Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/995449-a905-4e06-b839-7c3bddc2978a/1/qdrDiBktURajjlk4oiqN9piQBiA.roa
File: qdrDiBktURajjlk4oiqN9piQBiA.roa (raw, json)
Hash identifier: XK33AjhLnejYmOacprLZoYaTNO5MSW3e9jm0PB6V7KI=
Subject key identifier: A9:DA:C3:88:19:2D:51:16:A3:8E:59:38:A2:2A:8D:F6:98:90:06:20
Certificate issuer: /CN=66fb7727d64a518c7cd485e4823ee78a9e291008
Certificate serial: 019420D5C4451ABC8422699804E5753E81B5
Authority key identifier: 66:FB:77:27:D6:4A:51:8C:7C:D4:85:E4:82:3E:E7:8A:9E:29:10:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zvt3J9ZKUYx81IXkgj7nip4pEAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/995449-a905-4e06-b839-7c3bddc2978a/1/qdrDiBktURajjlk4oiqN9piQBiA.roa
Signing time: Wed 01 Jan 2025 07:47:47 +0000
ROA not before: Wed 01 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44066
IP address blocks: 5.154.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c4:45:1a:bc:84:22:69:98:04:e5:75:3e:81:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66fb7727d64a518c7cd485e4823ee78a9e291008
Validity
Not Before: Jan 1 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9dac388192d5116a38e5938a22a8df698900620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:ee:ef:56:65:af:80:ad:12:54:13:b8:fc:
62:07:89:f5:b5:d6:45:29:1b:ef:af:af:82:97:a9:
a6:83:0f:65:80:fb:cc:2f:91:a3:11:b3:c9:9c:bc:
b0:e6:f7:5e:80:d0:8d:d5:e3:5a:5e:df:33:88:f5:
1d:ac:af:65:3a:a1:13:8f:52:6b:61:48:47:24:85:
33:df:9e:37:52:ef:db:5e:87:47:75:fa:b2:37:6c:
a1:b1:20:c5:56:d0:1f:84:57:c9:01:75:71:ee:69:
31:89:1e:f5:f7:fb:d4:b6:0a:f4:97:b7:af:64:3d:
a8:ab:17:df:72:0b:67:a7:7a:94:d2:29:c8:ed:7f:
8a:0c:e8:ce:e4:f7:f6:9c:90:5f:97:6b:77:69:a0:
b5:61:8b:de:7f:f0:1a:f1:f6:e9:59:b2:95:22:19:
00:9c:37:58:e3:f3:74:b2:7a:bc:fc:e4:5f:ce:ca:
63:93:a2:5b:de:b6:9a:40:46:85:48:be:20:5f:e4:
03:dd:aa:8b:3f:88:08:c5:6e:0b:cf:ad:20:a8:46:
d7:7c:63:9e:f1:3b:e2:3e:79:06:ed:91:60:f1:5f:
77:db:fc:a3:66:de:0d:58:0c:38:0a:93:22:c5:c7:
f3:3d:e8:06:62:ee:9d:ec:fa:5a:f6:cd:a1:67:05:
af:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DA:C3:88:19:2D:51:16:A3:8E:59:38:A2:2A:8D:F6:98:90:06:20
X509v3 Authority Key Identifier:
keyid:66:FB:77:27:D6:4A:51:8C:7C:D4:85:E4:82:3E:E7:8A:9E:29:10:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zvt3J9ZKUYx81IXkgj7nip4pEAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/995449-a905-4e06-b839-7c3bddc2978a/1/qdrDiBktURajjlk4oiqN9piQBiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/995449-a905-4e06-b839-7c3bddc2978a/1/Zvt3J9ZKUYx81IXkgj7nip4pEAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.181.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:99:76:68:68:19:ce:22:b7:b1:47:a2:23:b5:86:e4:7d:ac:
