Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QStspCqWw0ZSHOZjdqZf_3fY8VY.roa
File: QStspCqWw0ZSHOZjdqZf_3fY8VY.roa (raw, json)
Hash identifier: nDi99bMsdLZkrIHRePzV/d4L3zEXW8UrgXPGhFcgFzc=
Subject key identifier: 41:2B:6C:A4:2A:96:C3:46:52:1C:E6:63:76:A6:5F:FF:77:D8:F1:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195D7C42298E39DF0C60A764CC54085E685
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QStspCqWw0ZSHOZjdqZf_3fY8VY.roa
Signing time: Thu 27 Mar 2025 13:21:50 +0000
ROA not before: Thu 27 Mar 2025 13:21:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211277
IP address blocks: 93.123.20.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:c4:22:98:e3:9d:f0:c6:0a:76:4c:c5:40:85:e6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 27 13:21:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=412b6ca42a96c346521ce66376a65fff77d8f156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7b:77:84:0c:2a:0b:94:4c:b8:f4:a0:5c:70:
be:f3:c8:83:df:c2:52:ac:c0:8b:aa:9f:a3:a9:e0:
6a:f9:a1:22:92:9e:09:08:96:cc:69:b9:bc:8a:d2:
91:a1:9e:3a:7a:91:3a:7f:d1:3d:a2:e7:9a:fe:4f:
6a:a9:d4:02:37:3b:a2:77:43:f7:ad:42:5a:dc:ed:
36:98:c6:59:52:fb:1c:00:77:09:be:4f:5b:5a:46:
70:da:b4:35:13:7b:07:d5:eb:b1:ca:59:37:b0:a7:
9a:88:14:74:06:56:86:86:af:42:82:18:2d:c6:02:
a3:16:16:68:b8:e4:0a:fb:6e:b9:8d:1e:7a:10:a7:
a2:cb:d0:61:e6:dd:33:3d:67:f2:0c:97:a4:45:56:
39:66:ae:0f:a0:58:13:f1:d4:af:6e:53:3c:ff:3f:
f9:15:12:84:13:cf:db:66:a2:ac:a5:bb:56:ee:e4:
de:e0:0d:39:75:2e:f6:71:76:f5:16:ad:4d:07:3c:
3a:6e:96:87:50:fb:b1:b4:58:43:dc:45:91:a2:4d:
40:6e:7d:82:51:6c:a6:a6:b9:b5:e3:5e:2a:d9:2b:
26:99:c0:52:c5:3d:02:ef:58:55:83:00:77:c2:a6:
28:ed:d6:54:a0:58:70:b0:4e:2c:3e:ca:bf:c5:e0:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2B:6C:A4:2A:96:C3:46:52:1C:E6:63:76:A6:5F:FF:77:D8:F1:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QStspCqWw0ZSHOZjdqZf_3fY8VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.20.0/24
Signature Algorithm: sha256WithRSAEncryption
01:20:dd:4a:9b:20:8e:85:9e:09:e3:f0:4d:d7:24:86:a0:0f:
5d:44:fd:7d:25:89:1b:10:e1:79:e6:ad:2f:c5:d2:80:06:a8:
af:04:8c:3c:32:32:9b:55:65:3e:49:74:b8:f7:15:96:c2:47:
f5:35:51:b9:47:b8:5e:fa:90:a7:93:f8:aa:8a:90:fd:75:77:
75:6e:6a:af:17:82:d3:d2:80:d9:81:18:df:a2:ca:75:fc:7a:
98:e4:30:2c:f2:11:a1:f0:1d:ef:71:e1:5f:3a:f2:d2:a2:09:
fb:73:db:0a:61:da:ac:a6:9a:57:b8:c8:a4:7d:3d:d4:21:59:
f6:46:2e:10:38:bc:9f:1c:a4:5c:6b:4a:2d:ac:d5:56:c7:a7:
9e:fd:83:86:16:25:15:53:75:ee:88:a6:a7:18:bd:4e:55:68:
8d:20:ae:cd:50:56:cf:33:3c:ff:ee:77:6c:1d:af:2c:08:e4:
ac:fb:08:30:04:6e:c8:16:a6:a4:59:c5:6d:88:3f:c9:66:99:
9c:44:03:d5:63:94:e1:85:f1:be:47:9f:d5:4d:06:8b:d7:c2:
f8:dc:fa:9e:4c:da:75:61:62:3d:84:13:b2:33:42:ef:15:57:
79:63:c7:5e:4b:45:dc:cd:9b:7a:da:7d:14:39:b2:23:9a:72:
42:ff:4d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXXxCKY453wxgp2TMVAheaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzI3MTMyMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJiNmNhNDJhOTZjMzQ2NTIxY2U2NjM3NmE2NWZmZjc3ZDhmMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHt3hAwqC5RMuPSgXHC+88iD38JS
rMCLqp+jqeBq+aEikp4JCJbMabm8itKRoZ46epE6f9E9ouea/k9qqdQCNzuid0P3
rUJa3O02mMZZUvscAHcJvk9bWkZw2rQ1E3sH1euxylk3sKeaiBR0BlaGhq9Cghgt
xgKjFhZouOQK+265jR56EKeiy9Bh5t0zPWfyDJekRVY5Zq4PoFgT8dSvblM8/z/5
FRKEE8/bZqKspbtW7uTe4A05dS72cXb1Fq1NBzw6bpaHUPuxtFhD3EWRok1Abn2C
UWymprm1414q2SsmmcBSxT0C71hVgwB3wqYo7dZUoFhwsE4sPsq/xeDzMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEErbKQqlsNGUhzmY3amX/932PFWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUVN0c3BDcVd3MFpTSE9aamRxWmZfM2ZZOFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXsUMA0G
CSqGSIb3DQEBCwUAA4IBAQABIN1KmyCOhZ4J4/BN1ySGoA9dRP19JYkbEOF55q0v
xdKABqivBIw8MjKbVWU+SXS49xWWwkf1NVG5R7he+pCnk/iqipD9dXd1bmqvF4LT
0oDZgRjfosp1/HqY5DAs8hGh8B3vceFfOvLSogn7c9sKYdqspppXuMikfT3UIVn2
Ri4QOLyfHKRca0otrNVWx6ee/YOGFiUVU3XuiKanGL1OVWiNIK7NUFbPMzz/7nds
Ha8sCOSs+wgwBG7IFqakWcVtiD/JZpmcRAPVY5ThhfG+R5/VTQaL18L43PqeTNp1
YWI9hBOyM0LvFVd5Y8deS0XczZt62n0UObIjmnJC/01Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:44:47 2025 by rpki-client