Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/PQ45AYuoXrKgjYd4a2nYqs6hfn8.roa
File: PQ45AYuoXrKgjYd4a2nYqs6hfn8.roa (raw, json)
Hash identifier: 7Md1PLbDzWkJqH/gps7rzdw/URXMoRhj3yufH4c5pmc=
Subject key identifier: 3D:0E:39:01:8B:A8:5E:B2:A0:8D:87:78:6B:69:D8:AA:CE:A1:7E:7F
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 019425FDC0B7C94661A28D50F9C876FF5933
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/PQ45AYuoXrKgjYd4a2nYqs6hfn8.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44508
IP address blocks: 91.198.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c0:b7:c9:46:61:a2:8d:50:f9:c8:76:ff:59:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d0e39018ba85eb2a08d87786b69d8aacea17e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e2:30:ea:59:1c:c4:7d:91:0b:ba:2b:27:85:
9e:d8:7d:0c:e0:1f:96:35:d5:cc:f6:56:27:72:a1:
00:92:08:de:a9:09:8e:e5:a6:d5:53:31:5c:87:14:
24:a7:29:10:fe:4c:4a:36:a6:e8:6e:a2:f7:83:4d:
b2:65:c5:22:b9:c9:1f:de:bb:a6:96:67:70:86:07:
17:15:6c:af:5d:e9:73:94:b7:35:12:60:8b:8e:f2:
46:66:93:6b:26:b1:78:6b:9c:0b:11:69:d1:4b:ba:
f9:52:ba:0d:76:42:95:50:c4:05:5d:85:4e:69:ec:
f4:71:e4:60:d1:af:bf:0e:ba:f5:1d:59:69:e0:e5:
e3:81:d1:3a:76:bc:d4:14:65:c0:55:55:b6:1f:ed:
30:aa:33:d4:2a:84:d2:6f:4a:d6:9f:48:c4:25:72:
b1:5a:49:b1:d0:79:c7:e0:d5:42:82:6f:cb:c4:f1:
62:2b:53:d9:37:8b:ef:04:ba:61:32:39:76:0b:98:
a9:29:44:c7:dd:a4:2e:b0:c2:9e:b9:87:24:2d:1a:
05:7c:4f:5c:41:f6:0a:da:48:f8:56:86:7a:22:e9:
8b:62:94:7d:5b:6f:58:aa:4a:b5:c6:53:99:2f:89:
23:be:ed:12:77:d4:3b:01:0c:2f:ff:4a:4c:92:af:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0E:39:01:8B:A8:5E:B2:A0:8D:87:78:6B:69:D8:AA:CE:A1:7E:7F
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/PQ45AYuoXrKgjYd4a2nYqs6hfn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.227.0/24
Signature Algorithm: sha256WithRSAEncryption
44:73:c5:57:b7:ef:5f:fc:b3:94:95:0e:e9:f6:df:d2:88:29:
b1:dc:ac:12:1a:ca:3a:15:7b:b0:75:8a:f2:85:12:77:c2:82:
1b:ff:51:76:76:55:12:1d:fe:61:0d:28:21:42:d5:84:b3:96:
b8:98:ef:30:6f:f0:82:e1:3d:04:69:f7:f3:2a:32:62:ca:3b:
9f:8f:72:18:4f:f7:8a:9a:cb:3b:58:58:3a:93:90:36:11:20:
4e:a0:b7:71:f4:cc:8b:d9:11:d5:01:21:26:26:db:51:63:9c:
7a:41:d4:2e:9a:ad:34:98:86:95:cc:71:01:a4:3e:8d:6d:36:
54:c1:ea:6a:ee:ac:a5:9d:8d:e1:ef:63:c6:ee:ef:c1:84:d0:
c2:a1:42:0b:61:9d:04:f3:45:2e:5b:e0:07:17:7e:37:c6:25:
33:6a:53:bf:4b:2b:cb:eb:3c:d4:14:ff:fa:3c:56:92:36:ee:
5a:df:a0:33:82:62:5e:63:cd:b0:f3:9c:dc:74:c1:bd:01:8e:
8e:a8:f9:f0:be:67:30:1b:3a:21:3d:90:b7:a5:cf:6f:eb:84:
be:cb:3f:84:eb:c6:f4:5b:8d:4c:ea:6c:2a:f3:ae:3b:8c:85:
3e:d0:2a:e8:84:af:12:ce:9d:49:0d:70:8a:ef:ea:b6:32:6d:
0f:9e:c6:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/cC3yUZhoo1Q+ch2/1kzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBlMzkwMThiYTg1ZWIyYTA4ZDg3Nzg2YjY5ZDhhYWNlYTE3ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuIw6lkcxH2RC7orJ4We2H0M4B+W
NdXM9lYncqEAkgjeqQmO5abVUzFchxQkpykQ/kxKNqbobqL3g02yZcUiuckf3rum
lmdwhgcXFWyvXelzlLc1EmCLjvJGZpNrJrF4a5wLEWnRS7r5UroNdkKVUMQFXYVO
aez0ceRg0a+/Drr1HVlp4OXjgdE6drzUFGXAVVW2H+0wqjPUKoTSb0rWn0jEJXKx
Wkmx0HnH4NVCgm/LxPFiK1PZN4vvBLphMjl2C5ipKUTH3aQusMKeuYckLRoFfE9c
QfYK2kj4VoZ6IumLYpR9W29Yqkq1xlOZL4kjvu0Sd9Q7AQwv/0pMkq/WMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0OOQGLqF6yoI2HeGtp2KrOoX5/MB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvUFE0NUFZdW9YcktnallkNGEybllxczZoZm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bjMA0G
CSqGSIb3DQEBCwUAA4IBAQBEc8VXt+9f/LOUlQ7p9t/SiCmx3KwSGso6FXuwdYry
hRJ3woIb/1F2dlUSHf5hDSghQtWEs5a4mO8wb/CC4T0EaffzKjJiyjufj3IYT/eK
mss7WFg6k5A2ESBOoLdx9MyL2RHVASEmJttRY5x6QdQumq00mIaVzHEBpD6NbTZU
wepq7qylnY3h72PG7u/BhNDCoUILYZ0E80UuW+AHF343xiUzalO/SyvL6zzUFP/6
PFaSNu5a36AzgmJeY82w85zcdMG9AY6OqPnwvmcwGzohPZC3pc9v64S+yz+E68b0
W41M6mwq8647jIU+0CrohK8Szp1JDXCK7+q2Mm0PnsZS
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:14:15 2025 by rpki-client