Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/qmXW-w1rOs9lPsPALOyCE6g51h4.roa
File: qmXW-w1rOs9lPsPALOyCE6g51h4.roa (raw, json)
Hash identifier: K2Qh7BBFx9SvbRK+6Jn3KlqgczKD9dK1qmccXKjfFZI=
Subject key identifier: AA:65:D6:FB:0D:6B:3A:CF:65:3E:C3:C0:2C:EC:82:13:A8:39:D6:1E
Certificate issuer: /CN=f651dc9875e35ec580c571fd0416f4d5f5d4158a
Certificate serial: 018866BAC46D9B0B3C56AA5CEB0642500570
Authority key identifier: F6:51:DC:98:75:E3:5E:C5:80:C5:71:FD:04:16:F4:D5:F5:D4:15:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9lHcmHXjXsWAxXH9BBb01fXUFYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/qmXW-w1rOs9lPsPALOyCE6g51h4.roa
Signing time: Mon 29 May 2023 08:58:15 +0000
ROA not before: Mon 29 May 2023 08:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 193.30.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:ba:c4:6d:9b:0b:3c:56:aa:5c:eb:06:42:50:05:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f651dc9875e35ec580c571fd0416f4d5f5d4158a
Validity
Not Before: May 29 08:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa65d6fb0d6b3acf653ec3c02cec8213a839d61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:82:8e:df:42:0b:04:d6:a6:81:99:65:22:f5:
c4:65:1f:9c:90:b0:94:57:f4:ce:dd:70:d3:e8:af:
4c:92:46:73:11:87:3b:b2:8d:99:3a:94:db:cd:01:
4f:10:65:6f:fb:5c:bf:a0:7d:32:60:ad:e8:f3:7a:
a3:41:6a:ce:34:c2:b0:2b:f9:e7:a5:df:81:2f:44:
8b:d0:10:53:53:a2:0d:9a:93:f0:d2:df:39:96:8f:
bf:05:69:c4:ca:52:d5:7e:a3:ba:4a:6a:80:ed:24:
1e:dd:b3:d7:01:22:dc:cc:90:36:2f:81:4f:0b:13:
e9:6f:ef:5b:7b:60:b6:fd:47:db:49:de:ac:03:9a:
5c:6a:62:22:31:8e:d6:46:18:57:a4:ee:73:ef:fb:
4f:fb:cd:b9:b8:75:b7:35:c2:96:7d:6f:ef:e4:58:
a9:a3:37:7c:37:20:2e:b1:cf:b1:8f:1f:ed:6e:20:
e3:dd:e0:c5:e3:1a:45:2f:96:d8:a5:93:bb:17:7d:
a0:39:53:14:b0:9a:d7:e8:ed:b4:81:18:91:c4:38:
0c:ea:d5:65:80:f0:fc:59:2e:da:0d:7b:9b:52:60:
ef:2c:fc:16:80:ae:f1:73:1a:f5:9e:88:1b:8f:1b:
dd:2c:49:ad:16:c0:cb:db:6f:97:9b:0c:b5:fd:e7:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:65:D6:FB:0D:6B:3A:CF:65:3E:C3:C0:2C:EC:82:13:A8:39:D6:1E
X509v3 Authority Key Identifier:
keyid:F6:51:DC:98:75:E3:5E:C5:80:C5:71:FD:04:16:F4:D5:F5:D4:15:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lHcmHXjXsWAxXH9BBb01fXUFYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/qmXW-w1rOs9lPsPALOyCE6g51h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/9lHcmHXjXsWAxXH9BBb01fXUFYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.101.0/24
Signature Algorithm: sha256WithRSAEncryption
