Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b96cee-9009-458b-aa60-b33a4097bcb0/1/4q5L0T8IzmyOi7UmyokrDZ0n7yo.roa
File: 4q5L0T8IzmyOi7UmyokrDZ0n7yo.roa (raw, json)
Hash identifier: rKsZoGXihCrThcqNeLgDUuHM1BM1DfS8QEjoysPba8A=
Subject key identifier: E2:AE:4B:D1:3F:08:CE:6C:8E:8B:B5:26:CA:89:2B:0D:9D:27:EF:2A
Certificate issuer: /CN=728627f95026514b42654058f49eeb9b7c48f020
Certificate serial: 019424B2DA941A2448417ADD8512BC6213A2
Authority key identifier: 72:86:27:F9:50:26:51:4B:42:65:40:58:F4:9E:EB:9B:7C:48:F0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/coYn-VAmUUtCZUBY9J7rm3xI8CA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b96cee-9009-458b-aa60-b33a4097bcb0/1/4q5L0T8IzmyOi7UmyokrDZ0n7yo.roa
Signing time: Thu 02 Jan 2025 01:48:08 +0000
ROA not before: Thu 02 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 91.240.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:da:94:1a:24:48:41:7a:dd:85:12:bc:62:13:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728627f95026514b42654058f49eeb9b7c48f020
Validity
Not Before: Jan 2 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2ae4bd13f08ce6c8e8bb526ca892b0d9d27ef2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b6:55:e2:f9:04:a0:5b:db:53:6f:79:09:b8:
3d:7d:1b:54:03:d1:03:7c:68:61:3e:64:6d:2a:0c:
56:c0:7b:b3:5a:59:6d:35:fe:e2:53:81:e4:74:bf:
3b:cf:b4:0f:5b:a2:a7:0c:48:c4:4a:62:cb:d1:85:
8a:4b:36:ee:58:51:36:dd:79:bd:04:f4:b1:40:62:
ce:d5:98:21:19:c1:a8:b0:c9:02:12:ba:1e:96:68:
76:97:36:47:ed:e0:37:6c:27:79:e6:cf:c1:c4:55:
91:96:22:f3:6e:3e:78:f9:27:3b:6b:3c:f6:4f:15:
30:28:89:58:02:bc:48:26:3b:fc:64:2c:4d:72:b7:
66:48:55:55:4f:a5:a3:70:82:bc:70:65:ac:81:8a:
f0:9b:14:26:95:2d:06:a3:52:29:3d:7b:68:a7:a1:
73:ce:3f:ba:19:82:f9:1e:34:71:d0:51:e5:9e:b3:
0c:58:96:86:2e:b8:46:91:3d:03:f8:f9:9d:8e:23:
f5:aa:8b:09:25:d2:e6:8f:88:a8:55:65:17:9b:fb:
4a:5e:a0:fc:6c:8d:45:c6:37:88:80:00:4e:48:74:
93:9e:ba:73:d0:cc:64:1e:23:8a:ac:10:f5:f2:42:
d4:6e:30:b7:f7:fa:10:04:62:1a:ef:15:92:3b:a3:
a3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AE:4B:D1:3F:08:CE:6C:8E:8B:B5:26:CA:89:2B:0D:9D:27:EF:2A
X509v3 Authority Key Identifier:
keyid:72:86:27:F9:50:26:51:4B:42:65:40:58:F4:9E:EB:9B:7C:48:F0:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coYn-VAmUUtCZUBY9J7rm3xI8CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b96cee-9009-458b-aa60-b33a4097bcb0/1/4q5L0T8IzmyOi7UmyokrDZ0n7yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b96cee-9009-458b-aa60-b33a4097bcb0/1/coYn-VAmUUtCZUBY9J7rm3xI8CA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.189.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cf:55:e5:f5:07:c0:10:18:c9:93:bb:8c:ac:b5:a4:93:09:
