Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/qJaxShBy0DTWJnv89u4j-u1rRt0.roa
File: qJaxShBy0DTWJnv89u4j-u1rRt0.roa (raw, json)
Hash identifier: v1eQwogxLyju8Nd0v7YmtPyhLDpVTvEoi8QUOeFY/iA=
Subject key identifier: A8:96:B1:4A:10:72:D0:34:D6:26:7B:FC:F6:EE:23:FA:ED:6B:46:DD
Certificate issuer: /CN=901f843ac9448cb07791917b90354015ffe23db7
Certificate serial: 019421B217C4ADF0BB6F79716F58CADE00C5
Authority key identifier: 90:1F:84:3A:C9:44:8C:B0:77:91:91:7B:90:35:40:15:FF:E2:3D:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kB-EOslEjLB3kZF7kDVAFf_iPbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/qJaxShBy0DTWJnv89u4j-u1rRt0.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34717
IP address blocks: 91.223.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:17:c4:ad:f0:bb:6f:79:71:6f:58:ca:de:00:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=901f843ac9448cb07791917b90354015ffe23db7
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a896b14a1072d034d6267bfcf6ee23faed6b46dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:85:13:c5:7c:e0:29:68:54:5a:e7:63:c3:00:
97:2b:69:5a:4b:70:4f:71:2e:21:79:bb:fe:10:19:
ad:15:22:8d:42:00:20:dd:bc:e2:0e:dd:ae:6b:77:
0a:55:fe:59:a1:68:9e:6d:0f:68:7c:e5:bb:52:8d:
01:5b:20:95:80:1a:a2:a3:c4:47:17:ba:14:fa:ff:
83:06:e9:ff:35:d5:fc:e1:61:23:de:4e:1a:cb:f0:
cf:09:1b:02:1f:d3:a4:81:04:e8:4b:6d:20:20:4c:
1e:91:e2:56:0f:2c:3a:aa:91:a3:72:92:a5:b7:ec:
62:73:1e:a6:ec:94:f9:28:24:cc:cc:75:07:ca:87:
f1:66:c5:6c:66:e8:23:46:a4:2a:43:f1:0a:b5:55:
1f:23:9a:8f:a9:68:be:23:f5:22:8d:2a:6f:16:f2:
08:68:c1:e1:ca:06:30:a1:2e:a2:11:fb:e3:ed:0c:
f1:65:53:63:51:2a:27:b8:17:2a:1c:ef:61:84:28:
7f:e5:21:08:4d:fa:eb:a5:05:66:0b:f2:ff:ef:50:
e8:f4:a3:a5:45:75:42:79:ab:7a:f2:c7:14:55:23:
7d:d6:a3:f5:65:59:dc:35:d5:aa:40:43:2c:97:9f:
7c:0c:0b:ee:8c:b6:8f:42:68:1f:ac:53:e2:5e:c9:
af:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:96:B1:4A:10:72:D0:34:D6:26:7B:FC:F6:EE:23:FA:ED:6B:46:DD
X509v3 Authority Key Identifier:
keyid:90:1F:84:3A:C9:44:8C:B0:77:91:91:7B:90:35:40:15:FF:E2:3D:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kB-EOslEjLB3kZF7kDVAFf_iPbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/qJaxShBy0DTWJnv89u4j-u1rRt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/kB-EOslEjLB3kZF7kDVAFf_iPbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.166.0/24
Signature Algorithm: sha256WithRSAEncryption
