Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QzxlNdJVsbPT8RRR1ymvg_2j6hQ.roa
File: QzxlNdJVsbPT8RRR1ymvg_2j6hQ.roa (raw, json)
Hash identifier: bYf8OKQGjO4fWcu//a+oChe2jT+w6Lt4Popp4DPlN/s=
Subject key identifier: 43:3C:65:35:D2:55:B1:B3:D3:F1:14:51:D7:29:AF:83:FD:A3:EA:14
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018C71CB1ED435249D9CC22AD055B6A1F469
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QzxlNdJVsbPT8RRR1ymvg_2j6hQ.roa
Signing time: Sat 16 Dec 2023 08:43:06 +0000
ROA not before: Sat 16 Dec 2023 08:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.21.252.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:cb:1e:d4:35:24:9d:9c:c2:2a:d0:55:b6:a1:f4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 16 08:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433c6535d255b1b3d3f11451d729af83fda3ea14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:4d:58:50:51:3e:ca:89:d5:97:da:a7:2d:
58:3e:c2:36:ff:dd:51:7a:98:cb:8d:5b:47:10:98:
f5:2f:84:dd:10:eb:91:b5:cd:16:a3:32:91:37:07:
2a:10:69:ca:aa:87:3f:21:13:36:60:cb:e2:bf:dc:
26:1f:79:82:15:ca:25:98:b5:27:9a:af:ed:23:b7:
21:c7:29:cf:87:ee:57:d7:28:95:ea:ad:6d:55:ac:
71:06:4f:c5:3d:bd:f1:36:22:73:36:03:0b:80:c2:
f7:30:a2:eb:c7:16:95:0a:d3:7f:8d:a4:f1:46:ff:
36:ed:4d:cb:8e:07:6a:04:50:73:9b:49:c8:31:06:
cd:c7:5c:50:30:3a:2e:5c:bc:6f:8f:08:7c:da:14:
56:6d:54:cb:2c:43:8a:b5:07:15:56:02:0b:ba:3c:
cc:57:7a:cc:db:e7:88:93:96:dc:23:49:18:76:ea:
a3:a4:92:59:74:ed:43:97:8e:30:17:b5:41:6c:f9:
b0:ea:22:2f:ae:85:39:cf:f2:80:5e:18:57:f3:0b:
ab:82:c7:2a:16:5c:7c:18:80:aa:2c:18:fb:b4:b6:
3b:2d:8b:0e:0f:f5:1d:90:cd:26:14:d3:37:d5:7d:
2e:67:e7:37:99:8c:5d:d7:75:f8:4a:d5:d7:64:37:
56:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3C:65:35:D2:55:B1:B3:D3:F1:14:51:D7:29:AF:83:FD:A3:EA:14
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/QzxlNdJVsbPT8RRR1ymvg_2j6hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.204.0/24
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:06:1a:0c:38:0f:aa:2e:69:6c:d5:bc:1b:89:a7:bd:02:b3:
a9:97:b3:d2:53:52:f5:02:83:81:2c:95:bf:61:9f:e0:2d:c3:
1a:07:6c:15:b7:26:45:2a:21:5e:72:6a:64:71:4f:c4:0e:2c:
de:4c:42:f1:01:2f:a8:15:b9:33:78:a1:2f:a8:9c:e4:71:f2:
a9:1f:10:01:0b:50:d2:ba:0c:a8:83:8a:e0:43:4f:0f:4d:9a:
b5:b3:73:94:d1:fe:dd:93:74:db:e1:dd:a1:06:d8:f1:a1:ff:
2e:6b:63:4d:f8:a4:3f:04:98:f2:f9:01:91:ca:a3:17:19:c9:
73:d4:a1:1e:44:d9:e6:5a:b3:ec:ba:5a:b4:c3:a9:18:9d:ef:
aa:08:27:78:0e:ae:14:60:95:fc:4d:c2:ce:33:e7:eb:85:04:
4c:ab:39:c7:3e:eb:74:bb:60:28:a4:17:65:aa:e4:5b:ec:84:
87:22:c6:31:cb:8b:83:62:d6:a6:03:3c:4d:b3:dc:b9:78:67:
14:f2:25:45:86:e4:82:f6:1b:82:22:fe:e5:1e:bb:8d:78:a4:
88:3f:59:60:90:4d:de:20:ae:32:9d:45:2d:da:8d:1b:b1:39:
6c:5c:51:b8:56:ee:20:6c:e2:b1:e3:98:c2:99:2d:63:6f:33:
c5:61:70:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxxyx7UNSSdnMIq0FW2ofRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMjE2MDg0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNjNjUzNWQyNTViMWIzZDNmMTE0NTFkNzI5YWY4M2ZkYTNlYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2tNWFBRPsqJ1Zfapy1YPsI2/91R
epjLjVtHEJj1L4TdEOuRtc0WozKRNwcqEGnKqoc/IRM2YMviv9wmH3mCFcolmLUn
mq/tI7chxynPh+5X1yiV6q1tVaxxBk/FPb3xNiJzNgMLgML3MKLrxxaVCtN/jaTx
Rv827U3LjgdqBFBzm0nIMQbNx1xQMDouXLxvjwh82hRWbVTLLEOKtQcVVgILujzM
V3rM2+eIk5bcI0kYduqjpJJZdO1Dl44wF7VBbPmw6iIvroU5z/KAXhhX8wurgscq
Flx8GICqLBj7tLY7LYsOD/UdkM0mFNM31X0uZ+c3mYxd13X4StXXZDdW7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEM8ZTXSVbGz0/EUUdcpr4P9o+oUMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvUXp4bE5kSlZzYlBUOFJSUjF5bXZnXzJqNmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnMAwQA
uRX8MA0GCSqGSIb3DQEBCwUAA4IBAQCwBhoMOA+qLmls1bwbiae9ArOpl7PSU1L1
AoOBLJW/YZ/gLcMaB2wVtyZFKiFecmpkcU/EDizeTELxAS+oFbkzeKEvqJzkcfKp
HxABC1DSugyog4rgQ08PTZq1s3OU0f7dk3Tb4d2hBtjxof8ua2NN+KQ/BJjy+QGR
yqMXGclz1KEeRNnmWrPsulq0w6kYne+qCCd4Dq4UYJX8TcLOM+frhQRMqznHPut0
u2AopBdlquRb7ISHIsYxy4uDYtamAzxNs9y5eGcU8iVFhuSC9huCIv7lHruNeKSI
P1lgkE3eIK4ynUUt2o0bsTlsXFG4Vu4gbOKx45jCmS1jbzPFYXCM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:06 2025 by rpki-client