Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJKw_jSexo5Xo6INlMAHsDyzZX8.roa
File: qJKw_jSexo5Xo6INlMAHsDyzZX8.roa (raw, json)
Hash identifier: tbzwBt4XZg2shK+8u+voUIn5C0bTx0zl07xdDoYjTzU=
Subject key identifier: A8:92:B0:FE:34:9E:C6:8E:57:A3:A2:0D:94:C0:07:B0:3C:B3:65:7F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019424B38776634245000256B6E62E5752B1
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJKw_jSexo5Xo6INlMAHsDyzZX8.roa
Signing time: Thu 02 Jan 2025 01:48:52 +0000
ROA not before: Thu 02 Jan 2025 01:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 213.176.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:87:76:63:42:45:00:02:56:b6:e6:2e:57:52:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 01:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a892b0fe349ec68e57a3a20d94c007b03cb3657f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:ba:eb:c9:a5:56:a5:d6:e9:56:8e:26:73:
70:2d:d6:e5:fb:72:7d:4f:30:75:a3:40:a4:4e:e1:
b7:29:bb:33:99:a7:78:bf:fa:26:b7:3f:a6:62:d7:
3b:ff:0e:d8:70:b4:04:7d:d9:4c:b2:f7:38:f8:c6:
7a:aa:1c:f5:5b:7a:e9:f5:b2:fa:31:97:85:88:35:
fb:94:6b:e2:30:f2:af:80:f1:0b:5f:c7:cb:48:37:
c6:15:73:34:72:3e:28:83:a8:9c:06:b7:4b:9a:b1:
f2:b8:f4:42:37:cd:d4:6e:e5:87:f6:19:b0:9f:03:
03:ad:ab:2a:8e:d4:6d:36:0b:2c:ec:97:ea:bb:e7:
df:89:ba:9d:5c:9e:6e:83:ae:95:ac:b7:79:b2:53:
6a:76:67:90:66:0f:39:11:37:54:e3:df:45:70:85:
f4:1d:4e:64:38:ee:d4:28:bb:7f:ca:b5:1b:49:3c:
c0:e7:0c:91:d5:40:87:64:ca:5a:89:de:ea:f4:a0:
6f:b7:5e:d8:99:17:1c:03:ff:43:26:e2:37:db:69:
f8:57:cf:a0:8d:17:21:6e:a9:16:d3:84:6f:90:1c:
65:76:0e:34:32:4f:b4:33:5d:62:4a:35:32:21:de:
0e:64:2d:2c:62:3d:ee:6f:2e:e0:e6:6d:6b:3b:ab:
3b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:B0:FE:34:9E:C6:8E:57:A3:A2:0D:94:C0:07:B0:3C:B3:65:7F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJKw_jSexo5Xo6INlMAHsDyzZX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.72.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:82:de:27:40:a0:9b:be:8f:f0:37:46:c7:7b:e5:f0:9e:47:
78:36:6f:ed:84:91:60:8e:6a:20:18:61:8c:55:10:3b:49:6e:
04:55:24:89:98:64:50:d4:32:b8:8f:55:fb:f3:f2:33:3b:5f:
8f:3e:d4:9d:a6:3e:fe:75:6e:c0:43:7b:87:7e:f2:1b:c5:ae:
19:37:e0:63:14:c3:8d:9e:b3:f0:59:b0:e6:27:77:5f:7e:ae:
64:73:2d:ed:b5:71:05:87:51:bd:34:a3:54:ab:85:c0:f5:26:
72:fb:07:fb:5d:a5:cf:a2:ee:7b:0e:eb:79:ff:ec:86:92:35:
d3:b0:77:a8:26:11:1b:82:0c:01:87:74:52:7f:25:cf:99:10:
a0:d3:c5:68:d0:47:e0:93:65:f1:1a:41:20:6b:fe:15:87:21:
c7:67:74:4a:66:80:98:02:e2:7c:d2:0c:b3:b5:be:72:e0:04:
85:ec:07:5c:8f:af:e6:9a:ee:3d:bb:52:80:b3:4a:98:a0:7a:
db:b7:fc:1c:4d:a6:19:37:5f:14:b8:f8:92:fa:c4:95:4d:d7:
4a:bb:5d:d5:51:8c:ad:1d:d1:a5:10:aa:75:de:fb:74:74:c2:
48:15:db:67:51:1a:df:b8:96:a0:ef:ac:36:be:68:b5:21:8d:
7f:ec:d0:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks4d2Y0JFAAJWtuYuV1KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMTAyMDE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkyYjBmZTM0OWVjNjhlNTdhM2EyMGQ5NGMwMDdiMDNjYjM2NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDa668mlVqXW6VaOJnNwLdbl+3J9
TzB1o0CkTuG3Kbszmad4v/omtz+mYtc7/w7YcLQEfdlMsvc4+MZ6qhz1W3rp9bL6
MZeFiDX7lGviMPKvgPELX8fLSDfGFXM0cj4og6icBrdLmrHyuPRCN83UbuWH9hmw
nwMDrasqjtRtNgss7Jfqu+ffibqdXJ5ug66VrLd5slNqdmeQZg85ETdU499FcIX0
HU5kOO7UKLt/yrUbSTzA5wyR1UCHZMpaid7q9KBvt17YmRccA/9DJuI322n4V8+g
jRchbqkW04RvkBxldg40Mk+0M11iSjUyId4OZC0sYj3uby7g5m1rO6s7rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiSsP40nsaOV6OiDZTAB7A8s2V/MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvcUpLd19qU2V4bzVYbzZJTmxNQUhzRHl6Wlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1bBIMA0G
CSqGSIb3DQEBCwUAA4IBAQAsgt4nQKCbvo/wN0bHe+Xwnkd4Nm/thJFgjmogGGGM
VRA7SW4EVSSJmGRQ1DK4j1X78/IzO1+PPtSdpj7+dW7AQ3uHfvIbxa4ZN+BjFMON
nrPwWbDmJ3dffq5kcy3ttXEFh1G9NKNUq4XA9SZy+wf7XaXPou57Dut5/+yGkjXT
sHeoJhEbggwBh3RSfyXPmRCg08Vo0Efgk2XxGkEga/4VhyHHZ3RKZoCYAuJ80gyz
tb5y4ASF7Adcj6/mmu49u1KAs0qYoHrbt/wcTaYZN18UuPiS+sSVTddKu13VUYyt
HdGlEKp13vt0dMJIFdtnURrfuJag76w2vmi1IY1/7NAD
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:57:25 2025 by rpki-client