Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/QgnDZKAfadR3A3iSg32MrBBTufg.roa
File: QgnDZKAfadR3A3iSg32MrBBTufg.roa (raw, json)
Hash identifier: DVHoTb+mZtTKKjd7+GG0hfWDkUski56GcAz90Vmp4B8=
Subject key identifier: 42:09:C3:64:A0:1F:69:D4:77:03:78:92:83:7D:8C:AC:10:53:B9:F8
Certificate issuer: /CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Certificate serial: 01856F1D7D18DDEA9AA836BBF502BE316646
Authority key identifier: D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/QgnDZKAfadR3A3iSg32MrBBTufg.roa
Signing time: Sun 01 Jan 2023 20:54:41 +0000
ROA not before: Sun 01 Jan 2023 20:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 195.64.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:7d:18:dd:ea:9a:a8:36:bb:f5:02:be:31:66:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Validity
Not Before: Jan 1 20:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4209c364a01f69d477037892837d8cac1053b9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f2:93:21:5d:ca:09:77:c3:38:18:fd:ec:24:
a2:f9:e2:dc:82:89:d9:29:89:61:b4:d5:b6:2b:22:
09:0b:d1:5a:25:cf:fc:86:8f:48:44:89:f3:0a:ba:
ef:6a:df:2e:4b:58:06:38:78:32:44:88:3f:e0:8c:
b0:6a:f6:64:a5:c5:9c:b4:bf:bd:15:28:e6:21:16:
f2:c3:d8:6a:d8:e0:da:ea:75:66:fb:e9:d4:66:0c:
61:dd:df:6c:9f:15:91:72:3f:16:bf:35:10:fe:de:
2a:1d:7d:28:36:49:98:6f:d2:42:fb:21:cc:fd:4a:
43:16:3f:79:fb:ea:f7:65:06:08:51:26:65:ae:b9:
76:3a:67:28:45:85:97:29:60:78:ec:7b:8f:70:9b:
20:a3:fd:27:d6:97:54:b9:7f:cd:c7:96:a7:03:20:
c2:89:b4:d8:6a:ae:dc:17:db:66:8b:9b:41:c4:f9:
c5:ac:c7:ab:bf:b5:fa:03:07:4d:0e:c9:de:09:bd:
12:39:9e:05:3f:7b:2e:14:b8:ba:be:a8:d3:26:1a:
8c:f8:c2:b5:fc:77:9c:00:68:98:c3:4e:3b:d2:75:
7f:3f:5d:40:30:3e:1d:0f:2d:62:10:4e:0d:4b:b7:
cb:b9:2f:87:6b:7f:83:bc:84:c4:d7:a2:48:16:af:
5a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:09:C3:64:A0:1F:69:D4:77:03:78:92:83:7D:8C:AC:10:53:B9:F8
X509v3 Authority Key Identifier:
keyid:D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/QgnDZKAfadR3A3iSg32MrBBTufg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/2AYuTMJvLfdu8wjOem48g0TJ0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.114.0/24
Signature Algorithm: sha256WithRSAEncryption
15:6e:c4:14:e9:3a:a8:3b:d5:60:5d:dc:89:f6:e2:9d:72:c0:
08:87:4b:f7:7a:45:da:68:6c:00:dd:41:a1:06:19:f4:70:e8:
2f:44:fb:dc:15:51:fb:25:df:b9:38:56:92:91:cd:11:2e:37:
16:6b:24:28:93:71:c7:f3:d7:e6:35:0d:42:73:1e:4a:51:ab:
ea:dc:ca:d4:9a:44:29:4f:39:fb:23:63:9c:6e:e8:e6:49:83:
0b:db:0f:f7:c3:d7:b2:2a:25:80:8d:83:47:f4:97:00:63:6f:
e0:5c:a4:0a:5c:00:16:6f:be:b1:c1:50:81:77:29:fb:00:9d:
9b:5d:e1:ca:66:d6:42:50:fc:95:c5:41:cb:29:a6:69:35:30:
e0:b6:f2:65:33:4a:c1:5d:78:48:ae:7a:36:df:d9:4d:bb:5a:
83:f6:c4:a4:87:e7:23:a3:30:a6:11:94:07:e9:f1:c9:df:c3:
fc:4c:75:b6:5c:ea:d0:bf:cb:f2:74:82:f6:b1:69:2d:8d:53:
4a:70:9e:a4:e0:31:63:a4:25:b7:84:43:20:cb:d4:5d:cb:aa:
e4:ef:59:6b:ad:3c:13:03:46:c1:32:79:94:a2:9a:92:f2:32:
05:33:6f:54:60:53:4d:02:35:92:06:eb:72:77:cb:69:93:da:
98:96:33:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHX0Y3eqaqDa79QK+MWZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDYyZTRjYzI2ZjJkZjc2ZWYzMDhjZTdhNmUzYzgzNDRj
OWQwMzEwHhcNMjMwMTAxMjA1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA5YzM2NGEwMWY2OWQ0NzcwMzc4OTI4MzdkOGNhYzEwNTNiOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPKTIV3KCXfDOBj97CSi+eLcgonZ
KYlhtNW2KyIJC9FaJc/8ho9IRInzCrrvat8uS1gGOHgyRIg/4IywavZkpcWctL+9
FSjmIRbyw9hq2ODa6nVm++nUZgxh3d9snxWRcj8WvzUQ/t4qHX0oNkmYb9JC+yHM
/UpDFj95++r3ZQYIUSZlrrl2OmcoRYWXKWB47HuPcJsgo/0n1pdUuX/Nx5anAyDC
ibTYaq7cF9tmi5tBxPnFrMerv7X6AwdNDsneCb0SOZ4FP3suFLi6vqjTJhqM+MK1
/HecAGiYw0470nV/P11AMD4dDy1iEE4NS7fLuS+Ha3+DvITE16JIFq9aqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIJw2SgH2nUdwN4koN9jKwQU7n4MB8GA1UdIwQY
MBaAFNgGLkzCby33bvMIznpuPINEydAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAt
NGUyNjVkODk2NWVhLzEvUWduRFpLQWZhZFIzQTNpU2czMk1yQkJUdWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAtNGUyNjVkODk2NWVh
LzEvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0ByMA0G
CSqGSIb3DQEBCwUAA4IBAQAVbsQU6TqoO9VgXdyJ9uKdcsAIh0v3ekXaaGwA3UGh
Bhn0cOgvRPvcFVH7Jd+5OFaSkc0RLjcWayQok3HH89fmNQ1Ccx5KUavq3MrUmkQp
Tzn7I2OcbujmSYML2w/3w9eyKiWAjYNH9JcAY2/gXKQKXAAWb76xwVCBdyn7AJ2b
XeHKZtZCUPyVxUHLKaZpNTDgtvJlM0rBXXhIrno239lNu1qD9sSkh+cjozCmEZQH
6fHJ38P8THW2XOrQv8vydIL2sWktjVNKcJ6k4DFjpCW3hEMgy9Rdy6rk71lrrTwT
A0bBMnmUopqS8jIFM29UYFNNAjWSButyd8tpk9qYljMR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:14 2024 by rpki-client on console-ams.rpki-client.org