00:46:d4:f0:f9:64:bb:3a:78:bc:59:da:d6:5c:6e:54:72:f1:
f6:ac:47:6b:49:6a:07:13:cf:21:9e:ec:5f:3e:90:c5:28:7e:
01:ee:3b:84:59:93:1e:a9:a0:ad:34:e3:61:d8:ce:02:81:33:
f9:da:13:af:eb:6c:86:48:b8:a3:a5:39:e1:5d:54:58:da:29:
b2:89:b4:74:14:cb:d0:fa:0f:4c:19:0f:30:5b:c4:60:81:69:
c2:0a:6b:cd:fe:fd:7d:0a:2f:d2:76:61:87:57:09:f4:25:17:
3f:d7:8c:de:57:9e:f7:d2:65:e3:b1:5d:f1:5c:a4:39:d2:c0:
f6:00:f4:07:ce:53:8f:e3:fd:9a:5b:46:f8:80:ed:7e:36:a9:
39:b2:e6:d2:4e:48:24:9f:3d:c3:8e:e2:a0:38:5f:36:e2:eb:
78:24:6f:9d:7d:99:4b:d0:fd:2b:74:5f:24:3e:56:23:6d:89:
0c:31:d7:7c:12:7a:75:2c:95:9f:1f:38:9a:30:b8:ce:79:39:
11:74:de:a6:1a:3f:3e:01:34:52:72:de:5e:01:3f:1b:27:4f:
d8:17:34:cf:69:f0:fa:5a:40:79:6c:c0:16:7b:76:a9:14:ec:
51:99:ed:3e:a4:35:ad:31:6a:65:ee:b1:b7:ca:66:f8:f6:f8:
e6:5b:47:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhmusRtmws8Vqpc6wZCUAVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTFkYzk4NzVlMzVlYzU4MGM1NzFmZDA0MTZmNGQ1ZjVk
NDE1OGEwHhcNMjMwNTI5MDg1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY1ZDZmYjBkNmIzYWNmNjUzZWMzYzAyY2VjODIxM2E4MzlkNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4KO30ILBNamgZllIvXEZR+ckLCU
V/TO3XDT6K9MkkZzEYc7so2ZOpTbzQFPEGVv+1y/oH0yYK3o83qjQWrONMKwK/nn
pd+BL0SL0BBTU6INmpPw0t85lo+/BWnEylLVfqO6SmqA7SQe3bPXASLczJA2L4FP
CxPpb+9be2C2/UfbSd6sA5pcamIiMY7WRhhXpO5z7/tP+825uHW3NcKWfW/v5Fip
ozd8NyAusc+xjx/tbiDj3eDF4xpFL5bYpZO7F32gOVMUsJrX6O20gRiRxDgM6tVl
gPD8WS7aDXubUmDvLPwWgK7xcxr1nogbjxvdLEmtFsDL22+Xmwy1/efJvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpl1vsNazrPZT7DwCzsghOoOdYeMB8GA1UdIwQY
MBaAFPZR3Jh1417FgMVx/QQW9NX11BWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxIY21IWGpYc1dBeFhIOUJCYjAxZlhVRllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNGQ5ZDctNjcwMy00YjA2LWIzZWUt
MDc1MTAzODE0MjBhLzEvcW1YVy13MXJPczlsUHNQQUxPeUNFNmc1MWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNGQ5ZDctNjcwMy00YjA2LWIzZWUtMDc1MTAzODE0MjBh
LzEvOWxIY21IWGpYc1dBeFhIOUJCYjAxZlhVRllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR5lMA0G
CSqGSIb3DQEBCwUAA4IBAQAARtTw+WS7Oni8WdrWXG5UcvH2rEdrSWoHE88hnuxf
PpDFKH4B7juEWZMeqaCtNONh2M4CgTP52hOv62yGSLijpTnhXVRY2imyibR0FMvQ
+g9MGQ8wW8RggWnCCmvN/v19Ci/SdmGHVwn0JRc/14zeV5730mXjsV3xXKQ50sD2
APQHzlOP4/2aW0b4gO1+Nqk5subSTkgknz3DjuKgOF824ut4JG+dfZlL0P0rdF8k
PlYjbYkMMdd8Enp1LJWfHziaMLjOeTkRdN6mGj8+ATRSct5eAT8bJ0/YFzTPafD6
WkB5bMAWe3apFOxRme0+pDWtMWpl7rG3ymb49vjmW0fi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:41 2025 by rpki-client