Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qql2Dd6nGeZGDfzACGtc5cGGRbU.roa
File: qql2Dd6nGeZGDfzACGtc5cGGRbU.roa (raw, json)
Hash identifier: o6Y378FVthB5vpYq+EQxjlcG8qC6aY8F81ZTdZjihp0=
Subject key identifier: AA:A9:76:0D:DE:A7:19:E6:46:0D:FC:C0:08:6B:5C:E5:C1:86:45:B5
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194244489C179BE211C2E6957349E055803
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qql2Dd6nGeZGDfzACGtc5cGGRbU.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23961
IP address blocks: 194.104.146.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:89:c1:79:be:21:1c:2e:69:57:34:9e:05:58:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaa9760ddea719e6460dfcc0086b5ce5c18645b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:22:aa:2f:69:27:ee:68:36:e2:cc:96:6e:8c:
45:56:0f:bb:90:35:61:b1:49:39:ef:f4:31:13:51:
40:4d:11:bb:6e:8e:27:98:cc:c2:10:d6:34:8f:21:
76:da:84:d2:e0:d4:6f:08:62:c5:6e:98:3f:5e:e1:
1a:88:40:f3:06:b4:31:88:c7:84:09:86:74:1f:d9:
ac:45:f4:92:7c:26:7e:06:c5:ff:95:22:b5:af:7f:
e1:a2:4b:ab:00:d7:da:67:e6:f0:2d:14:23:bc:76:
bf:2c:ae:34:59:35:0e:a1:3c:16:09:0e:46:3c:73:
33:34:0f:7e:7f:f4:ae:fa:5c:b5:f7:65:2d:19:5f:
06:a2:aa:14:af:57:29:15:1c:0b:07:78:4f:a0:ec:
29:a9:b5:58:6b:53:50:04:cf:a3:6e:83:72:3c:cb:
78:f0:48:e2:db:bb:41:1f:63:5b:a0:88:8b:a7:4f:
94:1b:58:6c:a6:11:71:e2:b8:88:e6:8d:66:27:c6:
92:4b:41:46:d8:fe:5b:0f:11:f7:16:ca:7d:62:ac:
67:ea:3f:79:83:b3:a4:3e:49:a0:e2:3d:ae:33:15:
13:23:71:ea:50:db:b2:99:0f:2a:54:b7:dc:24:48:
02:31:3c:42:b6:6e:8c:11:a4:b6:07:ea:21:e1:a9:
87:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A9:76:0D:DE:A7:19:E6:46:0D:FC:C0:08:6B:5C:E5:C1:86:45:B5
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qql2Dd6nGeZGDfzACGtc5cGGRbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.146.0/23
Signature Algorithm: sha256WithRSAEncryption
83:d0:12:1d:30:f5:3b:d4:c0:0f:08:1f:b9:97:39:6d:ae:96:
48:94:3f:ad:a0:af:e4:7c:b2:d4:a9:cf:47:55:c9:74:2b:69:
63:72:79:5a:09:18:82:c9:ce:15:8b:10:10:b2:a5:90:b6:9e:
34:40:7f:3c:6a:91:08:95:b0:0a:f8:4a:70:48:0a:c4:69:6e:
cb:64:18:12:e0:80:62:cf:8d:84:80:5f:97:14:7b:71:41:3a:
d6:75:4c:33:e3:76:34:83:61:29:a9:60:68:fd:09:85:fc:6c:
66:ae:97:e9:23:4b:1a:16:f6:30:0c:56:23:2e:3d:e8:a4:10:
e7:37:b0:25:6c:f0:ee:57:c7:93:9a:a2:ba:d5:88:7b:21:22:
23:cf:ba:65:4e:a4:bf:5a:61:0d:ad:71:da:86:86:6b:bb:79:
96:48:6f:02:73:28:86:30:dd:f5:23:0f:9e:b1:4b:40:e4:da:
98:eb:72:63:da:e8:14:15:b8:88:1c:dd:b9:fb:a7:47:0c:e9:
97:ca:a6:d8:6d:36:d8:55:2e:17:f0:7f:38:49:ac:37:7f:d6:
66:07:ff:e7:6b:6d:df:1c:09:12:7c:86:a6:52:0c:9e:e7:2c:
d6:93:cc:a8:6c:1f:af:a7:9c:a2:bc:12:94:0b:42:2e:79:78:
0d:07:0d:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRInBeb4hHC5pVzSeBVgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE5NzYwZGRlYTcxOWU2NDYwZGZjYzAwODZiNWNlNWMxODY0NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSKqL2kn7mg24syWboxFVg+7kDVh
sUk57/QxE1FATRG7bo4nmMzCENY0jyF22oTS4NRvCGLFbpg/XuEaiEDzBrQxiMeE
CYZ0H9msRfSSfCZ+BsX/lSK1r3/hokurANfaZ+bwLRQjvHa/LK40WTUOoTwWCQ5G
PHMzNA9+f/Su+ly192UtGV8GoqoUr1cpFRwLB3hPoOwpqbVYa1NQBM+jboNyPMt4
8Eji27tBH2NboIiLp0+UG1hsphFx4riI5o1mJ8aSS0FG2P5bDxH3Fsp9Yqxn6j95
g7OkPkmg4j2uMxUTI3HqUNuymQ8qVLfcJEgCMTxCtm6MEaS2B+oh4amH7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqpdg3epxnmRg38wAhrXOXBhkW1MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcXFsMkRkNm5HZVpHRGZ6QUNHdGM1Y0dHUmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmiSMA0G
CSqGSIb3DQEBCwUAA4IBAQCD0BIdMPU71MAPCB+5lzltrpZIlD+toK/kfLLUqc9H
Vcl0K2ljcnlaCRiCyc4VixAQsqWQtp40QH88apEIlbAK+EpwSArEaW7LZBgS4IBi
z42EgF+XFHtxQTrWdUwz43Y0g2EpqWBo/QmF/GxmrpfpI0saFvYwDFYjLj3opBDn
N7AlbPDuV8eTmqK61Yh7ISIjz7plTqS/WmENrXHahoZru3mWSG8CcyiGMN31Iw+e
sUtA5NqY63Jj2ugUFbiIHN25+6dHDOmXyqbYbTbYVS4X8H84Saw3f9ZmB//na23f
HAkSfIamUgye5yzWk8yobB+vp5yivBKUC0IueXgNBw2B
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:19:34 2025 by rpki-client