Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QLB6fjkGt6X5op9lpA-V1O0-Wpc.roa
File: QLB6fjkGt6X5op9lpA-V1O0-Wpc.roa (raw, json)
Hash identifier: fwWsc1C1lIzXU2zKyCBQRiWLcB8CfkQobKHkgAgbvHI=
Subject key identifier: 40:B0:7A:7E:39:06:B7:A5:F9:A2:9F:65:A4:0F:95:D4:ED:3E:5A:97
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D4AAC7467C559F07CB08ED8103E7C23A9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QLB6fjkGt6X5op9lpA-V1O0-Wpc.roa
Signing time: Sat 27 Jan 2024 11:27:12 +0000
ROA not before: Sat 27 Jan 2024 11:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.200.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4a:ac:74:67:c5:59:f0:7c:b0:8e:d8:10:3e:7c:23:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 27 11:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b07a7e3906b7a5f9a29f65a40f95d4ed3e5a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5d:7d:35:3e:d6:18:82:0b:04:05:ca:70:c4:
ef:75:9b:54:45:e4:59:cd:a8:51:fb:ea:02:7d:7c:
c3:3b:e7:44:03:a3:14:08:25:7a:a3:47:ac:14:95:
9e:e2:80:50:be:25:79:50:99:38:8b:81:66:33:9d:
74:80:b2:c4:fa:44:61:50:1e:cc:de:2c:f3:4a:52:
6d:23:35:02:59:8e:dc:1e:58:a2:36:92:9c:48:f7:
ae:7d:94:e9:fa:30:05:53:bf:68:d9:e1:bf:e9:b3:
53:95:92:b4:d0:25:3c:0e:78:1d:2a:ba:e5:4e:01:
b9:46:d6:30:40:7b:36:7d:6b:bc:26:f7:72:79:51:
c5:95:9a:b4:41:ce:62:bd:bc:d3:57:28:ef:8d:66:
07:92:d6:61:9c:1b:f0:48:06:d9:34:04:ad:28:d1:
4a:d2:b0:86:fd:81:0f:4c:de:d3:73:ee:f8:59:65:
04:f1:39:51:d0:3b:71:ae:f7:ee:52:1c:0f:79:cb:
05:d6:be:df:23:75:f5:db:9b:42:e6:a2:ee:cd:ae:
51:17:1d:7f:d1:62:af:49:7f:4c:9f:4b:d4:40:64:
8d:3a:15:92:87:e3:49:1f:1f:62:ee:65:4d:76:79:
c8:3f:8c:d1:fa:1b:35:eb:ff:78:9f:de:ea:d3:10:
e3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B0:7A:7E:39:06:B7:A5:F9:A2:9F:65:A4:0F:95:D4:ED:3E:5A:97
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QLB6fjkGt6X5op9lpA-V1O0-Wpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/23
Signature Algorithm: sha256WithRSAEncryption
d3:c1:e6:cd:f0:0c:e2:13:29:bd:0c:c5:b8:14:5e:3a:a9:0b:
35:1e:a3:79:60:f3:0e:aa:00:95:54:1e:c5:91:78:78:6a:a7:
a9:f5:2d:32:b2:68:52:3e:72:3c:d8:aa:fd:cb:1f:e3:24:35:
7e:08:7f:0d:76:4c:58:8c:90:c4:68:b9:a5:c7:53:fa:02:28:
bb:21:c4:ad:78:52:83:d8:2b:28:10:6e:57:3e:ad:bd:32:fe:
03:dc:b2:4f:68:76:9d:e1:7d:31:52:27:93:c4:09:fd:49:60:
5b:6a:0e:14:90:d5:96:ca:ee:69:40:ed:1c:b4:9d:62:5b:51:
83:56:74:af:c3:39:dc:c6:f7:e0:c2:be:c9:74:03:7c:81:4f:
ea:47:d9:d8:7e:43:27:43:4b:12:b2:fd:82:06:17:f2:f5:8c:
90:39:a9:89:fb:03:67:31:46:f7:55:76:eb:f1:74:e4:ab:4a:
c8:a3:39:45:e3:7d:ca:e7:88:a3:67:a6:5f:cd:0c:f3:37:df:
c1:78:61:69:d6:5b:22:10:37:e4:50:c0:c2:ee:03:36:ae:cf:
ef:94:1a:b3:c7:cf:31:a2:b4:ff:b5:16:a9:16:42:3b:d1:51:
86:53:60:06:69:7e:b8:88:cf:bb:2c:80:71:fd:04:80:b6:b6:
66:74:1e:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1KrHRnxVnwfLCO2BA+fCOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTI3MTEyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIwN2E3ZTM5MDZiN2E1ZjlhMjlmNjVhNDBmOTVkNGVkM2U1YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV19NT7WGIILBAXKcMTvdZtUReRZ
zahR++oCfXzDO+dEA6MUCCV6o0esFJWe4oBQviV5UJk4i4FmM510gLLE+kRhUB7M
3izzSlJtIzUCWY7cHliiNpKcSPeufZTp+jAFU79o2eG/6bNTlZK00CU8DngdKrrl
TgG5RtYwQHs2fWu8JvdyeVHFlZq0Qc5ivbzTVyjvjWYHktZhnBvwSAbZNAStKNFK
0rCG/YEPTN7Tc+74WWUE8TlR0DtxrvfuUhwPecsF1r7fI3X125tC5qLuza5RFx1/
0WKvSX9Mn0vUQGSNOhWSh+NJHx9i7mVNdnnIP4zR+hs16/94n97q0xDjjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECwen45Brel+aKfZaQPldTtPlqXMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvUUxCNmZqa0d0Nlg1b3A5bHBBLVYxTzAtV3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfnIMA0G
CSqGSIb3DQEBCwUAA4IBAQDTwebN8AziEym9DMW4FF46qQs1HqN5YPMOqgCVVB7F
kXh4aqep9S0ysmhSPnI82Kr9yx/jJDV+CH8NdkxYjJDEaLmlx1P6Aii7IcSteFKD
2CsoEG5XPq29Mv4D3LJPaHad4X0xUieTxAn9SWBbag4UkNWWyu5pQO0ctJ1iW1GD
VnSvwzncxvfgwr7JdAN8gU/qR9nYfkMnQ0sSsv2CBhfy9YyQOamJ+wNnMUb3VXbr
8XTkq0rIozlF433K54ijZ6ZfzQzzN9/BeGFp1lsiEDfkUMDC7gM2rs/vlBqzx88x
orT/tRapFkI70VGGU2AGaX64iM+7LIBx/QSAtrZmdB5T
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:34 2025 by rpki-client