Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2ae6a0-0d6b-4843-a48e-7cd80135cc72/1/QavZl2abCB56Tr4W_sTIJ90k3lQ.roa
File: QavZl2abCB56Tr4W_sTIJ90k3lQ.roa (raw, json)
Hash identifier: onE4OalWVxRLXbszBIcsdb0XxftL6LPtolsSAYiZErw=
Subject key identifier: 41:AB:D9:97:66:9B:08:1E:7A:4E:BE:16:FE:C4:C8:27:DD:24:DE:54
Certificate issuer: /CN=c82f486a7d9de0af491a878ad3b3dd4491c24b28
Certificate serial: 01856D81CCB6A250624A6F12BAC684034C13
Authority key identifier: C8:2F:48:6A:7D:9D:E0:AF:49:1A:87:8A:D3:B3:DD:44:91:C2:4B:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yC9Ian2d4K9JGoeK07PdRJHCSyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2ae6a0-0d6b-4843-a48e-7cd80135cc72/1/QavZl2abCB56Tr4W_sTIJ90k3lQ.roa
Signing time: Sun 01 Jan 2023 13:25:01 +0000
ROA not before: Sun 01 Jan 2023 13:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 193.9.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:cc:b6:a2:50:62:4a:6f:12:ba:c6:84:03:4c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c82f486a7d9de0af491a878ad3b3dd4491c24b28
Validity
Not Before: Jan 1 13:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41abd997669b081e7a4ebe16fec4c827dd24de54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:64:16:98:37:5e:5c:14:cf:c8:df:ec:c0:08:
bc:3c:be:d4:4b:4a:b4:b5:36:e8:f6:f9:06:ed:db:
8f:22:b1:0d:5d:81:c5:07:17:1b:e7:2b:77:61:05:
92:63:96:49:3f:84:96:74:2c:a7:23:e5:bd:53:4e:
c3:4a:66:0d:a4:d6:38:a3:c3:8d:e6:ab:57:49:42:
88:b0:5a:54:fd:c9:35:82:28:2b:df:9e:1f:85:5e:
a9:cb:da:db:80:72:bf:ec:bc:c7:de:9e:cd:51:05:
3e:29:cf:ca:8e:a8:90:98:3e:08:a8:16:70:d1:23:
98:4a:70:43:e2:5f:d4:89:ed:c6:4b:c6:1e:01:06:
88:9b:67:7c:8b:f8:be:57:45:e2:de:90:58:c4:7b:
d1:43:fc:76:04:9b:c6:be:33:97:65:49:5f:6c:67:
17:0c:df:85:74:cd:ba:26:30:99:d1:e8:58:86:fb:
5d:24:7b:36:31:bb:e5:7d:bf:50:4a:bb:cb:91:4c:
e8:90:20:39:20:3f:a9:d7:c5:4e:bc:ac:54:70:0e:
32:df:bf:d5:57:8a:ab:90:a3:2a:4b:ed:12:30:4a:
78:2c:ab:11:b8:42:51:57:ca:11:eb:32:21:1e:88:
8c:50:c4:84:b9:ed:cb:1f:dc:30:1f:1a:2a:3f:87:
1d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AB:D9:97:66:9B:08:1E:7A:4E:BE:16:FE:C4:C8:27:DD:24:DE:54
X509v3 Authority Key Identifier:
keyid:C8:2F:48:6A:7D:9D:E0:AF:49:1A:87:8A:D3:B3:DD:44:91:C2:4B:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yC9Ian2d4K9JGoeK07PdRJHCSyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2ae6a0-0d6b-4843-a48e-7cd80135cc72/1/QavZl2abCB56Tr4W_sTIJ90k3lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2ae6a0-0d6b-4843-a48e-7cd80135cc72/1/yC9Ian2d4K9JGoeK07PdRJHCSyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.124.0/24
