Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/Q_I8HxiX3lGIrlrBfXUpFTkjJ9U.roa
File: Q_I8HxiX3lGIrlrBfXUpFTkjJ9U.roa (raw, json)
Hash identifier: bxl6bOXuniXtabrOs3e/TUn7hg5RGTPfDQ1z8I9ZILU=
Subject key identifier: 43:F2:3C:1F:18:97:DE:51:88:AE:5A:C1:7D:75:29:15:39:23:27:D5
Certificate issuer: /CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Certificate serial: 019427487718F420EAE619F7C82A2D83E701
Authority key identifier: 40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/Q_I8HxiX3lGIrlrBfXUpFTkjJ9U.roa
Signing time: Thu 02 Jan 2025 13:50:47 +0000
ROA not before: Thu 02 Jan 2025 13:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 92.60.64.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:77:18:f4:20:ea:e6:19:f7:c8:2a:2d:83:e7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Validity
Not Before: Jan 2 13:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43f23c1f1897de5188ae5ac17d752915392327d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e3:4b:19:0d:7e:59:c8:8e:19:29:02:57:a6:
ee:23:8a:9d:ad:fe:07:9f:4d:20:a8:71:45:89:c2:
7f:d3:01:a5:df:92:64:44:2c:8e:76:b5:e5:d3:97:
6c:5c:25:95:69:7a:e4:8f:7f:a9:a8:86:c3:87:1c:
f8:b9:a8:71:5a:07:a3:38:d6:3d:8f:62:cc:d1:5c:
d6:e4:de:87:7c:8c:77:c4:de:4e:75:a7:5b:b8:80:
83:4f:c9:9c:88:82:43:52:88:08:0d:7e:e9:7a:d0:
ff:ca:33:eb:d7:8e:d7:dc:eb:37:8b:aa:a0:7d:e1:
cf:cb:41:ad:04:3c:73:77:1b:43:92:4c:aa:cf:b4:
11:dd:ea:5c:ad:43:9c:f2:68:b0:7d:6c:53:4d:c5:
e6:22:3b:33:19:c8:af:ab:b9:67:5a:e3:68:1e:1d:
0b:40:1b:b9:04:1d:81:a5:fd:0a:4a:6a:b9:4f:4a:
04:bb:11:7d:26:9e:ed:c7:a5:8b:3e:db:26:f9:f4:
f0:ca:4e:94:17:ab:55:29:b3:a9:22:2c:cd:28:f4:
ad:c7:cc:f5:ab:77:59:e1:69:c9:d6:f9:62:c1:57:
24:06:2c:d9:37:0b:2d:92:86:79:b1:40:c2:0f:a8:
63:f3:6c:0c:ce:49:3f:16:a5:f8:f6:c1:f9:64:a0:
62:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F2:3C:1F:18:97:DE:51:88:AE:5A:C1:7D:75:29:15:39:23:27:D5
X509v3 Authority Key Identifier:
keyid:40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/Q_I8HxiX3lGIrlrBfXUpFTkjJ9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.64.0/23
Signature Algorithm: sha256WithRSAEncryption
90:c0:4a:18:46:7f:01:7a:fa:b4:3d:0c:4e:6a:0a:3a:05:54:
a2:09:54:53:34:1f:58:30:dc:75:38:bd:39:a1:01:ac:ec:7a:
b2:08:37:5b:3e:d9:bf:ec:f7:44:23:cd:c5:0a:79:88:2a:6e:
1c:1a:36:c7:5d:49:cc:e5:1a:75:97:c8:a3:cb:20:8d:e2:b8:
fa:d8:d2:11:e3:df:bf:f2:e2:23:ec:5e:83:fe:76:42:c5:3d:
18:cc:b2:a4:12:16:99:da:0e:8a:0a:30:a9:4c:50:a4:83:18:
74:12:75:97:13:50:cf:e5:52:36:b6:c5:ce:0d:e4:6f:90:5f:
c5:17:0f:7e:fe:d9:0b:22:64:ea:94:6f:18:eb:07:33:38:30:
58:b8:79:b4:c4:ce:9d:e1:0b:05:62:68:33:45:42:de:ac:06:
26:4d:33:c5:40:39:db:53:8f:c8:8e:78:be:f9:9a:81:3b:2a:
54:33:6d:6d:db:c6:e0:88:9d:7c:a6:86:4c:70:c9:f4:df:ae:
4e:2c:77:50:48:5c:ae:9a:2c:7e:28:50:50:ac:cc:1b:e5:6b:
b0:ab:8c:54:e9:bb:b6:6a:8c:8b:a0:e4:2b:6b:3a:b6:50:43:
99:b9:db:18:32:53:2b:a6:2a:fe:95:4d:ac:b6:3f:e8:c6:e9:
51:be:93:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSHcY9CDq5hn3yCotg+cBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZGRlNzFiNDFiZmZiMWI1MTZlMDdiMGM2MTM5MWJkZjRk
M2JmMTEwHhcNMjUwMTAyMTM1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2YyM2MxZjE4OTdkZTUxODhhZTVhYzE3ZDc1MjkxNTM5MjMyN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuNLGQ1+WciOGSkCV6buI4qdrf4H
n00gqHFFicJ/0wGl35JkRCyOdrXl05dsXCWVaXrkj3+pqIbDhxz4uahxWgejONY9
j2LM0VzW5N6HfIx3xN5OdadbuICDT8mciIJDUogIDX7petD/yjPr147X3Os3i6qg
feHPy0GtBDxzdxtDkkyqz7QR3epcrUOc8miwfWxTTcXmIjszGcivq7lnWuNoHh0L
QBu5BB2Bpf0KSmq5T0oEuxF9Jp7tx6WLPtsm+fTwyk6UF6tVKbOpIizNKPStx8z1
q3dZ4WnJ1vliwVckBizZNwstkoZ5sUDCD6hj82wMzkk/FqX49sH5ZKBiRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPyPB8Yl95RiK5awX11KRU5IyfVMB8GA1UdIwQY
MBaAFEDd5xtBv/sbUW4HsMYTkb30078RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYt
MmJhZGNlNDY2ODUzLzEvUV9JOEh4aVgzbEdJcmxyQmZYVXBGVGtqSjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYtMmJhZGNlNDY2ODUz
LzEvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXDxAMA0G
CSqGSIb3DQEBCwUAA4IBAQCQwEoYRn8Bevq0PQxOago6BVSiCVRTNB9YMNx1OL05
oQGs7HqyCDdbPtm/7PdEI83FCnmIKm4cGjbHXUnM5Rp1l8ijyyCN4rj62NIR49+/
8uIj7F6D/nZCxT0YzLKkEhaZ2g6KCjCpTFCkgxh0EnWXE1DP5VI2tsXODeRvkF/F
Fw9+/tkLImTqlG8Y6wczODBYuHm0xM6d4QsFYmgzRULerAYmTTPFQDnbU4/Ijni+
+ZqBOypUM21t28bgiJ18poZMcMn0365OLHdQSFyumix+KFBQrMwb5Wuwq4xU6bu2
aoyLoOQrazq2UEOZudsYMlMrpir+lU2stj/oxulRvpNI
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:57:02 2025 by rpki-client