Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q9QzP6IUcNXlEa0m-wVArsEfXkA.roa
File: Q9QzP6IUcNXlEa0m-wVArsEfXkA.roa (raw, json)
Hash identifier: 3a2bEHdODf3Xs4VOnMXjHR/n24nnKvrwHQRMCephAtU=
Subject key identifier: 43:D4:33:3F:A2:14:70:D5:E5:11:AD:26:FB:05:40:AE:C1:1F:5E:40
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266BF89FDA6ECE536669F296D0094FB1
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q9QzP6IUcNXlEa0m-wVArsEfXkA.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208384
IP address blocks: 85.202.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f8:9f:da:6e:ce:53:66:69:f2:96:d0:09:4f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43d4333fa21470d5e511ad26fb0540aec11f5e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0e:33:a2:ee:21:5a:c3:5d:72:fa:31:fe:5d:
1e:e0:f2:ec:8a:1c:41:41:08:e8:20:6f:2a:65:80:
32:97:f4:df:75:d6:6e:5a:49:f6:63:b1:af:37:28:
e3:33:29:ad:10:e7:7f:08:26:db:97:2c:8f:b9:9c:
b8:33:5d:78:99:10:26:be:af:54:68:06:d5:ee:5f:
d9:dc:1a:8e:67:a5:f3:8d:e2:16:77:48:a2:9c:5b:
b2:17:71:fc:15:d0:f5:2d:9c:26:94:fb:4b:dc:bb:
5f:ef:a4:7a:18:cd:44:aa:51:c8:ab:2e:31:99:1c:
c1:2d:78:1f:b5:b1:cd:62:9b:cd:d7:ef:3e:4c:96:
10:b3:3c:ec:04:24:74:94:0c:1e:1c:d9:cd:08:b0:
c1:03:f8:7e:f1:e2:00:03:a5:59:6f:08:92:46:05:
47:19:2b:29:e7:aa:7a:10:33:af:1d:df:f6:7d:44:
c9:a8:62:6b:c0:e4:2a:5f:87:41:53:11:de:60:3a:
a8:d7:86:44:3c:2e:86:44:7f:b8:d5:2e:61:f9:fe:
c9:b0:68:7e:ad:51:3f:5d:cd:16:22:f9:bb:8d:c5:
42:b7:97:9d:27:30:27:94:ac:34:4d:1b:52:b4:17:
ff:c0:19:24:4e:8f:a4:73:4a:34:e4:53:8a:d6:80:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D4:33:3F:A2:14:70:D5:E5:11:AD:26:FB:05:40:AE:C1:1F:5E:40
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q9QzP6IUcNXlEa0m-wVArsEfXkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.55.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b0:95:24:ab:91:ec:65:ad:5a:15:43:97:50:ea:f6:96:7b:
51:f3:a5:3c:5d:27:e6:13:02:de:02:a9:8d:c5:30:9b:88:e0:
cc:28:00:de:f7:80:05:68:82:8d:ae:72:cd:4e:49:33:f2:a0:
77:e6:16:c8:e3:59:fb:e9:91:c2:a7:08:a0:97:e4:b1:97:0b:
4c:cd:56:6a:8a:f7:ef:d5:ae:80:77:49:f2:ae:3d:ad:12:f1:
ae:b3:f1:70:26:73:d5:d2:01:34:78:39:54:af:43:93:22:75:
ce:5f:04:f6:87:ae:15:fc:3b:ba:30:49:4c:a4:e5:cb:66:92:
7f:7d:c4:87:4e:80:d9:a6:36:9e:38:e8:37:f7:04:86:39:b2:
ce:7d:41:aa:6b:c8:14:ed:4d:84:f1:89:ed:9c:e0:92:46:1b:
22:dc:4c:77:23:8c:4c:fa:49:a3:8d:0c:a8:61:75:71:06:74:
96:9f:f7:31:43:f6:5a:24:df:ad:0b:96:95:fa:61:9e:20:01:
41:8f:d5:7d:ad:15:b1:f5:95:77:d1:3f:f5:b5:41:95:aa:8e:
b7:62:42:78:09:a0:c3:c0:e5:b9:67:47:f5:86:a8:ae:5b:94:
71:36:67:9a:b8:96:d2:ee:13:60:24:66:d8:3b:2f:71:5e:a1:
e5:76:8e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/if2m7OU2Zp8pbQCU+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q0MzMzZmEyMTQ3MGQ1ZTUxMWFkMjZmYjA1NDBhZWMxMWY1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg4zou4hWsNdcvox/l0e4PLsihxB
QQjoIG8qZYAyl/TfddZuWkn2Y7GvNyjjMymtEOd/CCbblyyPuZy4M114mRAmvq9U
aAbV7l/Z3BqOZ6XzjeIWd0iinFuyF3H8FdD1LZwmlPtL3Ltf76R6GM1EqlHIqy4x
mRzBLXgftbHNYpvN1+8+TJYQszzsBCR0lAweHNnNCLDBA/h+8eIAA6VZbwiSRgVH
GSsp56p6EDOvHd/2fUTJqGJrwOQqX4dBUxHeYDqo14ZEPC6GRH+41S5h+f7JsGh+
rVE/Xc0WIvm7jcVCt5edJzAnlKw0TRtStBf/wBkkTo+kc0o05FOK1oBCPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPUMz+iFHDV5RGtJvsFQK7BH15AMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvUTlRelA2SVVjTlhsRWEwbS13VkFyc0VmWGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVco3MA0G
CSqGSIb3DQEBCwUAA4IBAQAXsJUkq5HsZa1aFUOXUOr2lntR86U8XSfmEwLeAqmN
xTCbiODMKADe94AFaIKNrnLNTkkz8qB35hbI41n76ZHCpwigl+SxlwtMzVZqivfv
1a6Ad0nyrj2tEvGus/FwJnPV0gE0eDlUr0OTInXOXwT2h64V/Du6MElMpOXLZpJ/
fcSHToDZpjaeOOg39wSGObLOfUGqa8gU7U2E8YntnOCSRhsi3Ex3I4xM+kmjjQyo
YXVxBnSWn/cxQ/ZaJN+tC5aV+mGeIAFBj9V9rRWx9ZV30T/1tUGVqo63YkJ4CaDD
wOW5Z0f1hqiuW5RxNmeauJbS7hNgJGbYOy9xXqHldo6n
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:31:41 2025 by rpki-client