Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/qCfNSjbitI7Et5lSX1rtmaive_0.roa
File: qCfNSjbitI7Et5lSX1rtmaive_0.roa (raw, json)
Hash identifier: 1fS+iseUgmiw070ru2CUkkEKwBoPzkT1Bp7jleLafaY=
Subject key identifier: A8:27:CD:4A:36:E2:B4:8E:C4:B7:99:52:5F:5A:ED:99:A8:AF:7B:FD
Certificate issuer: /CN=086438e9889389829fa5f51b6a210731082eac22
Certificate serial: 01942669F08E0B9CF62A33500B8782D1607B
Authority key identifier: 08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/qCfNSjbitI7Et5lSX1rtmaive_0.roa
Signing time: Thu 02 Jan 2025 09:47:44 +0000
ROA not before: Thu 02 Jan 2025 09:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400318
IP address blocks: 193.57.228.0/24 maxlen: 24
193.57.229.0/24 maxlen: 24
193.57.230.0/24 maxlen: 24
193.57.231.0/24 maxlen: 24
194.165.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:f0:8e:0b:9c:f6:2a:33:50:0b:87:82:d1:60:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086438e9889389829fa5f51b6a210731082eac22
Validity
Not Before: Jan 2 09:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a827cd4a36e2b48ec4b799525f5aed99a8af7bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:ff:3b:4e:c4:e3:9f:1c:a7:0e:3a:90:87:
e5:60:aa:15:31:62:76:1a:75:5a:24:ac:68:bc:bf:
57:05:fd:7d:8f:dd:0b:4d:b5:9e:33:a6:ea:16:35:
18:b3:ae:a1:cb:f0:1e:f6:2f:66:48:92:96:ad:bd:
eb:0c:09:79:37:49:92:d7:7b:a8:7c:3e:01:58:91:
31:8d:8f:df:72:b4:a0:61:3a:47:72:d6:98:6e:e4:
e4:00:c3:dd:10:0b:7d:32:0e:aa:75:4f:42:8c:f5:
aa:6b:eb:6b:20:c4:22:01:ca:d0:cc:9b:20:a7:7c:
20:34:07:d1:3e:d2:da:f4:32:4a:85:2a:8a:4f:df:
f2:0c:20:53:65:53:80:f5:05:1d:7c:3e:85:5d:90:
97:ad:ae:cc:2e:9a:45:70:ee:6a:c3:9c:a0:bc:d0:
5c:65:4b:cc:66:a4:ec:c3:55:03:fc:7d:39:8a:dd:
1e:07:9b:aa:db:ab:14:01:8e:fa:40:4d:bf:4c:07:
2c:0e:81:0c:ec:55:ec:d2:d8:4d:58:a7:bb:af:d2:
2b:a3:ef:e9:c7:6b:5a:07:b6:83:74:e0:35:09:e7:
d1:57:47:ad:7e:07:c3:3c:ad:e9:9f:49:4d:a0:70:
a6:15:e4:62:f5:4f:c2:01:df:90:2c:f3:e0:3f:c1:
6e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:27:CD:4A:36:E2:B4:8E:C4:B7:99:52:5F:5A:ED:99:A8:AF:7B:FD
X509v3 Authority Key Identifier:
keyid:08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/qCfNSjbitI7Et5lSX1rtmaive_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.228.0/22
194.165.37.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c2:71:f0:ca:fe:ed:79:dc:fd:a9:09:3c:28:14:ce:48:85:
f3:93:53:1d:60:1f:44:c7:7b:a0:94:39:72:98:11:b9:1f:a9:
02:be:7b:06:59:b6:88:b0:f6:ed:39:a6:d8:4e:09:cb:d8:15:
7b:91:d6:b1:81:8f:ab:75:e9:64:b9:f9:60:ce:1f:02:11:a3:
ba:54:7d:13:88:2c:b6:ee:74:65:70:94:39:78:48:aa:43:44:
1e:fc:54:de:52:d7:4b:fe:16:90:29:53:f4:1a:9b:09:66:3b:
2a:1f:e9:87:7e:ea:3f:e8:15:ec:51:10:b0:9e:81:87:b1:68:
0d:fa:27:08:be:9b:3c:01:b5:8e:b4:8b:12:3d:10:ff:60:67:
56:88:95:fc:76:22:b2:e5:28:ef:d2:86:cb:6e:15:35:fe:3d:
bd:1e:e6:73:a2:ed:4e:b0:f5:8c:74:76:3b:7e:ec:ef:e6:cd:
b6:e3:2d:e4:7d:66:35:2d:6f:a5:a2:6e:29:1f:2d:35:51:81:
40:f5:d1:84:c4:cf:6c:14:67:64:57:8a:ae:24:55:bb:fd:91:
ee:d4:a3:cc:d2:ab:15:d2:7d:e1:6b:db:8c:8d:b2:a8:10:e3:
1d:dc:c5:54:ae:91:e4:8c:4d:ba:a6:a1:b3:5d:92:09:72:29:
99:3d:9c:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmafCOC5z2KjNQC4eC0WB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjQzOGU5ODg5Mzg5ODI5ZmE1ZjUxYjZhMjEwNzMxMDgy
ZWFjMjIwHhcNMjUwMTAyMDk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI3Y2Q0YTM2ZTJiNDhlYzRiNzk5NTI1ZjVhZWQ5OWE4YWY3YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGv/O07E458cpw46kIflYKoVMWJ2
GnVaJKxovL9XBf19j90LTbWeM6bqFjUYs66hy/Ae9i9mSJKWrb3rDAl5N0mS13uo
fD4BWJExjY/fcrSgYTpHctaYbuTkAMPdEAt9Mg6qdU9CjPWqa+trIMQiAcrQzJsg
p3wgNAfRPtLa9DJKhSqKT9/yDCBTZVOA9QUdfD6FXZCXra7MLppFcO5qw5ygvNBc
ZUvMZqTsw1UD/H05it0eB5uq26sUAY76QE2/TAcsDoEM7FXs0thNWKe7r9Iro+/p
x2taB7aDdOA1CefRV0etfgfDPK3pn0lNoHCmFeRi9U/CAd+QLPPgP8FupwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKgnzUo24rSOxLeZUl9a7Zmor3v9MB8GA1UdIwQY
MBaAFAhkOOmIk4mCn6X1G2ohBzEILqwiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1Yzgt
YTc4MTBlM2ExYmViLzEvcUNmTlNqYml0STdFdDVsU1gxcnRtYWl2ZV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1YzgtYTc4MTBlM2ExYmVi
LzEvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwTnkAwQA
wqUlMA0GCSqGSIb3DQEBCwUAA4IBAQCOwnHwyv7tedz9qQk8KBTOSIXzk1MdYB9E
x3uglDlymBG5H6kCvnsGWbaIsPbtOabYTgnL2BV7kdaxgY+rdelkuflgzh8CEaO6
VH0TiCy27nRlcJQ5eEiqQ0Qe/FTeUtdL/haQKVP0GpsJZjsqH+mHfuo/6BXsURCw
noGHsWgN+icIvps8AbWOtIsSPRD/YGdWiJX8diKy5Sjv0obLbhU1/j29HuZzou1O
sPWMdHY7fuzv5s224y3kfWY1LW+lom4pHy01UYFA9dGExM9sFGdkV4quJFW7/ZHu
1KPM0qsV0n3ha9uMjbKoEOMd3MVUrpHkjE26pqGzXZIJcimZPZx8
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:51:00 2025 by rpki-client