Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/hnLpwyr61Y9rfW-orNijGQDSlok.roa
File: hnLpwyr61Y9rfW-orNijGQDSlok.roa (raw, json)
Hash identifier: JEbPbaPqAJUCWgWRtGXMytB73uHDdZ/eD28RxoLxK4I=
Subject key identifier: 86:72:E9:C3:2A:FA:D5:8F:6B:7D:6F:A8:AC:D8:A3:19:00:D2:96:89
Certificate issuer: /CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Certificate serial: 019427B3813499B2CF560513F9A6EBB29528
Authority key identifier: 6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/hnLpwyr61Y9rfW-orNijGQDSlok.roa
Signing time: Thu 02 Jan 2025 15:47:42 +0000
ROA not before: Thu 02 Jan 2025 15:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197302
IP address blocks: 91.223.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:81:34:99:b2:cf:56:05:13:f9:a6:eb:b2:95:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Validity
Not Before: Jan 2 15:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8672e9c32afad58f6b7d6fa8acd8a31900d29689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:21:15:f2:05:90:e8:c9:21:cb:b9:21:fa:91:
d3:1a:d0:c7:a1:bb:56:26:57:45:ef:90:4a:c8:13:
2f:53:37:b5:56:2e:74:4c:de:24:28:13:c7:3a:e0:
e2:6b:1d:56:bf:54:92:ae:b9:cb:6c:f4:72:e4:42:
f3:bf:6f:46:13:e3:be:33:2e:6a:6d:d5:c2:0a:c9:
a3:a0:dd:ba:68:2c:40:53:da:78:b8:4d:50:f7:b0:
7f:2a:e4:4b:b6:57:ef:90:43:60:f8:f5:10:e8:52:
d3:ff:a0:76:83:26:ef:de:77:ab:20:16:02:d1:5b:
95:e4:0d:b1:f6:9f:05:f1:a8:97:68:2d:41:23:9f:
25:35:ed:ce:66:df:d9:40:c1:76:6f:46:b1:15:d7:
f1:a5:8d:79:ef:73:97:2b:0e:3b:5f:2f:88:22:06:
7c:20:f4:36:f6:4b:f1:01:be:1a:0c:51:ac:75:ae:
76:26:0d:9f:2e:0e:7e:cc:c3:b8:bb:e6:f9:4a:a5:
3c:f7:ec:02:4a:de:f5:5a:98:99:4d:f5:5f:a1:cf:
1b:80:79:34:30:82:c8:ba:d9:f8:ed:aa:24:8f:1c:
df:33:85:27:75:66:d2:92:c1:6a:63:f1:62:72:d1:
71:3b:35:8c:b9:16:5c:b3:b6:f3:7f:18:bf:38:4f:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:72:E9:C3:2A:FA:D5:8F:6B:7D:6F:A8:AC:D8:A3:19:00:D2:96:89
X509v3 Authority Key Identifier:
keyid:6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/hnLpwyr61Y9rfW-orNijGQDSlok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.124.0/24
Signature Algorithm: sha256WithRSAEncryption
83:30:6e:69:b2:01:56:ea:80:81:0c:64:38:cc:6f:a2:48:f0:
dc:c9:27:38:e0:14:9c:73:f6:26:2d:fe:98:a5:40:4d:82:55:
c8:74:7c:d4:da:40:b5:ee:34:63:0e:e3:96:c4:67:ad:15:29:
c9:6c:7a:0f:4e:d2:7f:7f:9d:41:d9:72:2d:11:b1:10:da:46:
55:ec:96:34:d4:8d:53:96:c2:c6:7c:fc:df:1a:ee:a4:32:71:
74:47:e6:ae:b0:c3:a8:a4:9b:ff:91:d0:31:e9:72:bb:9c:21:
5c:90:65:69:ac:0f:cc:73:28:9f:32:37:7a:2c:e7:f6:76:3c:
74:26:10:34:b4:f8:58:83:bd:3d:2c:47:ce:03:7b:2a:57:6e:
ad:06:f5:84:17:3a:ec:eb:32:60:47:53:48:a2:8b:14:04:83:
87:b1:0c:47:e8:8f:4c:40:58:1c:38:7d:28:e3:22:54:55:86:
ff:cd:24:97:31:cb:de:6d:c8:4b:5a:cb:07:c9:de:0c:9a:05:
55:67:b6:d8:16:1c:28:39:df:92:b9:a9:1a:9b:85:28:b6:68:
cd:7b:b8:2e:f9:19:95:8a:70:c8:60:99:31:2a:08:3a:18:49:
43:ba:07:40:59:d7:9b:6c:58:65:df:f5:aa:97:09:67:22:0d:
b0:1a:fa:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns4E0mbLPVgUT+abrspUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODVhNGQ1NjQyODNhN2ZkZGY2MzQ1Njk3ZDZiYzMzNzNh
MzIyNDYwHhcNMjUwMTAyMTU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcyZTljMzJhZmFkNThmNmI3ZDZmYThhY2Q4YTMxOTAwZDI5Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyEV8gWQ6Mkhy7kh+pHTGtDHobtW
JldF75BKyBMvUze1Vi50TN4kKBPHOuDiax1Wv1SSrrnLbPRy5ELzv29GE+O+My5q
bdXCCsmjoN26aCxAU9p4uE1Q97B/KuRLtlfvkENg+PUQ6FLT/6B2gybv3nerIBYC
0VuV5A2x9p8F8aiXaC1BI58lNe3OZt/ZQMF2b0axFdfxpY1573OXKw47Xy+IIgZ8
IPQ29kvxAb4aDFGsda52Jg2fLg5+zMO4u+b5SqU89+wCSt71WpiZTfVfoc8bgHk0
MILIutn47aokjxzfM4UndWbSksFqY/FictFxOzWMuRZcs7bzfxi/OE/KjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZy6cMq+tWPa31vqKzYoxkA0paJMB8GA1UdIwQY
MBaAFG+FpNVkKDp/3fY0VpfWvDNzoyJGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQt
MDYxZmMxYWViMTU4LzEvaG5McHd5cjYxWTlyZlctb3JOaWpHUURTbG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQtMDYxZmMxYWViMTU4
LzEvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW998MA0G
CSqGSIb3DQEBCwUAA4IBAQCDMG5psgFW6oCBDGQ4zG+iSPDcySc44BScc/YmLf6Y
pUBNglXIdHzU2kC17jRjDuOWxGetFSnJbHoPTtJ/f51B2XItEbEQ2kZV7JY01I1T
lsLGfPzfGu6kMnF0R+ausMOopJv/kdAx6XK7nCFckGVprA/McyifMjd6LOf2djx0
JhA0tPhYg709LEfOA3sqV26tBvWEFzrs6zJgR1NIoosUBIOHsQxH6I9MQFgcOH0o
4yJUVYb/zSSXMcvebchLWssHyd4MmgVVZ7bYFhwoOd+Suakam4UotmjNe7gu+RmV
inDIYJkxKgg6GElDugdAWdebbFhl3/WqlwlnIg2wGvpA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net