Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/91b994-2186-4d2b-b065-e86fff93f45d/1/QOsoDDzE2ufJorNRF7vrLppBjZI.roa
File: QOsoDDzE2ufJorNRF7vrLppBjZI.roa (raw, json)
Hash identifier: fHVneKRvI/gKsCi1tf45/HVfXiMRdMYJLFW5hZLpBag=
Subject key identifier: 40:EB:28:0C:3C:C4:DA:E7:C9:A2:B3:51:17:BB:EB:2E:9A:41:8D:92
Certificate issuer: /CN=16d15539c01121066eafe95be3401dfa44407785
Certificate serial: 019422FBAE5D91A5FE28C28F2638D58B9EA0
Authority key identifier: 16:D1:55:39:C0:11:21:06:6E:AF:E9:5B:E3:40:1D:FA:44:40:77:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FtFVOcARIQZur-lb40Ad-kRAd4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/91b994-2186-4d2b-b065-e86fff93f45d/1/QOsoDDzE2ufJorNRF7vrLppBjZI.roa
Signing time: Wed 01 Jan 2025 17:48:26 +0000
ROA not before: Wed 01 Jan 2025 17:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200428
IP address blocks: 217.20.254.0/24 maxlen: 24
2a13::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ae:5d:91:a5:fe:28:c2:8f:26:38:d5:8b:9e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d15539c01121066eafe95be3401dfa44407785
Validity
Not Before: Jan 1 17:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40eb280c3cc4dae7c9a2b35117bbeb2e9a418d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:ca:cf:04:1b:34:a2:4b:0b:89:20:c3:bd:
2c:33:f9:b5:10:d1:7d:5b:b9:c3:a6:83:37:6e:31:
be:9e:79:b0:32:38:8d:f3:71:7c:5a:c5:68:c4:94:
40:a7:f1:d1:94:de:a5:5d:e7:96:74:81:25:2f:16:
f4:89:2d:53:f4:1f:6e:c3:03:ce:e9:ca:b0:43:b1:
21:68:5a:d5:f4:a4:37:88:ae:a4:72:23:f8:f7:c6:
b7:ea:8a:81:b1:77:e3:b2:19:21:8b:33:88:3c:68:
d1:7a:8e:99:25:dc:72:af:87:7f:2d:d4:63:89:b7:
58:c9:fb:15:b1:b7:b4:17:5d:92:89:06:cf:e8:a0:
6f:65:7b:ad:c8:20:b0:74:a5:a3:21:ea:91:39:88:
ff:1f:54:be:e5:d4:95:b4:fc:a1:54:f3:05:c3:73:
91:30:04:6d:62:03:69:2a:c2:51:d0:e8:4d:a7:0b:
2c:72:d5:3e:f6:e3:8b:61:4b:62:fb:a9:23:1d:e3:
db:e1:ac:8a:02:66:3b:56:90:95:47:34:3a:97:0f:
87:43:92:3f:cb:fb:61:6a:67:ab:89:68:f3:c3:57:
c6:ef:9e:7a:31:92:c7:ad:47:57:a9:d5:81:3b:dc:
36:77:fc:ed:58:ce:67:00:85:87:a3:b5:cf:0d:d4:
6f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EB:28:0C:3C:C4:DA:E7:C9:A2:B3:51:17:BB:EB:2E:9A:41:8D:92
X509v3 Authority Key Identifier:
keyid:16:D1:55:39:C0:11:21:06:6E:AF:E9:5B:E3:40:1D:FA:44:40:77:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FtFVOcARIQZur-lb40Ad-kRAd4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/91b994-2186-4d2b-b065-e86fff93f45d/1/QOsoDDzE2ufJorNRF7vrLppBjZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/91b994-2186-4d2b-b065-e86fff93f45d/1/FtFVOcARIQZur-lb40Ad-kRAd4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.254.0/24
