Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QPy8tTbRJz3sZuZPMPkc60H7ZUM.roa
File: QPy8tTbRJz3sZuZPMPkc60H7ZUM.roa (raw, json)
Hash identifier: UsfnQ46pvTGBqquIoMO+i7EnvjpvuR7T9MurG7SqC+M=
Subject key identifier: 40:FC:BC:B5:36:D1:27:3D:EC:66:E6:4F:30:F9:1C:EB:41:FB:65:43
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01940E3F55248A817CEDF651B83E2BC35143
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QPy8tTbRJz3sZuZPMPkc60H7ZUM.roa
Signing time: Sat 28 Dec 2024 17:10:19 +0000
ROA not before: Sat 28 Dec 2024 17:10:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60345
IP address blocks: 77.90.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0e:3f:55:24:8a:81:7c:ed:f6:51:b8:3e:2b:c3:51:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 28 17:10:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40fcbcb536d1273dec66e64f30f91ceb41fb6543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:55:b5:32:c7:51:ec:e2:30:e8:b1:19:1b:
f1:1f:a2:09:1b:ba:3b:e8:4a:3f:e1:6e:9d:8e:2e:
c3:22:8a:37:e2:15:e6:00:7f:38:18:75:77:a3:65:
08:39:19:06:47:2c:6e:c3:e6:78:02:c0:6d:ac:c0:
11:86:fd:72:37:61:d8:d5:60:46:de:cd:3c:b5:92:
7a:fd:d5:9d:ab:80:94:39:ce:fa:39:97:3c:93:5f:
40:26:64:cf:4a:da:af:a7:53:47:8f:7e:77:03:ff:
ab:9a:b5:5c:d1:c6:7b:24:07:81:2d:a6:60:01:c4:
a2:ca:89:80:a7:96:62:e3:60:1b:ca:73:25:81:94:
dc:dd:51:39:5a:69:fb:de:13:8a:4f:5d:57:10:4d:
52:bf:cf:51:ec:fd:62:8f:d4:86:2e:e8:c7:6d:08:
84:a7:bf:41:4c:5d:9b:f9:ec:8d:49:c9:fa:a9:b6:
93:69:82:46:0c:8d:a0:63:5e:3e:6e:b7:c6:cd:49:
1b:8f:60:ab:85:2f:64:fb:48:28:d7:22:b6:54:ba:
54:e4:6e:a3:06:f4:c5:01:fd:48:e8:38:c0:93:a1:
5a:27:1b:d8:6a:99:65:7a:b5:9e:64:aa:f9:dd:2a:
11:ea:01:5f:a3:e5:a3:ec:aa:28:03:e1:e4:e8:26:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FC:BC:B5:36:D1:27:3D:EC:66:E6:4F:30:F9:1C:EB:41:FB:65:43
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QPy8tTbRJz3sZuZPMPkc60H7ZUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.55.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:a7:1b:0f:71:56:1d:76:d0:bd:d5:88:86:1d:25:e9:27:85:
99:b2:44:90:c7:50:e6:7d:a7:02:00:ca:b0:0d:c6:50:be:7d:
37:48:7a:06:6c:c2:10:a1:ad:f7:b9:6a:8b:7c:2d:6e:ef:8e:
a7:77:be:bb:11:87:d6:aa:0c:90:15:3e:f0:79:2a:ab:f4:d6:
40:e9:b1:89:e2:4f:fd:98:a7:8c:28:57:60:30:03:e5:77:17:
18:ce:f3:01:d5:de:70:f7:62:64:62:56:eb:32:ab:a7:4d:1b:
01:71:93:02:1e:a5:e8:57:f3:77:33:ae:2e:9f:ab:99:58:3a:
1e:cd:05:1b:3f:00:51:b8:4d:fa:dc:c9:5a:4d:d3:82:8e:49:
77:8f:67:13:da:91:0f:00:05:a1:f5:7c:80:d6:5b:a4:1b:b6:
a4:80:78:fb:e2:19:a2:4a:1e:73:d6:02:08:57:ca:b9:7c:ff:
fb:2d:4b:ac:30:97:1f:a9:bf:38:07:96:e6:fb:e3:93:fa:73:
c8:19:80:83:bd:7a:25:9b:0d:7c:8a:e2:ab:40:d3:d1:fe:8c:
33:68:50:b4:5f:03:c9:6e:8e:82:35:da:90:82:5a:58:26:64:
86:af:09:4f:57:63:75:c1:18:19:e6:21:f4:d3:7b:7a:96:2a:
02:e2:0a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQOP1UkioF87fZRuD4rw1FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjI4MTcxMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZjYmNiNTM2ZDEyNzNkZWM2NmU2NGYzMGY5MWNlYjQxZmI2NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFdVtTLHUeziMOixGRvxH6IJG7o7
6Eo/4W6dji7DIoo34hXmAH84GHV3o2UIORkGRyxuw+Z4AsBtrMARhv1yN2HY1WBG
3s08tZJ6/dWdq4CUOc76OZc8k19AJmTPStqvp1NHj353A/+rmrVc0cZ7JAeBLaZg
AcSiyomAp5Zi42AbynMlgZTc3VE5Wmn73hOKT11XEE1Sv89R7P1ij9SGLujHbQiE
p79BTF2b+eyNScn6qbaTaYJGDI2gY14+brfGzUkbj2CrhS9k+0go1yK2VLpU5G6j
BvTFAf1I6DjAk6FaJxvYapllerWeZKr53SoR6gFfo+Wj7KooA+Hk6CbyowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFED8vLU20Sc97GbmTzD5HOtB+2VDMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUVB5OHRUYlJKejNzWnVaUE1Qa2M2MEg3WlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVo3MA0G
CSqGSIb3DQEBCwUAA4IBAQDXpxsPcVYddtC91YiGHSXpJ4WZskSQx1DmfacCAMqw
DcZQvn03SHoGbMIQoa33uWqLfC1u746nd767EYfWqgyQFT7weSqr9NZA6bGJ4k/9
mKeMKFdgMAPldxcYzvMB1d5w92JkYlbrMqunTRsBcZMCHqXoV/N3M64un6uZWDoe
zQUbPwBRuE363MlaTdOCjkl3j2cT2pEPAAWh9XyA1lukG7akgHj74hmiSh5z1gII
V8q5fP/7LUusMJcfqb84B5bm++OT+nPIGYCDvXolmw18iuKrQNPR/owzaFC0XwPJ
bo6CNdqQglpYJmSGrwlPV2N1wRgZ5iH003t6lioC4goE
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:27 2025 by rpki-client