Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/t_X4QuW3--N3561kP8RWk8vRzAw.roa
File: t_X4QuW3--N3561kP8RWk8vRzAw.roa (raw, json)
Hash identifier: 2ahNsLwCOZ1nVC1o0aItVno4KD1+MsUZ68JOkj0O5Wo=
Subject key identifier: B7:F5:F8:42:E5:B7:FB:E3:77:E7:AD:64:3F:C4:56:93:CB:D1:CC:0C
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 01942143F226C7CD9293ACE4BD303B925722
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/t_X4QuW3--N3561kP8RWk8vRzAw.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14537
IP address blocks: 91.206.144.0/23 maxlen: 24
91.223.161.0/24 maxlen: 24
193.28.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f2:26:c7:cd:92:93:ac:e4:bd:30:3b:92:57:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7f5f842e5b7fbe377e7ad643fc45693cbd1cc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:e6:50:03:1a:dd:96:23:dc:b6:31:f7:dc:
b0:fa:47:83:80:76:4a:7e:f0:07:7b:ed:86:0a:90:
47:4f:ed:43:85:bb:c8:63:59:f5:24:e3:8d:dc:57:
c2:c7:a2:59:67:b0:2d:77:69:3d:60:d4:dc:d0:da:
f0:31:0a:16:62:0b:1c:87:ed:95:9b:00:9a:65:48:
f2:6b:31:bd:3b:3c:60:c7:07:39:c8:48:c8:2f:4e:
ca:4e:94:b3:e0:78:78:e3:46:e2:0e:50:73:ae:3c:
07:27:c2:86:b2:85:19:3a:57:4f:a1:96:76:ce:81:
16:e1:96:1d:ce:c6:30:5e:a5:22:fc:5d:66:65:b5:
66:36:59:0e:e7:63:2d:08:ad:3f:5e:ce:ae:6d:95:
22:e5:a0:1d:c4:4c:a7:70:eb:4a:3d:c9:1d:bb:2a:
23:56:e9:ed:39:a0:d3:30:77:b0:d4:5b:08:aa:70:
bc:6d:bc:19:5c:56:c7:5a:c6:4a:e3:81:46:21:47:
ee:25:55:d4:c8:51:15:19:50:0c:e9:06:50:a2:12:
3d:ba:31:32:c1:99:e4:dd:24:9b:cd:03:bd:b9:a8:
34:ee:61:7f:f5:be:16:a9:fc:7e:17:6c:c5:bc:f1:
bb:af:e1:56:64:1a:5c:1f:4a:eb:fe:de:cf:6e:a9:
76:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F5:F8:42:E5:B7:FB:E3:77:E7:AD:64:3F:C4:56:93:CB:D1:CC:0C
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/t_X4QuW3--N3561kP8RWk8vRzAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
91.223.161.0/24
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:82:b3:98:ea:29:57:e4:e3:fa:84:6a:ec:67:29:a0:06:e3:
f0:09:96:f2:7c:26:b5:e7:10:d2:2e:01:26:d1:17:1a:e1:4e:
70:43:aa:a3:c6:dc:bb:87:ad:25:ae:a7:f8:ea:7b:46:40:a6:
15:83:b9:04:98:b5:ac:ce:b9:fd:d2:e6:8c:ea:27:fc:b8:87:
18:3e:58:6b:9b:ff:0d:b6:93:d6:8f:69:cf:9c:f2:1c:09:a2:
8e:43:41:68:5f:f7:93:27:1f:37:08:bc:f0:91:7e:58:ac:2f:
ca:4c:dc:61:2e:45:f5:c7:44:1e:b7:e2:56:c6:68:6b:d7:45:
df:db:4e:c4:d2:8d:42:2a:74:64:2d:79:ed:b0:06:cf:f5:fe:
05:6b:ba:fe:df:a4:2b:5c:e7:5c:b6:f3:d6:4f:f7:96:76:9f:
83:66:09:06:34:61:7a:b2:7d:d1:5a:d3:e7:a3:b1:ce:c6:c8:
5b:27:ef:90:8b:4f:d4:a5:4c:c5:8a:a3:04:c1:76:f6:66:67:
d8:f9:8e:34:1c:7a:e6:75:0d:47:cc:44:4b:a7:ea:d2:22:07:
3f:8a:9c:74:2f:a5:ad:a4:02:94:b8:bb:2f:3c:19:9b:09:25:
eb:49:a5:77:2b:6e:cf:63:8c:51:35:6d:5f:d1:95:f5:41:d9:
38:e9:d2:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ/Imx82Sk6zkvTA7klciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y1Zjg0MmU1YjdmYmUzNzdlN2FkNjQzZmM0NTY5M2NiZDFjYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgLmUAMa3ZYj3LYx99yw+keDgHZK
fvAHe+2GCpBHT+1DhbvIY1n1JOON3FfCx6JZZ7Atd2k9YNTc0NrwMQoWYgsch+2V
mwCaZUjyazG9Ozxgxwc5yEjIL07KTpSz4Hh440biDlBzrjwHJ8KGsoUZOldPoZZ2
zoEW4ZYdzsYwXqUi/F1mZbVmNlkO52MtCK0/Xs6ubZUi5aAdxEyncOtKPckduyoj
VuntOaDTMHew1FsIqnC8bbwZXFbHWsZK44FGIUfuJVXUyFEVGVAM6QZQohI9ujEy
wZnk3SSbzQO9uag07mF/9b4Wqfx+F2zFvPG7r+FWZBpcH0rr/t7Pbql2AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLf1+ELlt/vjd+etZD/EVpPL0cwMMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvdF9YNFF1VzMtLU4zNTYxa1A4UldrOHZSekF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW86QAwQA
W9+hAwQAwRyfMA0GCSqGSIb3DQEBCwUAA4IBAQALgrOY6ilX5OP6hGrsZymgBuPw
CZbyfCa15xDSLgEm0Rca4U5wQ6qjxty7h60lrqf46ntGQKYVg7kEmLWszrn90uaM
6if8uIcYPlhrm/8NtpPWj2nPnPIcCaKOQ0FoX/eTJx83CLzwkX5YrC/KTNxhLkX1
x0Qet+JWxmhr10Xf207E0o1CKnRkLXntsAbP9f4Fa7r+36QrXOdctvPWT/eWdp+D
ZgkGNGF6sn3RWtPno7HOxshbJ++Qi0/UpUzFiqMEwXb2ZmfY+Y40HHrmdQ1HzERL
p+rSIgc/ipx0L6WtpAKUuLsvPBmbCSXrSaV3K27PY4xRNW1f0ZX1Qdk46dLV
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:23:50 2025 by rpki-client