Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/QEBRn3jAI_lp2ryrgLPg_-qD0_w.roa
File: QEBRn3jAI_lp2ryrgLPg_-qD0_w.roa (raw, json)
Hash identifier: 4DrVU+ddF+HESS/HTUefXV0kpzIAWWdGYlZL3aihd10=
Subject key identifier: 40:40:51:9F:78:C0:23:F9:69:DA:BC:AB:80:B3:E0:FF:EA:83:D3:FC
Certificate issuer: /CN=9be4717112fec119f6cfcace7cc4434fb47df8f5
Certificate serial: 0194228E39FA07470011785F64ECDCF0ABF9
Authority key identifier: 9B:E4:71:71:12:FE:C1:19:F6:CF:CA:CE:7C:C4:43:4F:B4:7D:F8:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-RxcRL-wRn2z8rOfMRDT7R9-PU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/QEBRn3jAI_lp2ryrgLPg_-qD0_w.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60509
IP address blocks: 91.240.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:39:fa:07:47:00:11:78:5f:64:ec:dc:f0:ab:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be4717112fec119f6cfcace7cc4434fb47df8f5
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4040519f78c023f969dabcab80b3e0ffea83d3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:03:e6:e1:ac:57:69:4f:20:a7:81:bd:3e:7c:
3b:a5:f8:59:ef:3c:c5:55:55:30:cd:5f:5b:e0:f7:
10:a6:7f:be:b4:ff:60:de:bf:d6:d6:bb:f2:89:34:
9f:ee:74:6d:d4:dc:bb:68:e1:e6:7d:83:15:26:34:
2b:31:cf:1f:36:74:81:43:da:83:03:39:c0:18:7c:
cc:bf:fb:11:f6:db:ef:aa:ed:12:af:a0:d1:2b:b8:
35:00:3a:6d:6a:9e:71:99:7d:00:7b:a8:25:bb:5f:
d7:84:2d:cd:a2:7c:9f:ee:ad:00:88:86:c0:39:2c:
76:59:30:4a:b0:6c:c6:e3:ac:7c:39:e5:b6:e3:62:
2b:fd:f8:59:3a:2f:d6:87:34:08:93:d5:0d:aa:df:
f3:79:7c:f2:bc:cf:39:e5:aa:83:dc:3d:a1:c9:88:
be:7b:2e:94:8f:df:d8:bb:31:c0:1b:08:a2:82:55:
7b:ed:ee:6b:33:7c:f1:b4:80:e5:4b:33:16:7f:12:
98:b3:b6:dd:93:ca:5e:6d:3a:bf:74:17:93:9d:ee:
bb:56:4d:63:ee:84:eb:7b:84:b1:7a:ca:f4:45:ab:
bb:d6:0c:83:62:fb:f8:2a:ff:09:2c:77:5c:2e:db:
34:ab:23:db:51:ac:10:a5:e6:b8:4c:0d:7d:3c:23:
d5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:40:51:9F:78:C0:23:F9:69:DA:BC:AB:80:B3:E0:FF:EA:83:D3:FC
X509v3 Authority Key Identifier:
keyid:9B:E4:71:71:12:FE:C1:19:F6:CF:CA:CE:7C:C4:43:4F:B4:7D:F8:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-RxcRL-wRn2z8rOfMRDT7R9-PU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/QEBRn3jAI_lp2ryrgLPg_-qD0_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9606f6-da02-4bb8-b3e4-f03ac59b5a97/1/m-RxcRL-wRn2z8rOfMRDT7R9-PU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a6:08:33:43:dd:fe:bd:9f:43:a8:ea:c2:45:a4:7c:93:2d:
