUaFRXfCpekkkZ5pqNbalbcldFrNvtm
AbYcGzuro4BogZZlSTjiFWVvvdetQ7hwDlz4FoPLuaD4SljbQgEHbNtNos2uH6SA
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:33:34 2025 by rpki-client