Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/qS4NQoySScwU3zHXzq6HsEt5IDs.roa
File: qS4NQoySScwU3zHXzq6HsEt5IDs.roa (raw, json)
Hash identifier: jlv4YTMjTvaq8qodzyyZpHbeudK0kBUwOoEXewAmNyo=
Subject key identifier: A9:2E:0D:42:8C:92:49:CC:14:DF:31:D7:CE:AE:87:B0:4B:79:20:3B
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 01942143F3CFCD03FEC829F7492511F3C64F
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/qS4NQoySScwU3zHXzq6HsEt5IDs.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47856
IP address blocks: 91.206.144.0/23 maxlen: 24
193.28.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f3:cf:cd:03:fe:c8:29:f7:49:25:11:f3:c6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a92e0d428c9249cc14df31d7ceae87b04b79203b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:be:72:64:ac:2a:4f:0f:93:69:70:5e:1a:50:
e3:c0:67:88:6f:63:7b:5e:c7:7d:26:19:86:5d:9c:
75:98:f5:15:6a:b8:87:a0:7e:df:ae:18:57:dd:0e:
67:a5:2f:48:66:db:5c:e6:32:cb:6e:40:82:c7:ec:
50:b8:b6:1e:18:0a:2c:3d:49:d6:29:80:9e:47:55:
b4:f3:e3:d4:f7:8c:00:3a:04:f6:4c:be:a3:c3:21:
0c:18:b8:8a:2a:0d:64:6e:28:90:fb:22:ec:1e:d3:
15:1c:d6:ba:46:e8:ea:cb:3d:45:b8:b3:32:27:e7:
87:ca:38:2c:d9:17:63:d8:64:03:1f:d9:e6:6e:c6:
92:80:3a:a7:d4:b6:3b:33:eb:af:43:a3:11:cf:06:
51:ec:83:6e:35:3f:39:6c:c7:80:2d:96:0c:d8:6d:
b4:98:fc:69:d4:5c:5d:66:57:2c:36:de:e3:c0:55:
33:2d:7f:2b:c4:33:6d:38:ce:c3:39:03:ea:ce:14:
9e:8c:f0:88:25:7a:2f:f7:53:ac:ea:8e:cb:f9:4e:
d2:b4:e2:03:29:29:23:ad:1d:2f:ec:74:da:54:04:
57:ab:d8:12:bc:22:7c:9f:83:3d:dd:88:ab:9f:29:
a2:5b:12:99:c0:8b:8f:84:f3:8d:c0:15:04:74:60:
c5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2E:0D:42:8C:92:49:CC:14:DF:31:D7:CE:AE:87:B0:4B:79:20:3B
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/qS4NQoySScwU3zHXzq6HsEt5IDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:ea:ad:6e:aa:fc:4a:02:b4:0c:8c:64:50:01:ad:d5:a2:7f:
0a:6a:db:d1:ac:a4:4d:f5:1d:3e:c9:17:0c:1c:2e:19:35:a9:
e9:21:79:9e:a0:e2:06:25:c6:e4:c6:5d:fb:1b:95:92:42:73:
4c:6c:4a:64:45:94:e0:2f:aa:fd:54:05:df:84:7b:f7:f3:b0:
8d:d7:e6:f3:f4:ed:01:12:f4:de:b9:e2:1e:8b:b4:4a:19:17:
35:9d:e8:a0:57:cf:5f:1e:43:d7:5c:57:e5:c9:62:d5:c9:74:
c2:2c:89:9f:e6:7b:1b:f0:ae:0d:c1:7e:71:49:27:ad:ce:6b:
e2:f8:10:5e:28:20:c3:0e:f6:80:cd:7b:45:2f:bf:c0:de:ed:
a1:bc:21:ed:3b:ac:9b:f0:03:3a:4a:01:31:1f:2a:3a:ec:44:
9f:50:d9:84:25:37:54:ef:46:24:68:32:53:29:c5:a3:a8:3a:
7b:eb:a8:6a:b9:35:49:41:91:f3:98:07:1b:04:10:1c:47:08:
9d:59:b3:a9:86:4f:5e:4d:f6:ef:fe:89:73:a0:1e:16:df:60:
15:80:40:a7:9a:8c:b6:fa:40:25:c7:74:87:ab:75:1e:5d:fb:
89:af:3b:c3:b6:87:be:4d:29:f3:a4:7d:0b:d6:40:d8:33:95:
70:73:2f:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ/PPzQP+yCn3SSUR88ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJlMGQ0MjhjOTI0OWNjMTRkZjMxZDdjZWFlODdiMDRiNzkyMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb5yZKwqTw+TaXBeGlDjwGeIb2N7
Xsd9JhmGXZx1mPUVariHoH7frhhX3Q5npS9IZttc5jLLbkCCx+xQuLYeGAosPUnW
KYCeR1W08+PU94wAOgT2TL6jwyEMGLiKKg1kbiiQ+yLsHtMVHNa6Rujqyz1FuLMy
J+eHyjgs2Rdj2GQDH9nmbsaSgDqn1LY7M+uvQ6MRzwZR7INuNT85bMeALZYM2G20
mPxp1FxdZlcsNt7jwFUzLX8rxDNtOM7DOQPqzhSejPCIJXov91Os6o7L+U7StOID
KSkjrR0v7HTaVARXq9gSvCJ8n4M93YirnymiWxKZwIuPhPONwBUEdGDFNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKkuDUKMkknMFN8x186uh7BLeSA7MB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvcVM0TlFveVNTY3dVM3pIWHpxNkhzRXQ1SURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86QAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQCd6q1uqvxKArQMjGRQAa3Von8KatvRrKRN
9R0+yRcMHC4ZNanpIXmeoOIGJcbkxl37G5WSQnNMbEpkRZTgL6r9VAXfhHv387CN
1+bz9O0BEvTeueIei7RKGRc1neigV89fHkPXXFflyWLVyXTCLImf5nsb8K4NwX5x
SSetzmvi+BBeKCDDDvaAzXtFL7/A3u2hvCHtO6yb8AM6SgExHyo67ESfUNmEJTdU
70YkaDJTKcWjqDp766hquTVJQZHzmAcbBBAcRwidWbOphk9eTfbv/olzoB4W32AV
gECnmoy2+kAlx3SHq3UeXfuJrzvDtoe+TSnzpH0L1kDYM5Vwcy8d
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:24:57 2025 by rpki-client