4b:d3:29:5f:76:0a:4b:c5:37:34:cf:22:33:52:e4:49:44:7c:
4c:c2:c9:e8:5c:70:e7:e0:4d:c1:8e:5a:a9:9a:a4:5e:5d:4a:
a0:b9:40:22:f5:9f:a6:28:6f:bb:90:0b:16:41:f2:91:d5:f3:
60:3c:07:29:67:4e:61:2e:f5:8f:f4:aa:00:cb:18:6d:6d:39:
98:d7:08:67:30:35:2a:46:9b:db:58:e3:fd:41:d3:85:a1:05:
c3:ba:ce:68:a4:3a:77:fe:92:21:96:9c:f0:8b:13:a0:41:b3:
d4:c4:70:b0:37:4f:86:28:45:59:21:01:a4:b1:05:8e:c4:c4:
d6:a6:61:7c:05:69:4c:df:a6:78:e3:05:fa:f4:0d:0d:16:92:
d3:d3:9b:99:d8:27:92:45:0b:c5:20:58:66:49:08:ab:d2:6a:
5c:6d:2a:fc:3c:eb:d4:40:03:4e:75:69:61:f9:c4:3e:55:c9:
2d:78:e3:6f:cf:b8:74:c9:99:a6:a6:98:45:08:49:3a:5b:e0:
43:11:c0:25:1b:f5:e9:86:c7:52:dc:13:75:fa:22:ed:b1:60:
ad:c3:67:af:e3:0a:b0:49:0e:2d:99:54:cf:4c:cb:ae:7b:ad:
e3:c2:ff:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjn6B0cAEXhfZOzc8Kv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTQ3MTcxMTJmZWMxMTlmNmNmY2FjZTdjYzQ0MzRmYjQ3
ZGY4ZjUwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQwNTE5Zjc4YzAyM2Y5NjlkYWJjYWI4MGIzZTBmZmVhODNkM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwPm4axXaU8gp4G9Pnw7pfhZ7zzF
VVUwzV9b4PcQpn++tP9g3r/W1rvyiTSf7nRt1Ny7aOHmfYMVJjQrMc8fNnSBQ9qD
AznAGHzMv/sR9tvvqu0Sr6DRK7g1ADptap5xmX0Ae6glu1/XhC3Nonyf7q0AiIbA
OSx2WTBKsGzG46x8OeW242Ir/fhZOi/WhzQIk9UNqt/zeXzyvM855aqD3D2hyYi+
ey6Uj9/YuzHAGwiiglV77e5rM3zxtIDlSzMWfxKYs7bdk8pebTq/dBeTne67Vk1j
7oTre4Sxesr0Rau71gyDYvv4Kv8JLHdcLts0qyPbUawQpea4TA19PCPV0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBAUZ94wCP5adq8q4Cz4P/qg9P8MB8GA1UdIwQY
MBaAFJvkcXES/sEZ9s/KznzEQ0+0ffj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1SeGNSTC13Um4yejhyT2ZNUkRUN1I5LVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjA2ZjYtZGEwMi00YmI4LWIzZTQt
ZjAzYWM1OWI1YTk3LzEvUUVCUm4zakFJX2xwMnJ5cmdMUGdfLXFEMF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjA2ZjYtZGEwMi00YmI4LWIzZTQtZjAzYWM1OWI1YTk3
LzEvbS1SeGNSTC13Um4yejhyT2ZNUkRUN1I5LVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/AEMA0G
CSqGSIb3DQEBCwUAA4IBAQALpggzQ93+vZ9DqOrCRaR8ky1L0ylfdgpLxTc0zyIz
UuRJRHxMwsnoXHDn4E3BjlqpmqReXUqguUAi9Z+mKG+7kAsWQfKR1fNgPAcpZ05h
LvWP9KoAyxhtbTmY1whnMDUqRpvbWOP9QdOFoQXDus5opDp3/pIhlpzwixOgQbPU
xHCwN0+GKEVZIQGksQWOxMTWpmF8BWlM36Z44wX69A0NFpLT05uZ2CeSRQvFIFhm
SQir0mpcbSr8POvUQANOdWlh+cQ+VckteONvz7h0yZmmpphFCEk6W+BDEcAlG/Xp
hsdS3BN1+iLtsWCtw2ev4wqwSQ4tmVTPTMuue63jwv8a
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:36:55 2025 by rpki-client