Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ab65c0-4828-41dd-b3da-ed8db62b3533/1/aEy_zqNzomjBOnysb7pwIws5H9M.roa
File: aEy_zqNzomjBOnysb7pwIws5H9M.roa (raw, json)
Hash identifier: 5K5cuFuAW+cdRm7n0/ZKC9QHmYwbcOfw6xnQYUg53PE=
Subject key identifier: 68:4C:BF:CE:A3:73:A2:68:C1:3A:7C:AC:6F:BA:70:23:0B:39:1F:D3
Certificate issuer: /CN=93dc4bf1f8912beb7cdee409302988c611388e91
Certificate serial: 019424B37EBC4D8631B27FF81827CFB021BF
Authority key identifier: 93:DC:4B:F1:F8:91:2B:EB:7C:DE:E4:09:30:29:88:C6:11:38:8E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9xL8fiRK-t83uQJMCmIxhE4jpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ab65c0-4828-41dd-b3da-ed8db62b3533/1/aEy_zqNzomjBOnysb7pwIws5H9M.roa
Signing time: Thu 02 Jan 2025 01:48:50 +0000
ROA not before: Thu 02 Jan 2025 01:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56481
IP address blocks: 91.223.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7e:bc:4d:86:31:b2:7f:f8:18:27:cf:b0:21:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93dc4bf1f8912beb7cdee409302988c611388e91
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=684cbfcea373a268c13a7cac6fba70230b391fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:93:04:df:b7:4a:6d:96:0d:d6:82:c5:73:ce:
07:51:46:b8:37:8d:46:d3:f5:66:5a:e5:cb:33:d2:
3a:6b:bb:8f:f0:fe:8e:42:0b:06:fe:2d:5a:53:3e:
17:9b:cc:c4:58:af:fd:30:34:94:c5:a8:f5:90:00:
46:ed:fc:5b:b3:bc:f5:8b:db:31:62:09:70:f1:74:
7c:ce:ee:77:e0:b9:22:cf:36:7c:7d:c3:d9:8b:1b:
c9:7d:a4:ea:9f:77:a4:a4:ef:2e:d5:08:85:a1:55:
0e:4d:68:dd:e9:9f:8e:2c:eb:6a:8b:87:4c:7f:40:
52:f9:cb:f9:4f:2b:35:53:f8:2f:28:09:22:b2:b7:
4f:05:b4:5a:b0:83:ca:e9:57:54:ff:7b:78:f0:c3:
af:b5:0f:e9:b3:f4:ad:9d:e8:08:99:ce:fa:e2:a9:
e7:06:11:5d:c0:a0:f5:63:70:ff:56:ae:9a:ed:54:
83:0e:2e:29:92:c7:0a:f2:ba:3a:bb:8d:46:ed:0c:
37:72:a6:46:d4:d7:e7:9b:dd:ff:52:2f:44:ca:01:
3d:7e:c3:4a:20:75:e6:af:d0:d2:c8:20:9c:96:0f:
90:91:ea:5e:3d:02:e1:5f:d6:28:2b:ea:2f:18:f1:
08:01:66:99:e2:df:db:41:35:c2:e2:43:55:ea:86:
1f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4C:BF:CE:A3:73:A2:68:C1:3A:7C:AC:6F:BA:70:23:0B:39:1F:D3
X509v3 Authority Key Identifier:
keyid:93:DC:4B:F1:F8:91:2B:EB:7C:DE:E4:09:30:29:88:C6:11:38:8E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9xL8fiRK-t83uQJMCmIxhE4jpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ab65c0-4828-41dd-b3da-ed8db62b3533/1/aEy_zqNzomjBOnysb7pwIws5H9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ab65c0-4828-41dd-b3da-ed8db62b3533/1/k9xL8fiRK-t83uQJMCmIxhE4jpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.174.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:e6:5d:25:ab:56:50:41:c8:2a:9a:c1:6e:98:da:77:fe:ff:
c0:ba:db:af:48:fe:f7:cb:4c:bd:e3:a8:c6:1d:78:22:fc:9f:
5d:c8:a8:d7:5d:e8:0f:6f:21:96:68:ee:e7:1b:2b:7f:21:cf:
ae:c1:80:18:81:60:7b:f6:9f:83:5b:c6:03:19:49:c7:91:9f:
f5:a1:8c:38:87:41:25:cc:8d:bd:37:94:78:7b:1c:33:58:d2:
81:5f:18:40:18:00:39:46:39:ac:ef:67:71:e4:bb:bd:ff:a0:
5c:ac:ad:88:1a:4d:6b:e1:cb:2d:85:03:7b:e6:a7:0b:7e:dd:
c0:33:42:11:39:ef:e2:c2:04:35:df:c5:da:e0:46:16:18:ce:
7c:58:22:71:04:40:eb:e4:c4:9c:28:0f:65:87:53:e0:6a:af:
a8:ee:73:92:49:b3:9b:97:4a:b5:27:27:8d:6c:1b:7f:e6:ae:
c7:1e:1f:49:3e:2c:09:77:f9:c5:fd:1d:08:fa:d7:a5:22:9b:
f2:49:8b:61:d1:92:3a:8e:e6:bd:bf:ec:3f:5b:f1:aa:04:71:
d3:49:71:7a:da:9b:3d:96:c4:a3:26:2d:c1:32:90:10:da:d2:
97:47:b2:08:ba:af:81:2c:ac:73:e9:09:a1:6e:bd:da:e0:cd:
ad:33:07:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks368TYYxsn/4GCfPsCG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZGM0YmYxZjg5MTJiZWI3Y2RlZTQwOTMwMjk4OGM2MTEz
ODhlOTEwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRjYmZjZWEzNzNhMjY4YzEzYTdjYWM2ZmJhNzAyMzBiMzkxZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pME37dKbZYN1oLFc84HUUa4N41G
0/VmWuXLM9I6a7uP8P6OQgsG/i1aUz4Xm8zEWK/9MDSUxaj1kABG7fxbs7z1i9sx
Yglw8XR8zu534LkizzZ8fcPZixvJfaTqn3ekpO8u1QiFoVUOTWjd6Z+OLOtqi4dM
f0BS+cv5Tys1U/gvKAkisrdPBbRasIPK6VdU/3t48MOvtQ/ps/StnegImc764qnn
BhFdwKD1Y3D/Vq6a7VSDDi4pkscK8ro6u41G7Qw3cqZG1Nfnm93/Ui9EygE9fsNK
IHXmr9DSyCCclg+QkepePQLhX9YoK+ovGPEIAWaZ4t/bQTXC4kNV6oYfGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhMv86jc6JowTp8rG+6cCMLOR/TMB8GA1UdIwQY
MBaAFJPcS/H4kSvrfN7kCTApiMYROI6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazl4TDhmaVJLLXQ4M3VRSk1DbUl4aEU0anBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hYjY1YzAtNDgyOC00MWRkLWIzZGEt
ZWQ4ZGI2MmIzNTMzLzEvYUV5X3pxTnpvbWpCT255c2I3cHdJd3M1SDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hYjY1YzAtNDgyOC00MWRkLWIzZGEtZWQ4ZGI2MmIzNTMz
LzEvazl4TDhmaVJLLXQ4M3VRSk1DbUl4aEU0anBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+uMA0G
CSqGSIb3DQEBCwUAA4IBAQDD5l0lq1ZQQcgqmsFumNp3/v/AutuvSP73y0y946jG
HXgi/J9dyKjXXegPbyGWaO7nGyt/Ic+uwYAYgWB79p+DW8YDGUnHkZ/1oYw4h0El
zI29N5R4exwzWNKBXxhAGAA5Rjms72dx5Lu9/6BcrK2IGk1r4csthQN75qcLft3A
M0IROe/iwgQ138Xa4EYWGM58WCJxBEDr5MScKA9lh1Pgaq+o7nOSSbObl0q1JyeN
bBt/5q7HHh9JPiwJd/nF/R0I+telIpvySYth0ZI6jua9v+w/W/GqBHHTSXF62ps9
lsSjJi3BMpAQ2tKXR7IIuq+BLKxz6Qmhbr3a4M2tMwdy
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:07:02 2025 by rpki-client