21:eb:43:05:e3:67:29:23:25:25:55:ba:ab:97:23:81:b5:7c:
bc:45:fe:c6:e8:26:36:75:e8:87:1e:28:bc:f1:09:f8:ba:ac:
eb:a2:25:28:64:9f:60:8e:6d:90:2f:98:72:f8:01:40:49:2d:
20:42:27:cc:ff:8a:2a:4a:e6:12:07:f2:a6:93:1c:5b:ac:bd:
71:a3:44:5e:46:99:27:44:16:d6:d0:47:3a:94:e6:11:1a:47:
6f:34:3e:3c:7b:46:b5:46:9c:bc:0b:6c:7d:8f:40:5a:90:9d:
da:43:fc:9d:b8:1e:65:78:6a:22:50:2a:aa:13:95:3e:f2:e4:
e5:59:b3:61:1a:cd:29:40:14:bd:83:3c:d0:6a:39:50:fb:f6:
ea:88:4b:dc:c3:aa:60:72:21:36:fc:95:b1:92:da:47:12:0a:
33:33:40:db:58:e6:f1:21:4e:22:60:14:48:38:84:47:90:20:
4f:31:01:18:be:83:8a:49:9e:bd:62:9f:e5:16:f2:5c:3b:bc:
c0:91:7f:62:ee:4d:32:b3:40:32:2d:a2:0e:ff:64:06:71:dd:
7a:fb:d0:dd:46:ae:e6:ef:77:ff:44:98:f9:59:26:d5:ad:67:
de:b0:e0:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkstqUGiRIQXrdhRK8YhOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODYyN2Y5NTAyNjUxNGI0MjY1NDA1OGY0OWVlYjliN2M0
OGYwMjAwHhcNMjUwMTAyMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFlNGJkMTNmMDhjZTZjOGU4YmI1MjZjYTg5MmIwZDlkMjdlZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7ZV4vkEoFvbU295Cbg9fRtUA9ED
fGhhPmRtKgxWwHuzWlltNf7iU4HkdL87z7QPW6KnDEjESmLL0YWKSzbuWFE23Xm9
BPSxQGLO1ZghGcGosMkCEroelmh2lzZH7eA3bCd55s/BxFWRliLzbj54+Sc7azz2
TxUwKIlYArxIJjv8ZCxNcrdmSFVVT6WjcIK8cGWsgYrwmxQmlS0Go1IpPXtop6Fz
zj+6GYL5HjRx0FHlnrMMWJaGLrhGkT0D+PmdjiP1qosJJdLmj4ioVWUXm/tKXqD8
bI1FxjeIgABOSHSTnrpz0MxkHiOKrBD18kLUbjC39/oQBGIa7xWSO6OjGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKuS9E/CM5sjou1JsqJKw2dJ+8qMB8GA1UdIwQY
MBaAFHKGJ/lQJlFLQmVAWPSe65t8SPAgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29Zbi1WQW1VVXRDWlVCWTlKN3JtM3hJOENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iOTZjZWUtOTAwOS00NThiLWFhNjAt
YjMzYTQwOTdiY2IwLzEvNHE1TDBUOEl6bXlPaTdVbXlva3JEWjBuN3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iOTZjZWUtOTAwOS00NThiLWFhNjAtYjMzYTQwOTdiY2Iw
LzEvY29Zbi1WQW1VVXRDWlVCWTlKN3JtM3hJOENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/C9MA0G
CSqGSIb3DQEBCwUAA4IBAQAkz1Xl9QfAEBjJk7uMrLWkkwkh60MF42cpIyUlVbqr
lyOBtXy8Rf7G6CY2deiHHii88Qn4uqzroiUoZJ9gjm2QL5hy+AFASS0gQifM/4oq
SuYSB/KmkxxbrL1xo0ReRpknRBbW0Ec6lOYRGkdvND48e0a1Rpy8C2x9j0BakJ3a
Q/yduB5leGoiUCqqE5U+8uTlWbNhGs0pQBS9gzzQajlQ+/bqiEvcw6pgciE2/JWx
ktpHEgozM0DbWObxIU4iYBRIOIRHkCBPMQEYvoOKSZ69Yp/lFvJcO7zAkX9i7k0y
s0AyLaIO/2QGcd16+9DdRq7m73f/RJj5WSbVrWfesODe
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:49:54 2025 by rpki-client