Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/29de46-c2e9-48fb-92d4-b7a564afb04b/1/QNHfp-QpZNwcvnNXnGl6CZVZ8Tc.roa
File: QNHfp-QpZNwcvnNXnGl6CZVZ8Tc.roa (raw, json)
Hash identifier: 6rWKjyivZLws8Y1JTJaRv4be4dA3ijdzaWgzmRI12KU=
Subject key identifier: 40:D1:DF:A7:E4:29:64:DC:1C:BE:73:57:9C:69:7A:09:95:59:F1:37
Certificate issuer: /CN=e56cd578f42f8de067236767c6cfc2bacbc16e05
Certificate serial: 019420685471A5A51C62D90FF03A095934D1
Authority key identifier: E5:6C:D5:78:F4:2F:8D:E0:67:23:67:67:C6:CF:C2:BA:CB:C1:6E:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5WzVePQvjeBnI2dnxs_CusvBbgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/29de46-c2e9-48fb-92d4-b7a564afb04b/1/QNHfp-QpZNwcvnNXnGl6CZVZ8Tc.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61418
IP address blocks: 195.206.236.0/24 maxlen: 24
2a10:2cc0::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:54:71:a5:a5:1c:62:d9:0f:f0:3a:09:59:34:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e56cd578f42f8de067236767c6cfc2bacbc16e05
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40d1dfa7e42964dc1cbe73579c697a099559f137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7b:63:28:63:d8:66:a0:3f:3f:1a:be:9a:05:
1d:ce:50:c7:31:e6:8b:85:74:c3:eb:ec:32:35:59:
87:51:d9:aa:4e:d4:bc:9c:a0:a0:97:9c:d7:ff:31:
c5:09:06:c6:ac:a2:07:6d:95:9e:ba:9c:d9:27:e5:
8e:64:4d:01:cc:72:33:95:5b:49:c4:52:33:05:d6:
4a:24:dc:23:e7:32:e4:95:90:26:10:3f:d9:93:d0:
4f:51:1e:f3:64:95:22:de:f4:1a:41:3b:d0:4b:9d:
aa:18:de:3e:59:b2:50:fa:87:6c:ff:dd:6a:1a:22:
ba:80:d6:8a:1f:e0:28:0b:03:b2:d9:c4:20:06:36:
10:ee:fb:45:d1:79:57:5b:06:91:cc:3f:0e:3f:89:
f3:77:ba:f7:2c:23:ae:8a:9b:7f:57:d1:fd:2b:f7:
30:76:8e:2b:55:30:b2:b3:14:35:52:61:d8:bb:b5:
7c:df:e1:c4:fe:27:65:40:8c:2a:91:23:76:28:9f:
7f:7d:db:4e:34:d4:2f:9d:c8:18:8b:42:60:ba:57:
bb:e1:f2:d0:70:ab:47:3d:2b:f8:e7:d9:87:28:fe:
dd:c4:a0:3d:c4:44:bf:ed:f6:2d:28:ee:91:e8:3d:
86:5b:89:a4:bd:50:ff:61:fd:b8:eb:c9:5f:d8:53:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D1:DF:A7:E4:29:64:DC:1C:BE:73:57:9C:69:7A:09:95:59:F1:37
X509v3 Authority Key Identifier:
keyid:E5:6C:D5:78:F4:2F:8D:E0:67:23:67:67:C6:CF:C2:BA:CB:C1:6E:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WzVePQvjeBnI2dnxs_CusvBbgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29de46-c2e9-48fb-92d4-b7a564afb04b/1/QNHfp-QpZNwcvnNXnGl6CZVZ8Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29de46-c2e9-48fb-92d4-b7a564afb04b/1/5WzVePQvjeBnI2dnxs_CusvBbgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.206.236.0/24
