Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/4nDZaowRUFxgro9HzJBdqHtaGu0.roa
File: 4nDZaowRUFxgro9HzJBdqHtaGu0.roa (raw, json)
Hash identifier: Pz1RCZ4Km++aeaXhzcucZrOWQ7ERwfeOGau3PvRd+wA=
Subject key identifier: E2:70:D9:6A:8C:11:50:5C:60:AE:8F:47:CC:90:5D:A8:7B:5A:1A:ED
Certificate issuer: /CN=0a48c04816aa61f935e14a64c3ebba910ba651f4
Certificate serial: 01941F8C4400EA83A427AE36AC42DFA5D293
Authority key identifier: 0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/4nDZaowRUFxgro9HzJBdqHtaGu0.roa
Signing time: Wed 01 Jan 2025 01:47:53 +0000
ROA not before: Wed 01 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214743
IP address blocks: 91.198.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:44:00:ea:83:a4:27:ae:36:ac:42:df:a5:d2:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a48c04816aa61f935e14a64c3ebba910ba651f4
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e270d96a8c11505c60ae8f47cc905da87b5a1aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:81:73:35:85:70:69:5b:4f:bc:aa:69:18:
5e:5d:e4:fc:bb:13:11:4b:01:14:74:9c:d9:29:52:
10:4a:c8:83:af:e1:ac:61:21:83:8b:e1:7d:0a:e9:
c8:8c:24:8b:68:ff:9b:88:a0:ce:71:1e:1d:0b:62:
58:37:54:b7:2c:a6:82:59:e7:45:46:44:46:3b:27:
2d:af:7b:73:50:80:bb:18:32:b4:2e:54:ca:8b:bf:
49:23:70:ff:82:a8:5e:a6:74:b5:7e:0d:fb:b3:f8:
73:9e:ea:00:5a:17:61:57:c5:6b:4b:8a:4b:7b:e4:
e7:de:a8:4e:ff:fd:00:91:29:06:f1:5f:49:eb:00:
eb:14:73:d6:7d:c3:19:b2:12:a3:37:11:4e:38:24:
0b:fd:13:75:9d:96:47:2d:51:14:d5:aa:0a:67:5c:
19:d4:86:aa:04:ab:33:ee:18:b0:eb:a5:cf:29:dc:
7c:7b:a2:ce:05:9b:83:9c:b0:08:5a:69:cd:85:3f:
42:16:c2:77:fa:0b:c8:ee:f3:e3:fe:48:43:40:84:
61:4a:de:f7:89:51:4d:29:16:82:66:16:03:68:79:
b7:b7:20:72:a9:98:82:98:54:4d:e3:ac:3c:19:df:
2d:d3:66:a1:47:67:35:2e:1f:2b:65:1d:bb:2c:4c:
84:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:70:D9:6A:8C:11:50:5C:60:AE:8F:47:CC:90:5D:A8:7B:5A:1A:ED
X509v3 Authority Key Identifier:
keyid:0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/4nDZaowRUFxgro9HzJBdqHtaGu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/CkjASBaqYfk14Upkw-u6kQumUfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.23.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b1:f7:a2:7d:85:ef:e1:6b:0e:5e:29:a0:c7:92:98:14:6e:
0f:ed:21:a3:66:a1:b7:76:7d:e9:05:8e:32:5f:67:e6:8f:29:
9d:4c:c6:8d:0e:43:3c:69:a8:78:7b:a5:1d:99:4c:b3:34:85:
a1:71:20:d9:11:3b:6d:5e:32:82:8b:90:44:1b:d0:a9:67:1d:
94:5e:b6:f3:89:e2:59:8a:02:34:0c:ae:ce:e8:81:ec:42:1b:
cf:66:e7:51:f6:ea:31:4d:ae:b4:43:b0:2e:b0:ad:7b:e6:55:
81:c9:22:e1:f9:37:0d:05:ce:37:55:c1:16:89:3d:17:b0:61:
89:a2:b4:de:c0:8f:28:42:15:43:62:75:00:2d:9b:d2:98:13:
b6:4f:82:99:ba:c7:47:a3:9a:6c:74:be:e4:81:9b:e0:9f:fa:
60:2a:a6:01:c8:38:03:a5:0f:cb:ad:3c:c9:f0:7d:03:1b:af:
22:2d:dc:36:2f:0c:b1:a7:5c:82:93:07:b1:ef:d8:73:8b:f7:
cc:0c:3a:0d:6f:24:51:e9:b7:49:6e:6b:f6:06:fe:ec:33:98:
fb:e0:be:80:94:3b:eb:87:f6:19:2e:0a:ce:f2:09:c7:88:25:
af:4e:14:88:bc:3c:a3:ce:21:b4:75:99:b9:4e:c9:43:a7:2c:
82:8b:35:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEQA6oOkJ642rELfpdKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDhjMDQ4MTZhYTYxZjkzNWUxNGE2NGMzZWJiYTkxMGJh
NjUxZjQwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjcwZDk2YThjMTE1MDVjNjBhZThmNDdjYzkwNWRhODdiNWExYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMqBczWFcGlbT7yqaRheXeT8uxMR
SwEUdJzZKVIQSsiDr+GsYSGDi+F9CunIjCSLaP+biKDOcR4dC2JYN1S3LKaCWedF
RkRGOyctr3tzUIC7GDK0LlTKi79JI3D/gqhepnS1fg37s/hznuoAWhdhV8VrS4pL
e+Tn3qhO//0AkSkG8V9J6wDrFHPWfcMZshKjNxFOOCQL/RN1nZZHLVEU1aoKZ1wZ
1IaqBKsz7hiw66XPKdx8e6LOBZuDnLAIWmnNhT9CFsJ3+gvI7vPj/khDQIRhSt73
iVFNKRaCZhYDaHm3tyByqZiCmFRN46w8Gd8t02ahR2c1Lh8rZR27LEyE9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJw2WqMEVBcYK6PR8yQXah7WhrtMB8GA1UdIwQY
MBaAFApIwEgWqmH5NeFKZMPrupELplH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEt
MzFhZWMwN2U5NDVhLzEvNG5EWmFvd1JVRnhncm85SHpKQmRxSHRhR3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEtMzFhZWMwN2U5NDVh
LzEvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8YXMA0G
CSqGSIb3DQEBCwUAA4IBAQBTsfeifYXv4WsOXimgx5KYFG4P7SGjZqG3dn3pBY4y
X2fmjymdTMaNDkM8aah4e6UdmUyzNIWhcSDZETttXjKCi5BEG9CpZx2UXrbzieJZ
igI0DK7O6IHsQhvPZudR9uoxTa60Q7AusK175lWBySLh+TcNBc43VcEWiT0XsGGJ
orTewI8oQhVDYnUALZvSmBO2T4KZusdHo5psdL7kgZvgn/pgKqYByDgDpQ/LrTzJ
8H0DG68iLdw2Lwyxp1yCkwex79hzi/fMDDoNbyRR6bdJbmv2Bv7sM5j74L6AlDvr
h/YZLgrO8gnHiCWvThSIvDyjziG0dZm5TslDpyyCizVL
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:23:33 2025 by rpki-client on console.sobornost.net