Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59369b-5981-4bbc-bdc2-7b551eb97363/1/qnfOgcnX29IeNNFxrZhnLz0NKPU.roa
File: qnfOgcnX29IeNNFxrZhnLz0NKPU.roa (raw, json)
Hash identifier: yi0iboHq7JyWhLTen0/ZAIJCJN7gMxv9Lp8YWv8A5J0=
Subject key identifier: AA:77:CE:81:C9:D7:DB:D2:1E:34:D1:71:AD:98:67:2F:3D:0D:28:F5
Certificate issuer: /CN=ce570223aac4013c7ad2c934500e6f430264fe4b
Certificate serial: 01856F024720AF03F70C3D423478B674F9EC
Authority key identifier: CE:57:02:23:AA:C4:01:3C:7A:D2:C9:34:50:0E:6F:43:02:64:FE:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlcCI6rEATx60sk0UA5vQwJk_ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59369b-5981-4bbc-bdc2-7b551eb97363/1/qnfOgcnX29IeNNFxrZhnLz0NKPU.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213183
IP address blocks: 194.42.98.0/23 maxlen: 23
194.42.98.0/24 maxlen: 24
194.42.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:47:20:af:03:f7:0c:3d:42:34:78:b6:74:f9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce570223aac4013c7ad2c934500e6f430264fe4b
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa77ce81c9d7dbd21e34d171ad98672f3d0d28f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:68:06:c1:2b:a7:b0:53:d7:1d:12:5b:51:
cd:3e:4c:4a:3e:ca:40:68:eb:87:08:dd:34:95:61:
0f:36:55:3f:41:5b:2e:e4:59:7c:28:56:4a:2f:00:
04:41:a2:6c:d8:a9:2c:bd:d3:48:e4:c7:74:7e:03:
ee:37:25:8f:d7:46:c3:74:2e:42:65:55:63:3f:87:
31:53:66:53:17:7c:db:f8:55:5d:62:d1:0a:96:b0:
10:48:80:b7:1b:77:db:cc:e5:f5:82:3b:c2:bd:32:
b5:b3:b2:86:7a:e8:c9:ea:29:73:35:e8:06:ee:92:
5f:51:ab:f7:f1:be:b1:f9:99:17:86:66:ef:d9:8a:
87:06:e8:ee:58:68:88:74:81:5e:8d:9e:d8:44:23:
25:07:42:6d:00:3f:bd:7e:67:a4:7a:b1:c4:3a:5d:
d0:b0:f3:a2:c8:7e:00:e6:9f:5f:58:25:ff:e9:92:
9a:e6:89:3a:7a:10:fb:21:4f:98:bd:73:b7:dd:9e:
24:07:49:0f:04:4f:4b:03:f5:dc:e1:23:2b:96:df:
22:8a:77:01:fb:a3:15:cf:c3:26:9b:c7:0a:16:4b:
d6:bd:25:40:bc:55:72:53:81:08:36:8f:11:12:ac:
29:9f:32:4b:09:04:51:d2:30:2b:90:02:2c:1c:79:
cf:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:77:CE:81:C9:D7:DB:D2:1E:34:D1:71:AD:98:67:2F:3D:0D:28:F5
X509v3 Authority Key Identifier:
keyid:CE:57:02:23:AA:C4:01:3C:7A:D2:C9:34:50:0E:6F:43:02:64:FE:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlcCI6rEATx60sk0UA5vQwJk_ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59369b-5981-4bbc-bdc2-7b551eb97363/1/qnfOgcnX29IeNNFxrZhnLz0NKPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59369b-5981-4bbc-bdc2-7b551eb97363/1/zlcCI6rEATx60sk0UA5vQwJk_ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.98.0/23