IPv6:
2a10:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:53:f5:4d:c5:bc:b6:88:b8:42:41:ee:4f:dc:d4:dc:7c:03:
cb:20:a2:a2:bc:33:27:d5:e0:57:a9:e4:b3:01:90:26:ae:c0:
f3:8a:7e:50:a3:79:ec:19:f5:cb:f0:6d:81:45:0e:94:80:2d:
28:cc:21:23:1e:41:b2:9b:57:da:34:ac:74:ce:ea:f2:4e:66:
9e:41:b5:33:eb:31:eb:a1:74:52:03:3f:20:e3:42:28:ea:a8:
9d:1b:46:82:c2:af:09:3d:95:5f:32:2c:9d:7d:c6:8f:25:39:
be:5d:b2:28:de:55:01:b8:c4:d0:77:97:c7:58:59:2d:5a:4f:
41:e1:5d:41:69:7a:3f:af:7d:ae:84:aa:76:0b:c0:18:aa:f5:
ec:50:75:ef:2b:6c:52:c1:fd:4b:04:1d:55:6b:09:e9:86:99:
9f:3c:4b:b0:30:ae:14:48:e9:9d:f3:d3:ab:14:32:c6:30:1f:
e4:b6:d6:b4:14:2a:22:01:a0:50:2e:b3:62:a7:75:83:fe:25:
9d:34:60:1e:44:18:82:32:17:d3:61:dc:0c:e0:2f:bf:a9:ec:
5b:90:04:5f:75:e4:2e:56:e8:7d:cc:34:8c:f4:3a:b8:9b:aa:
e0:4f:b5:59:23:69:ee:f8:0c:b3:e3:81:d7:a5:1e:db:5f:d7:
90:c0:fb:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaFRxpaUcYtkP8DoJWTTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NmNkNTc4ZjQyZjhkZTA2NzIzNjc2N2M2Y2ZjMmJhY2Jj
MTZlMDUwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQxZGZhN2U0Mjk2NGRjMWNiZTczNTc5YzY5N2EwOTk1NTlmMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HtjKGPYZqA/Pxq+mgUdzlDHMeaL
hXTD6+wyNVmHUdmqTtS8nKCgl5zX/zHFCQbGrKIHbZWeupzZJ+WOZE0BzHIzlVtJ
xFIzBdZKJNwj5zLklZAmED/Zk9BPUR7zZJUi3vQaQTvQS52qGN4+WbJQ+ods/91q
GiK6gNaKH+AoCwOy2cQgBjYQ7vtF0XlXWwaRzD8OP4nzd7r3LCOuipt/V9H9K/cw
do4rVTCysxQ1UmHYu7V83+HE/idlQIwqkSN2KJ9/fdtONNQvncgYi0Jgule74fLQ
cKtHPSv459mHKP7dxKA9xES/7fYtKO6R6D2GW4mkvVD/Yf2468lf2FMoVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDR36fkKWTcHL5zV5xpegmVWfE3MB8GA1UdIwQY
MBaAFOVs1Xj0L43gZyNnZ8bPwrrLwW4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVd6VmVQUXZqZUJuSTJkbnhzX0N1c3ZCYmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yOWRlNDYtYzJlOS00OGZiLTkyZDQt
YjdhNTY0YWZiMDRiLzEvUU5IZnAtUXBaTndjdm5OWG5HbDZDWlZaOFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yOWRlNDYtYzJlOS00OGZiLTkyZDQtYjdhNTY0YWZiMDRi
LzEvNVd6VmVQUXZqZUJuSTJkbnhzX0N1c3ZCYmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw87sMA0E
AgACMAcDBQMqECzAMA0GCSqGSIb3DQEBCwUAA4IBAQAtU/VNxby2iLhCQe5P3NTc
fAPLIKKivDMn1eBXqeSzAZAmrsDzin5Qo3nsGfXL8G2BRQ6UgC0ozCEjHkGym1fa
NKx0zuryTmaeQbUz6zHroXRSAz8g40Io6qidG0aCwq8JPZVfMiydfcaPJTm+XbIo
3lUBuMTQd5fHWFktWk9B4V1BaXo/r32uhKp2C8AYqvXsUHXvK2xSwf1LBB1Vawnp
hpmfPEuwMK4USOmd89OrFDLGMB/ktta0FCoiAaBQLrNip3WD/iWdNGAeRBiCMhfT
YdwM4C+/qexbkARfdeQuVuh9zDSM9Dq4m6rgT7VZI2nu+Ayz44HXpR7bX9eQwPsP
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:48 2025 by rpki-client