Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/TqtHjEwEgPXdT8pg7HJGWpoB6aI.roa
File: TqtHjEwEgPXdT8pg7HJGWpoB6aI.roa (raw, json)
Hash identifier: JiojTj7/u167MnISfmEDzN29ADgR4Ig1J4bZKyBHw7g=
Subject key identifier: 4E:AB:47:8C:4C:04:80:F5:DD:4F:CA:60:EC:72:46:5A:9A:01:E9:A2
Certificate issuer: /CN=f11a9a44557d46ff2d8088a228885aff000dc2a2
Certificate serial: 019423D7185829AE0ADE040CDEB261614E3B
Authority key identifier: F1:1A:9A:44:55:7D:46:FF:2D:80:88:A2:28:88:5A:FF:00:0D:C2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8RqaRFV9Rv8tgIiiKIha_wANwqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/TqtHjEwEgPXdT8pg7HJGWpoB6aI.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48398
IP address blocks: 91.209.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:18:58:29:ae:0a:de:04:0c:de:b2:61:61:4e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f11a9a44557d46ff2d8088a228885aff000dc2a2
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eab478c4c0480f5dd4fca60ec72465a9a01e9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9f:e2:4a:93:d4:59:2a:67:c9:24:0e:38:8a:
58:23:6e:05:bb:2b:a1:f0:28:8e:14:4b:19:78:a0:
a1:7d:64:66:87:1e:75:c5:9e:d8:4a:6f:af:dc:8a:
61:ed:78:37:73:f8:e7:45:85:59:a9:81:9c:73:59:
98:44:89:0f:f5:fd:77:9e:cd:8e:4e:d0:7e:ad:dd:
2c:5a:d6:f5:2c:d5:c1:91:36:28:6f:19:f7:ae:99:
df:88:2b:40:1d:e4:ee:c2:29:97:35:f3:5f:a0:8b:
1b:1d:bb:92:b2:2f:89:71:20:89:df:38:59:a9:33:
3a:a7:72:86:d1:85:67:c2:b8:7c:19:93:90:31:18:
02:84:bf:da:57:cf:38:a0:f4:06:b9:9e:0b:7e:ee:
f6:06:01:ee:53:de:66:6a:e4:c0:b6:17:90:e0:bb:
aa:23:d0:81:e8:c7:ac:bc:51:76:15:26:a5:c1:55:
26:7b:41:dd:c1:45:d0:9a:a5:24:ed:c2:a6:bf:ea:
61:48:51:09:4e:86:44:88:93:bd:7c:3c:47:f9:c6:
99:a3:98:97:36:87:26:fb:7a:9e:d3:8d:37:bb:35:
41:c1:93:6d:f1:f1:96:7f:cc:43:aa:e5:0c:68:f6:
55:5b:7c:25:13:9c:5f:5f:91:2a:12:34:cf:7d:19:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AB:47:8C:4C:04:80:F5:DD:4F:CA:60:EC:72:46:5A:9A:01:E9:A2
X509v3 Authority Key Identifier:
keyid:F1:1A:9A:44:55:7D:46:FF:2D:80:88:A2:28:88:5A:FF:00:0D:C2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8RqaRFV9Rv8tgIiiKIha_wANwqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/TqtHjEwEgPXdT8pg7HJGWpoB6aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/8RqaRFV9Rv8tgIiiKIha_wANwqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.145.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ad:ac:69:ec:35:db:dc:c5:79:b0:14:d4:f2:1b:f6:62:d1:
