Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b4597f-ee1c-462b-ab84-ebe59e274840/1/bnk0ln2aj6MfWOT6o9kQMXhL3ow.roa
File: bnk0ln2aj6MfWOT6o9kQMXhL3ow.roa (raw, json)
Hash identifier: nUC34YHIv92VX7i6tmE4A0fGDBK2kzWYfNC+d/UuSnw=
Subject key identifier: 6E:79:34:96:7D:9A:8F:A3:1F:58:E4:FA:A3:D9:10:31:78:4B:DE:8C
Certificate issuer: /CN=e87244897c7917b791e100d4680339c4a3593fc3
Certificate serial: 01942068491FCC79330D4C4420A995CE4B2F
Authority key identifier: E8:72:44:89:7C:79:17:B7:91:E1:00:D4:68:03:39:C4:A3:59:3F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HJEiXx5F7eR4QDUaAM5xKNZP8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b4597f-ee1c-462b-ab84-ebe59e274840/1/bnk0ln2aj6MfWOT6o9kQMXhL3ow.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197093
IP address blocks: 91.223.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:49:1f:cc:79:33:0d:4c:44:20:a9:95:ce:4b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87244897c7917b791e100d4680339c4a3593fc3
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e7934967d9a8fa31f58e4faa3d91031784bde8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:af:f5:2d:cc:af:1a:69:35:72:7e:77:74:
af:3f:6c:f7:0f:85:ad:69:a0:3f:b5:10:ba:f9:ba:
07:e2:20:a8:2e:9a:51:d0:f4:ee:10:16:3f:f3:38:
8c:c2:2c:1d:98:d9:5e:41:b7:3b:e4:e3:8a:08:4b:
29:49:9b:83:08:7f:47:d3:cc:89:d3:69:f5:14:2c:
19:ae:45:80:94:70:79:43:bf:f8:01:8b:e1:66:75:
90:5c:29:1b:aa:5b:af:2d:92:2e:b5:7c:77:63:0e:
1c:fc:92:60:34:35:c4:c5:d7:3f:2a:5c:34:ac:49:
a3:aa:82:99:39:44:ed:00:a1:58:a7:03:11:10:ef:
54:43:dd:53:56:1a:8f:1b:c3:67:85:92:8a:e3:e5:
f4:25:4d:f6:2f:9a:3a:e8:06:d7:95:c0:d5:66:f9:
2e:a8:76:2c:3e:a5:3d:fd:dd:36:60:2b:38:bf:12:
51:a0:87:3d:75:98:09:50:89:d3:6a:92:96:7e:51:
c5:c8:03:1c:41:89:9c:65:3d:61:71:31:63:17:37:
25:96:27:5e:c5:1d:5b:bf:bd:8f:d8:54:83:1a:e9:
7e:a8:4d:db:fa:23:c0:09:ac:40:1d:29:7a:1c:50:
59:66:d5:45:08:89:be:19:39:87:66:44:d3:82:ea:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:79:34:96:7D:9A:8F:A3:1F:58:E4:FA:A3:D9:10:31:78:4B:DE:8C
X509v3 Authority Key Identifier:
keyid:E8:72:44:89:7C:79:17:B7:91:E1:00:D4:68:03:39:C4:A3:59:3F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HJEiXx5F7eR4QDUaAM5xKNZP8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b4597f-ee1c-462b-ab84-ebe59e274840/1/bnk0ln2aj6MfWOT6o9kQMXhL3ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b4597f-ee1c-462b-ab84-ebe59e274840/1/6HJEiXx5F7eR4QDUaAM5xKNZP8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.55.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:7d:b4:ac:5b:c4:36:f5:16:a1:e8:ff:ad:5b:4c:14:79:1f:
e2:96:a0:86:3f:2a:77:5d:1a:f4:3e:f8:b5:fd:24:4c:13:02:
50:a0:95:c6:67:87:2c:51:93:b8:11:50:a8:59:9a:1e:4d:a0:
7c:a4:2d:74:4e:b1:1b:bb:8f:0d:a8:67:15:38:56:24:04:5d:
6e:fa:19:e1:0b:12:5d:14:ea:12:fe:bf:73:1f:2b:91:40:01:
f3:2a:79:25:77:39:6d:bb:2d:2a:ff:fa:56:d9:7d:d4:cf:d4:
c3:1a:fb:18:34:80:3a:bd:b2:04:f5:46:14:6c:cd:64:81:8c:
8d:bf:a7:ae:1d:71:ea:ef:bb:18:f7:58:15:00:58:66:bd:73:
8d:55:ad:e3:5c:58:c5:95:ee:34:1c:ca:99:f0:36:7c:ae:f1:
9b:3a:27:25:47:9f:cf:0e:41:80:35:3f:65:69:42:4a:a9:1a:
6d:f4:8a:4b:86:31:38:af:e9:41:cc:c2:2f:f4:ea:ca:08:24:
5d:83:0f:a9:7d:8e:39:cb:ac:40:b5:da:3e:65:62:4e:53:f6:
16:db:bf:21:ee:df:18:f1:1f:6b:da:50:f8:c0:40:b2:44:29:
c2:df:63:10:1f:8b:e6:84:e0:73:9f:f1:95:6c:15:ef:59:fd:
29:c8:be:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEkfzHkzDUxEIKmVzksvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzI0NDg5N2M3OTE3Yjc5MWUxMDBkNDY4MDMzOWM0YTM1
OTNmYzMwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc5MzQ5NjdkOWE4ZmEzMWY1OGU0ZmFhM2Q5MTAzMTc4NGJkZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGSv9S3MrxppNXJ+d3SvP2z3D4Wt
aaA/tRC6+boH4iCoLppR0PTuEBY/8ziMwiwdmNleQbc75OOKCEspSZuDCH9H08yJ
02n1FCwZrkWAlHB5Q7/4AYvhZnWQXCkbqluvLZIutXx3Yw4c/JJgNDXExdc/Klw0
rEmjqoKZOUTtAKFYpwMREO9UQ91TVhqPG8NnhZKK4+X0JU32L5o66AbXlcDVZvku
qHYsPqU9/d02YCs4vxJRoIc9dZgJUInTapKWflHFyAMcQYmcZT1hcTFjFzcllide
xR1bv72P2FSDGul+qE3b+iPACaxAHSl6HFBZZtVFCIm+GTmHZkTTguquJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG55NJZ9mo+jH1jk+qPZEDF4S96MMB8GA1UdIwQY
MBaAFOhyRIl8eRe3keEA1GgDOcSjWT/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhKRWlYeDVGN2VSNFFEVWFBTTV4S05aUDhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDU5N2YtZWUxYy00NjJiLWFiODQt
ZWJlNTllMjc0ODQwLzEvYm5rMGxuMmFqNk1mV09UNm85a1FNWGhMM293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDU5N2YtZWUxYy00NjJiLWFiODQtZWJlNTllMjc0ODQw
LzEvNkhKRWlYeDVGN2VSNFFEVWFBTTV4S05aUDhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW983MA0G
CSqGSIb3DQEBCwUAA4IBAQCbfbSsW8Q29Rah6P+tW0wUeR/ilqCGPyp3XRr0Pvi1
/SRMEwJQoJXGZ4csUZO4EVCoWZoeTaB8pC10TrEbu48NqGcVOFYkBF1u+hnhCxJd
FOoS/r9zHyuRQAHzKnkldzltuy0q//pW2X3Uz9TDGvsYNIA6vbIE9UYUbM1kgYyN
v6euHXHq77sY91gVAFhmvXONVa3jXFjFle40HMqZ8DZ8rvGbOiclR5/PDkGANT9l
aUJKqRpt9IpLhjE4r+lBzMIv9OrKCCRdgw+pfY45y6xAtdo+ZWJOU/YW278h7t8Y
8R9r2lD4wECyRCnC32MQH4vmhOBzn/GVbBXvWf0pyL7/
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:08 2025 by rpki-client