Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QX8KqylAM3f1Syx-djrWntCvrqA.roa
File: QX8KqylAM3f1Syx-djrWntCvrqA.roa (raw, json)
Hash identifier: m6udoP2gq2mRFJ54qIBjTU0GJ3xy3ZdgKfydTJt14l8=
Subject key identifier: 41:7F:0A:AB:29:40:33:77:F5:4B:2C:7E:76:3A:D6:9E:D0:AF:AE:A0
Certificate issuer: /CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Certificate serial: 0194266C3CFF4C78BD3A0FFE22E1BDCFDE50
Authority key identifier: D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QX8KqylAM3f1Syx-djrWntCvrqA.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 178.20.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3c:ff:4c:78:bd:3a:0f:fe:22:e1:bd:cf:de:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=417f0aab29403377f54b2c7e763ad69ed0afaea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:b9:e3:b5:fa:ff:58:bc:c9:01:03:98:6c:
e9:e6:dd:98:be:fe:14:3d:40:94:5f:41:b2:e0:4d:
e6:24:5c:1a:40:83:1d:88:c3:0a:57:ca:bd:9b:0a:
8e:c7:59:88:63:55:7b:79:f2:ec:db:bd:8a:4f:54:
ab:9f:e7:d8:41:44:f8:de:1c:3c:5e:41:5b:57:b1:
88:b2:80:ac:1a:e0:00:88:35:de:b2:3d:61:18:36:
0a:77:3d:aa:c0:05:1c:d5:df:b9:14:1f:99:b5:2c:
bc:3d:78:8d:b7:42:d9:1b:9d:19:ff:22:ae:a8:cb:
a0:bb:30:70:ae:cb:41:40:f6:93:42:92:78:16:7a:
70:57:e4:ea:51:a4:68:13:cb:cd:65:10:8a:ab:52:
99:1b:94:e4:3d:69:5c:31:fd:8b:5c:cf:e4:0d:2d:
14:2e:f0:57:6c:b8:33:a3:7a:24:04:01:d7:ac:27:
b3:7e:d5:90:57:72:54:2a:2a:aa:30:5b:8b:5c:c2:
5c:42:31:bf:34:00:80:25:29:1a:e2:41:52:6e:83:
3d:2b:22:b6:36:d8:8e:b6:9a:f6:e8:af:76:a2:7d:
f2:61:dc:44:75:8e:7b:f7:ec:56:8c:90:ef:ec:d7:
cf:3f:96:54:ba:f6:1d:18:47:07:43:5a:ba:9d:0e:
17:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7F:0A:AB:29:40:33:77:F5:4B:2C:7E:76:3A:D6:9E:D0:AF:AE:A0
X509v3 Authority Key Identifier:
keyid:D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QX8KqylAM3f1Syx-djrWntCvrqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/2TpU8C9J9FrV1z5VUdCWGBvOP24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a9:90:e0:48:62:7c:f0:14:7b:b8:0c:23:a3:66:77:29:b7:
6d:b1:ed:9d:61:f8:5b:68:e1:83:2d:c1:37:68:19:46:15:46:
22:d4:13:af:33:62:1d:5a:35:46:76:9e:33:3b:5a:fe:63:ec:
7c:a6:28:94:5b:60:11:ad:33:b6:bd:1c:0a:9a:12:c3:5d:9d:
3e:11:d1:3a:dc:fb:68:81:26:36:de:ca:ec:4b:18:5d:0e:aa:
b0:2c:e8:0c:46:85:fb:07:62:b9:d8:b8:c4:7e:83:e7:74:40:
79:4e:df:e9:ab:d8:e8:a6:6c:7b:ec:46:dd:9b:3e:a1:de:c3:
fa:bf:60:17:3e:cd:75:e1:a0:1b:c6:3d:b8:a2:68:c8:fc:7c:
ca:33:c7:7a:27:68:b2:b6:d4:10:ba:3b:93:26:ac:5f:cb:d4:
30:fc:ec:f0:f4:c8:82:ca:e8:cc:d5:f4:70:be:b4:9d:02:79:
4e:b5:4d:35:93:cd:b4:3d:19:10:1e:66:98:fb:6c:e3:13:3d:
0e:91:80:a4:b4:02:40:a4:69:2b:ed:a6:25:d6:a0:7a:b0:78:
f0:b6:33:4f:38:83:33:f3:66:ee:65:dc:bc:a4:23:52:4d:e3:
60:57:29:f1:c9:3b:71:c6:68:8c:5e:f8:4f:e5:0f:05:e1:6e:
de:a9:55:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbDz/THi9Og/+IuG9z95QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2E1NGYwMmY0OWY0NWFkNWQ3M2U1NTUxZDA5NjE4MWJj
ZTNmNmUwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdmMGFhYjI5NDAzMzc3ZjU0YjJjN2U3NjNhZDY5ZWQwYWZhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntW547X6/1i8yQEDmGzp5t2Yvv4U
PUCUX0Gy4E3mJFwaQIMdiMMKV8q9mwqOx1mIY1V7efLs272KT1Srn+fYQUT43hw8
XkFbV7GIsoCsGuAAiDXesj1hGDYKdz2qwAUc1d+5FB+ZtSy8PXiNt0LZG50Z/yKu
qMuguzBwrstBQPaTQpJ4FnpwV+TqUaRoE8vNZRCKq1KZG5TkPWlcMf2LXM/kDS0U
LvBXbLgzo3okBAHXrCezftWQV3JUKiqqMFuLXMJcQjG/NACAJSka4kFSboM9KyK2
NtiOtpr26K92on3yYdxEdY579+xWjJDv7NfPP5ZUuvYdGEcHQ1q6nQ4XPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEF/CqspQDN39UssfnY61p7Qr66gMB8GA1UdIwQY
MBaAFNk6VPAvSfRa1dc+VVHQlhgbzj9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMt
MDVkNThmMGNiODhjLzEvUVg4S3F5bEFNM2YxU3l4LWRqcldudEN2cnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMtMDVkNThmMGNiODhj
LzEvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshTRMA0G
CSqGSIb3DQEBCwUAA4IBAQCnqZDgSGJ88BR7uAwjo2Z3Kbdtse2dYfhbaOGDLcE3
aBlGFUYi1BOvM2IdWjVGdp4zO1r+Y+x8piiUW2ARrTO2vRwKmhLDXZ0+EdE63Pto
gSY23srsSxhdDqqwLOgMRoX7B2K52LjEfoPndEB5Tt/pq9jopmx77Ebdmz6h3sP6
v2AXPs114aAbxj24omjI/HzKM8d6J2iyttQQujuTJqxfy9Qw/Ozw9MiCyujM1fRw
vrSdAnlOtU01k820PRkQHmaY+2zjEz0OkYCktAJApGkr7aYl1qB6sHjwtjNPOIMz
82buZdy8pCNSTeNgVynxyTtxxmiMXvhP5Q8F4W7eqVXc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:01 2025 by rpki-client