IPv6:
2a13::/29
Signature Algorithm: sha256WithRSAEncryption
9a:36:18:b2:77:5f:ed:a4:c6:64:ff:24:5e:d2:71:b9:11:fc:
23:19:b8:90:d6:cb:3a:df:c6:6b:f6:5a:d4:74:65:29:91:c8:
10:51:ff:fb:6b:3b:e6:82:5e:eb:3e:04:10:6b:48:19:a3:cb:
2f:ab:cc:63:31:8d:41:65:82:90:02:14:f7:d8:fc:ad:36:3c:
6a:0d:73:37:63:2f:a5:3d:62:0c:27:f2:73:af:0a:c5:a9:b8:
c8:91:c1:7e:32:38:e8:7f:1e:20:bf:92:84:98:de:3a:9a:c4:
d5:17:c8:8f:b4:fb:ca:29:37:6f:18:14:d7:fe:2e:da:ca:ae:
c9:44:02:dd:f6:73:af:22:bc:52:11:56:df:e6:db:87:1b:b5:
88:4a:91:a6:e2:14:0d:b4:c0:bc:29:bf:b8:24:1b:c5:7c:a9:
aa:ce:d1:c5:fa:2f:34:16:47:1c:a2:35:01:c7:5e:c6:82:21:
0e:6a:37:18:cd:a9:e7:25:5c:9c:3f:1f:20:2c:a1:85:34:ef:
39:02:ed:48:1c:9c:3c:07:14:29:a3:d8:60:df:5f:99:e0:ee:
ff:03:8e:ce:ea:3e:5c:5c:29:01:e7:27:23:17:a9:45:6e:e8:
ed:f5:0d:86:57:4c:5a:d4:42:2e:68:77:87:c4:f0:30:92:58:
a9:06:1c:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+65dkaX+KMKPJjjVi56gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDE1NTM5YzAxMTIxMDY2ZWFmZTk1YmUzNDAxZGZhNDQ0
MDc3ODUwHhcNMjUwMTAxMTc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGViMjgwYzNjYzRkYWU3YzlhMmIzNTExN2JiZWIyZTlhNDE4ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJzKzwQbNKJLC4kgw70sM/m1ENF9
W7nDpoM3bjG+nnmwMjiN83F8WsVoxJRAp/HRlN6lXeeWdIElLxb0iS1T9B9uwwPO
6cqwQ7EhaFrV9KQ3iK6kciP498a36oqBsXfjshkhizOIPGjReo6ZJdxyr4d/LdRj
ibdYyfsVsbe0F12SiQbP6KBvZXutyCCwdKWjIeqROYj/H1S+5dSVtPyhVPMFw3OR
MARtYgNpKsJR0OhNpwssctU+9uOLYUti+6kjHePb4ayKAmY7VpCVRzQ6lw+HQ5I/
y/thameriWjzw1fG7556MZLHrUdXqdWBO9w2d/ztWM5nAIWHo7XPDdRvqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDrKAw8xNrnyaKzURe76y6aQY2SMB8GA1UdIwQY
MBaAFBbRVTnAESEGbq/pW+NAHfpEQHeFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRGVk9jQVJJUVp1ci1sYjQwQWQta1JBZDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85MWI5OTQtMjE4Ni00ZDJiLWIwNjUt
ZTg2ZmZmOTNmNDVkLzEvUU9zb0REekUydWZKb3JOUkY3dnJMcHBCalpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85MWI5OTQtMjE4Ni00ZDJiLWIwNjUtZTg2ZmZmOTNmNDVk
LzEvRnRGVk9jQVJJUVp1ci1sYjQwQWQta1JBZDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RT+MA0E
AgACMAcDBQMqEwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCaNhiyd1/tpMZk/yRe0nG5
EfwjGbiQ1ss638Zr9lrUdGUpkcgQUf/7azvmgl7rPgQQa0gZo8svq8xjMY1BZYKQ
AhT32PytNjxqDXM3Yy+lPWIMJ/JzrwrFqbjIkcF+Mjjofx4gv5KEmN46msTVF8iP
tPvKKTdvGBTX/i7ayq7JRALd9nOvIrxSEVbf5tuHG7WISpGm4hQNtMC8Kb+4JBvF
fKmqztHF+i80FkccojUBx17GgiEOajcYzannJVycPx8gLKGFNO85Au1IHJw8BxQp
o9hg31+Z4O7/A47O6j5cXCkB5ycjF6lFbujt9Q2GV0xa1EIuaHeHxPAwklipBhyn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:11 2025 by rpki-client