6b:3e:71:7c:79:ce:94:64:df:63:c2:11:9f:bb:df:92:06:b2:
71:a5:21:24:71:d2:27:0a:1e:f9:5a:c8:70:30:b9:df:95:12:
c6:73:4f:7e:2d:dd:ec:69:f0:29:c0:27:b7:5b:17:29:54:74:
72:a6:7f:9c:04:64:6e:04:ce:53:ad:e2:26:a8:d7:f6:61:99:
f1:27:3f:4e:6c:16:5f:0e:6c:3d:95:b7:34:57:f3:f3:7f:72:
3e:c5:ce:2c:af:a6:45:b7:15:41:2a:b7:5e:1a:a7:5b:d5:fa:
f2:d0:65:00:81:b3:12:7d:24:b1:02:a8:8e:7e:95:f8:fe:53:
1f:c0:83:98:ec:a0:7d:fd:db:25:df:31:d4:f0:71:7d:c5:34:
64:76:70:68:54:f5:90:3c:6c:72:51:c3:5c:e1:d3:4b:6b:94:
3d:f6:9b:ef:62:1e:cb:e4:4d:d3:15:c0:9d:88:a2:58:18:3d:
3c:71:1b:d5:85:e1:3f:c7:e9:8f:23:e8:13:91:dc:b1:6f:93:
f0:9f:83:7a:87:fb:ed:2d:41:5e:b8:2d:c9:76:bb:cd:5f:05:
0f:57:ee:45:6c:1f:18:48:dc:df:9e:5b:af:90:a4:20:16:75:
66:77:de:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1cRFGryEImmYBOV1PoG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmI3NzI3ZDY0YTUxOGM3Y2Q0ODVlNDgyM2VlNzhhOWUy
OTEwMDgwHhcNMjUwMTAxMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRhYzM4ODE5MmQ1MTE2YTM4ZTU5MzhhMjJhOGRmNjk4OTAwNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP3u71Zlr4CtElQTuPxiB4n1tdZF
KRvvr6+Cl6mmgw9lgPvML5GjEbPJnLyw5vdegNCN1eNaXt8ziPUdrK9lOqETj1Jr
YUhHJIUz3543Uu/bXodHdfqyN2yhsSDFVtAfhFfJAXVx7mkxiR719/vUtgr0l7ev
ZD2oqxffcgtnp3qU0inI7X+KDOjO5Pf2nJBfl2t3aaC1YYvef/Aa8fbpWbKVIhkA
nDdY4/N0snq8/ORfzspjk6Jb3raaQEaFSL4gX+QD3aqLP4gIxW4Lz60gqEbXfGOe
8TviPnkG7ZFg8V932/yjZt4NWAw4CpMixcfzPegGYu6d7Ppa9s2hZwWvfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnaw4gZLVEWo45ZOKIqjfaYkAYgMB8GA1UdIwQY
MBaAFGb7dyfWSlGMfNSF5II+54qeKRAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZ0M0o5WktVWXg4MUlYa2dqN25pcDRwRUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85OTU0NDktYTkwNS00ZTA2LWI4Mzkt
N2MzYmRkYzI5NzhhLzEvcWRyRGlCa3RVUmFqamxrNG9pcU45cGlRQmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85OTU0NDktYTkwNS00ZTA2LWI4MzktN2MzYmRkYzI5Nzhh
LzEvWnZ0M0o5WktVWXg4MUlYa2dqN25pcDRwRUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZq1MA0G
CSqGSIb3DQEBCwUAA4IBAQC0mXZoaBnOIrexR6IjtYbkfaxrPnF8ec6UZN9jwhGf
u9+SBrJxpSEkcdInCh75WshwMLnflRLGc09+Ld3safApwCe3WxcpVHRypn+cBGRu
BM5TreImqNf2YZnxJz9ObBZfDmw9lbc0V/Pzf3I+xc4sr6ZFtxVBKrdeGqdb1fry
0GUAgbMSfSSxAqiOfpX4/lMfwIOY7KB9/dsl3zHU8HF9xTRkdnBoVPWQPGxyUcNc
4dNLa5Q99pvvYh7L5E3TFcCdiKJYGD08cRvVheE/x+mPI+gTkdyxb5Pwn4N6h/vt
LUFeuC3JdrvNXwUPV+5FbB8YSNzfnluvkKQgFnVmd97o
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:51:10 2025 by rpki-client