34:16:74:6b:b9:47:d9:bd:6c:bd:20:dd:dd:0b:c1:4d:56:71:
d5:c8:77:a5:47:72:58:dd:cc:12:15:1a:b3:1a:1b:ad:05:71:
43:70:fd:69:23:55:d0:a5:50:c3:23:fa:a0:ea:bf:92:7a:15:
7f:33:d9:eb:99:a9:b5:45:80:84:35:5c:54:d7:7a:b6:e5:9a:
a5:8c:6e:e6:45:9b:11:68:51:09:08:50:ec:a2:af:ed:8d:42:
f1:ba:5c:25:03:d8:fb:9f:50:92:4c:f6:83:7e:16:9d:c5:d6:
99:c9:01:9d:2e:cf:ae:9d:99:4e:07:d7:3d:1f:88:7c:8d:7b:
4e:7c:9b:9a:a7:26:a1:6d:2d:19:81:9f:a4:c6:98:88:44:b1:
c2:35:1f:5b:a9:4b:54:a2:1e:0d:41:46:5e:0f:65:f4:75:f5:
b6:75:0c:16:63:28:9c:f7:89:ac:81:48:12:86:b9:c6:d8:6e:
42:af:0d:27:e6:fc:f8:b5:7e:b8:da:1e:07:ee:5a:91:02:1b:
cf:52:6f:39:b5:84:ce:39:53:7c:4a:66:cf:d1:f0:1a:7a:c9:
e4:06:ef:57:63:0b:50:58:2a:97:b0:f9:64:66:24:1b:60:a9:
cc:43:8b:2e:52:c3:6c:10:c8:3c:d2:93:dd:10:f4:3a:ba:ef:
18:9f:a3:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshfErfC7b3lxb1jK3gDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMWY4NDNhYzk0NDhjYjA3NzkxOTE3YjkwMzU0MDE1ZmZl
MjNkYjcwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk2YjE0YTEwNzJkMDM0ZDYyNjdiZmNmNmVlMjNmYWVkNmI0NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4UTxXzgKWhUWudjwwCXK2laS3BP
cS4hebv+EBmtFSKNQgAg3bziDt2ua3cKVf5ZoWiebQ9ofOW7Uo0BWyCVgBqio8RH
F7oU+v+DBun/NdX84WEj3k4ay/DPCRsCH9OkgQToS20gIEwekeJWDyw6qpGjcpKl
t+xicx6m7JT5KCTMzHUHyofxZsVsZugjRqQqQ/EKtVUfI5qPqWi+I/UijSpvFvII
aMHhygYwoS6iEfvj7QzxZVNjUSonuBcqHO9hhCh/5SEITfrrpQVmC/L/71Do9KOl
RXVCeat68scUVSN91qP1ZVncNdWqQEMsl598DAvujLaPQmgfrFPiXsmvyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiWsUoQctA01iZ7/PbuI/rta0bdMB8GA1UdIwQY
MBaAFJAfhDrJRIywd5GRe5A1QBX/4j23MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ItRU9zbEVqTEIza1pGN2tEVkFGZl9pUGJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wM2M3MzQtNzU5OC00YmQ3LWFlMjEt
YjIwNGY5ZmNhZGI2LzEvcUpheFNoQnkwRFRXSm52ODl1NGotdTFyUnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wM2M3MzQtNzU5OC00YmQ3LWFlMjEtYjIwNGY5ZmNhZGI2
LzEva0ItRU9zbEVqTEIza1pGN2tEVkFGZl9pUGJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+mMA0G
CSqGSIb3DQEBCwUAA4IBAQA0FnRruUfZvWy9IN3dC8FNVnHVyHelR3JY3cwSFRqz
GhutBXFDcP1pI1XQpVDDI/qg6r+SehV/M9nrmam1RYCENVxU13q25ZqljG7mRZsR
aFEJCFDsoq/tjULxulwlA9j7n1CSTPaDfhadxdaZyQGdLs+unZlOB9c9H4h8jXtO
fJuapyahbS0ZgZ+kxpiIRLHCNR9bqUtUoh4NQUZeD2X0dfW2dQwWYyic94msgUgS
hrnG2G5Crw0n5vz4tX642h4H7lqRAhvPUm85tYTOOVN8SmbP0fAaesnkBu9XYwtQ
WCqXsPlkZiQbYKnMQ4suUsNsEMg80pPdEPQ6uu8Yn6Np
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:05:42 2025 by rpki-client