Signature Algorithm: sha256WithRSAEncryption
22:8b:0b:41:fd:2a:ff:20:b7:9b:90:21:d7:0f:35:48:42:fa:
76:0e:8e:02:55:1e:d7:1c:75:65:ba:bd:ce:93:67:bf:2e:9e:
ae:dd:42:62:4c:97:d2:35:5d:a8:01:6c:0a:5c:1c:2b:ec:09:
7c:15:14:f3:bc:1f:6a:7d:54:d6:ce:49:24:6f:17:52:ea:c3:
4e:ec:e1:5f:e9:ab:dc:73:9c:98:f2:4d:2a:16:9f:80:73:9e:
9b:69:79:f2:20:0b:6a:3a:f2:bb:36:df:cd:d9:8c:2b:1a:54:
66:00:48:10:8e:f4:22:5f:95:e8:1f:a8:30:8b:a6:e6:b3:31:
11:74:80:c1:ce:b9:27:be:60:1e:09:02:e1:ff:54:1f:07:ee:
ae:23:3e:ba:51:6d:de:8a:0a:68:88:59:ba:d0:4a:25:2a:ae:
01:0d:b2:8b:49:bf:e1:99:49:f7:ef:4d:b6:c5:93:75:58:cf:
05:1e:07:e2:1a:29:4e:2a:49:b2:8b:a2:4f:07:27:9b:03:58:
ed:d2:d4:6e:dc:94:9a:36:43:3a:84:70:3b:ee:22:e0:16:9f:
62:a6:84:8c:64:7b:25:1c:2d:33:56:2c:59:ff:1e:2d:cc:0a:
13:ff:82:2d:0e:84:47:db:cd:fd:2c:c3:7f:7c:16:06:7b:a2:
e1:0b:8f:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgcy2olBiSm8SusaEA0wTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MmY0ODZhN2Q5ZGUwYWY0OTFhODc4YWQzYjNkZDQ0OTFj
MjRiMjgwHhcNMjMwMTAxMTMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFiZDk5NzY2OWIwODFlN2E0ZWJlMTZmZWM0YzgyN2RkMjRkZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGQWmDdeXBTPyN/swAi8PL7US0q0
tTbo9vkG7duPIrENXYHFBxcb5yt3YQWSY5ZJP4SWdCynI+W9U07DSmYNpNY4o8ON
5qtXSUKIsFpU/ck1gigr354fhV6py9rbgHK/7LzH3p7NUQU+Kc/KjqiQmD4IqBZw
0SOYSnBD4l/Uie3GS8YeAQaIm2d8i/i+V0Xi3pBYxHvRQ/x2BJvGvjOXZUlfbGcX
DN+FdM26JjCZ0ehYhvtdJHs2Mbvlfb9QSrvLkUzokCA5ID+p18VOvKxUcA4y37/V
V4qrkKMqS+0SMEp4LKsRuEJRV8oR6zIhHoiMUMSEue3LH9wwHxoqP4cdlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGr2Zdmmwgeek6+Fv7EyCfdJN5UMB8GA1UdIwQY
MBaAFMgvSGp9neCvSRqHitOz3USRwksoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUM5SWFuMmQ0SzlKR29lSzA3UGRSSkhDU3lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYWU2YTAtMGQ2Yi00ODQzLWE0OGUt
N2NkODAxMzVjYzcyLzEvUWF2WmwyYWJDQjU2VHI0V19zVElKOTBrM2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYWU2YTAtMGQ2Yi00ODQzLWE0OGUtN2NkODAxMzVjYzcy
LzEveUM5SWFuMmQ0SzlKR29lSzA3UGRSSkhDU3lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAiiwtB/Sr/ILebkCHXDzVIQvp2Do4CVR7XHHVlur3O
k2e/Lp6u3UJiTJfSNV2oAWwKXBwr7Al8FRTzvB9qfVTWzkkkbxdS6sNO7OFf6avc
c5yY8k0qFp+Ac56baXnyIAtqOvK7Nt/N2YwrGlRmAEgQjvQiX5XoH6gwi6bmszER
dIDBzrknvmAeCQLh/1QfB+6uIz66UW3eigpoiFm60EolKq4BDbKLSb/hmUn37022
xZN1WM8FHgfiGilOKkmyi6JPByebA1jt0tRu3JSaNkM6hHA77iLgFp9ipoSMZHsl
HC0zVixZ/x4tzAoT/4ItDoRH2839LMN/fBYGe6LhC49c
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:17 2025 by rpki-client