c4:7e:4b:75:f0:89:b7:cc:55:44:da:4e:ca:94:1a:29:97:b1:
69:fe:cc:fa:9d:8f:e1:19:76:53:61:d1:e3:2f:78:bb:28:ef:
97:1e:ff:f7:ad:1e:21:93:22:ab:07:a2:49:c1:5d:a5:9d:42:
4a:ab:03:d0:47:1f:da:20:dc:5c:d6:08:7f:8a:65:ef:95:05:
04:af:f8:3d:04:f0:e8:0d:60:e0:80:10:f1:e1:c9:0a:54:6a:
89:2e:48:b2:a9:1d:be:1a:78:f0:4a:c6:f8:bc:59:a1:be:a5:
4a:03:f7:14:7d:ee:f1:f9:a0:65:5a:a6:25:21:c9:4f:a0:d5:
8b:27:5c:81:7a:0b:13:fd:ca:55:10:99:dd:2a:c7:a9:f0:2e:
04:12:2d:7b:6c:25:89:e4:4e:ea:70:29:9b:94:55:59:02:12:
50:4d:f8:96:e3:7a:da:22:05:0a:d4:14:b2:44:18:c5:d6:23:
5d:77:d2:0b:59:2a:dd:23:41:2b:f2:3a:86:24:69:fd:e4:be:
72:77:33:a8:72:75:cb:56:ef:36:8b:3b:50:e7:a7:d5:d7:50:
d6:7c:bd:27:d0:3c:f1:72:f0:62:ec:7f:e5:d1:75:a8:43:40:
3a:68:da:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xhYKa4K3gQM3rJhYU47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWE5YTQ0NTU3ZDQ2ZmYyZDgwODhhMjI4ODg1YWZmMDAw
ZGMyYTIwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWFiNDc4YzRjMDQ4MGY1ZGQ0ZmNhNjBlYzcyNDY1YTlhMDFlOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip/iSpPUWSpnySQOOIpYI24Fuyuh
8CiOFEsZeKChfWRmhx51xZ7YSm+v3Iph7Xg3c/jnRYVZqYGcc1mYRIkP9f13ns2O
TtB+rd0sWtb1LNXBkTYobxn3rpnfiCtAHeTuwimXNfNfoIsbHbuSsi+JcSCJ3zhZ
qTM6p3KG0YVnwrh8GZOQMRgChL/aV884oPQGuZ4Lfu72BgHuU95mauTAtheQ4Luq
I9CB6MesvFF2FSalwVUme0HdwUXQmqUk7cKmv+phSFEJToZEiJO9fDxH+caZo5iX
Nocm+3qe0403uzVBwZNt8fGWf8xDquUMaPZVW3wlE5xfX5EqEjTPfRnR/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6rR4xMBID13U/KYOxyRlqaAemiMB8GA1UdIwQY
MBaAFPEamkRVfUb/LYCIoiiIWv8ADcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFJxYVJGVjlSdjh0Z0lpaUtJaGFfd0FOd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wN2U0YjItNmIzOC00YmMwLWE2ODAt
YTYwYmM3ZDA3ODc4LzEvVHF0SGpFd0VnUFhkVDhwZzdISkdXcG9CNmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wN2U0YjItNmIzOC00YmMwLWE2ODAtYTYwYmM3ZDA3ODc4
LzEvOFJxYVJGVjlSdjh0Z0lpaUtJaGFfd0FOd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GRMA0G
CSqGSIb3DQEBCwUAA4IBAQADraxp7DXb3MV5sBTU8hv2YtHEfkt18Im3zFVE2k7K
lBopl7Fp/sz6nY/hGXZTYdHjL3i7KO+XHv/3rR4hkyKrB6JJwV2lnUJKqwPQRx/a
INxc1gh/imXvlQUEr/g9BPDoDWDggBDx4ckKVGqJLkiyqR2+GnjwSsb4vFmhvqVK
A/cUfe7x+aBlWqYlIclPoNWLJ1yBegsT/cpVEJndKsep8C4EEi17bCWJ5E7qcCmb
lFVZAhJQTfiW43raIgUK1BSyRBjF1iNdd9ILWSrdI0Er8jqGJGn95L5ydzOocnXL
Vu82iztQ56fV11DWfL0n0DzxcvBi7H/l0XWoQ0A6aNqU
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:32:43 2025 by rpki-client