Signature Algorithm: sha256WithRSAEncryption
22:cb:ae:27:5a:3b:c5:09:7c:9b:7b:53:58:ed:57:18:a5:21:
26:cc:ad:1f:f5:ec:e3:2b:bf:27:4a:d3:8c:58:99:91:60:6e:
8b:d8:51:c7:e6:14:24:ff:a1:7f:dd:8e:eb:2e:b6:19:81:98:
17:e2:42:91:ee:00:cc:9c:58:f4:29:ce:56:a3:91:fc:dc:82:
47:53:f8:fc:27:b9:1d:f9:d9:d4:37:cd:00:7a:08:ab:dd:4f:
aa:87:4c:19:0d:53:74:50:de:46:87:b9:0c:a9:19:54:20:50:
bc:e2:d0:7c:e7:02:ae:d3:f6:9d:81:98:5c:06:c7:c7:29:bf:
45:2c:a6:36:e6:aa:2c:02:f2:90:7d:eb:49:08:fc:b5:6a:51:
e1:88:14:1b:11:2f:31:ca:58:40:c1:fe:ba:aa:65:44:9c:62:
c8:db:2c:83:4c:46:bc:b7:8a:bf:6c:bf:b7:38:c0:0a:d8:97:
6f:57:cb:29:2a:d3:84:e0:fa:b7:73:5a:6a:bd:64:a6:30:2a:
d8:78:79:3a:1f:ef:47:f7:ae:c3:11:1c:b9:2c:95:8f:83:b4:
59:68:f7:f6:ef:77:8f:92:95:ca:81:cf:91:59:18:69:d5:81:
43:ec:0d:dd:59:ab:4d:e6:90:e1:07:25:b0:0a:52:09:dc:d8:
ca:17:14:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkcgrwP3DD1CNHi2dPnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTcwMjIzYWFjNDAxM2M3YWQyYzkzNDUwMGU2ZjQzMDI2
NGZlNGIwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc3Y2U4MWM5ZDdkYmQyMWUzNGQxNzFhZDk4NjcyZjNkMGQyOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2loBsErp7BT1x0SW1HNPkxKPspA
aOuHCN00lWEPNlU/QVsu5Fl8KFZKLwAEQaJs2KksvdNI5Md0fgPuNyWP10bDdC5C
ZVVjP4cxU2ZTF3zb+FVdYtEKlrAQSIC3G3fbzOX1gjvCvTK1s7KGeujJ6ilzNegG
7pJfUav38b6x+ZkXhmbv2YqHBujuWGiIdIFejZ7YRCMlB0JtAD+9fmekerHEOl3Q
sPOiyH4A5p9fWCX/6ZKa5ok6ehD7IU+YvXO33Z4kB0kPBE9LA/Xc4SMrlt8iincB
+6MVz8Mmm8cKFkvWvSVAvFVyU4EINo8REqwpnzJLCQRR0jArkAIsHHnPYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKp3zoHJ19vSHjTRca2YZy89DSj1MB8GA1UdIwQY
MBaAFM5XAiOqxAE8etLJNFAOb0MCZP5LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxjQ0k2ckVBVHg2MHNrMFVBNXZRd0prX2tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OTM2OWItNTk4MS00YmJjLWJkYzIt
N2I1NTFlYjk3MzYzLzEvcW5mT2djblgyOUllTk5GeHJaaG5MejBOS1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OTM2OWItNTk4MS00YmJjLWJkYzItN2I1NTFlYjk3MzYz
LzEvemxjQ0k2ckVBVHg2MHNrMFVBNXZRd0prX2tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwipiMA0G
CSqGSIb3DQEBCwUAA4IBAQAiy64nWjvFCXybe1NY7VcYpSEmzK0f9ezjK78nStOM
WJmRYG6L2FHH5hQk/6F/3Y7rLrYZgZgX4kKR7gDMnFj0Kc5Wo5H83IJHU/j8J7kd
+dnUN80Aegir3U+qh0wZDVN0UN5Gh7kMqRlUIFC84tB85wKu0/adgZhcBsfHKb9F
LKY25qosAvKQfetJCPy1alHhiBQbES8xylhAwf66qmVEnGLI2yyDTEa8t4q/bL+3
OMAK2JdvV8spKtOE4Pq3c1pqvWSmMCrYeHk6H+9H967DERy5LJWPg7RZaPf273eP
kpXKgc+RWRhp1YFD7A3dWatN5pDhByWwClIJ3NjKFxRI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org