Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/QEvUN67KDbFaOfZj9g3vC9rUQm8.roa
File: QEvUN67KDbFaOfZj9g3vC9rUQm8.roa (raw, json)
Hash identifier: zUZsUbWINgqv3RegkdqlIa9Hhl7pusc0/yFVE36iNwo=
Subject key identifier: 40:4B:D4:37:AE:CA:0D:B1:5A:39:F6:63:F6:0D:EF:0B:DA:D4:42:6F
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0194228E0F5019DF7FF449D6FEC4D5DB17AD
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/QEvUN67KDbFaOfZj9g3vC9rUQm8.roa
Signing time: Wed 01 Jan 2025 15:48:42 +0000
ROA not before: Wed 01 Jan 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206995
IP address blocks: 176.42.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0f:50:19:df:7f:f4:49:d6:fe:c4:d5:db:17:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=404bd437aeca0db15a39f663f60def0bdad4426f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6e:e8:32:82:cf:ae:48:01:c5:3d:49:2e:92:
32:4d:0d:4f:16:06:0a:87:5a:b3:67:d3:85:c6:56:
04:f3:40:e5:37:67:d6:52:38:2d:f7:7f:67:09:2c:
6e:d7:96:72:ef:03:d6:08:f5:f0:48:37:88:9c:49:
62:27:fe:5a:96:c2:34:60:c1:ee:72:9e:67:da:2d:
28:17:59:17:cf:17:3e:31:ef:25:a3:42:f5:fb:34:
b9:02:1c:67:ff:fa:24:ce:76:e5:ac:99:03:6d:f2:
04:bc:a7:14:ee:83:00:c1:fe:c5:eb:41:29:67:0e:
6d:e8:23:75:00:90:b1:c6:47:25:ae:39:59:52:1c:
48:ab:5a:3d:c8:fa:cf:08:ca:73:0a:f9:82:06:46:
09:5e:5d:cd:43:7f:d7:ad:3c:3a:7e:f2:ae:df:b6:
a6:70:3b:cb:2b:1d:e8:68:02:fa:a1:2b:96:41:21:
89:70:f6:bf:8c:40:a8:e5:00:00:ea:1d:23:d8:33:
59:75:9a:1c:4b:a2:10:65:4f:8b:3f:3d:7d:b2:27:
03:c2:e7:e9:e2:84:69:c6:34:cb:62:cd:8f:2f:de:
e4:d9:49:a2:4c:03:58:0a:fd:e1:90:e4:1b:d4:8c:
2e:5b:a6:77:ef:04:a3:b1:71:e9:8c:b8:a7:ec:75:
e4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4B:D4:37:AE:CA:0D:B1:5A:39:F6:63:F6:0D:EF:0B:DA:D4:42:6F
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/QEvUN67KDbFaOfZj9g3vC9rUQm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.42.9.0/24
Signature Algorithm: sha256WithRSAEncryption
90:09:ce:fa:7e:1d:ab:c8:8b:4e:f9:ec:84:65:a6:e7:17:00:
6d:b6:af:61:bc:84:b6:f0:83:ec:57:7d:be:3a:2d:1a:84:7d:
00:17:81:43:b0:63:ea:a3:1b:f6:91:4f:c2:d6:8b:8a:84:ed:
ae:f3:ae:dc:57:71:02:2e:59:d0:06:17:d5:a0:70:da:97:b7:
37:a8:19:aa:89:89:86:f4:af:39:cc:d2:a1:23:44:a7:8b:47:
41:26:19:a5:b7:39:8f:9e:bf:47:f4:d4:9b:b2:7f:03:8b:f8:
41:24:f3:a9:e7:89:9a:fc:8c:78:f1:90:66:c6:5d:f2:2a:9c:
66:3f:cf:90:ad:15:fd:f3:89:3b:ae:b6:2c:fd:7e:5c:63:5a:
0c:67:6d:f5:9d:3c:3d:40:d2:29:80:a2:cb:86:9b:1b:56:a3:
15:79:35:31:11:31:33:99:e3:ff:a5:7e:22:f7:41:36:bc:01:
0d:0f:84:15:55:81:a5:88:4f:78:39:d6:a7:c3:d1:b8:88:32:
3c:bb:50:13:26:64:6d:a9:15:48:05:46:a6:96:be:a3:bd:37:
a5:92:30:30:91:85:de:32:eb:30:0b:5c:4c:07:ca:36:81:07:
ee:f9:da:e9:21:89:38:ea:28:56:4d:86:9b:8c:93:cb:ce:f7:
34:7d:d7:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijg9QGd9/9EnW/sTV2xetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjUwMTAxMTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRiZDQzN2FlY2EwZGIxNWEzOWY2NjNmNjBkZWYwYmRhZDQ0MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu27oMoLPrkgBxT1JLpIyTQ1PFgYK
h1qzZ9OFxlYE80DlN2fWUjgt939nCSxu15Zy7wPWCPXwSDeInEliJ/5alsI0YMHu
cp5n2i0oF1kXzxc+Me8lo0L1+zS5Ahxn//okznblrJkDbfIEvKcU7oMAwf7F60Ep
Zw5t6CN1AJCxxkclrjlZUhxIq1o9yPrPCMpzCvmCBkYJXl3NQ3/XrTw6fvKu37am
cDvLKx3oaAL6oSuWQSGJcPa/jECo5QAA6h0j2DNZdZocS6IQZU+LPz19sicDwufp
4oRpxjTLYs2PL97k2UmiTANYCv3hkOQb1IwuW6Z37wSjsXHpjLin7HXk0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBL1Deuyg2xWjn2Y/YN7wva1EJvMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvUUV2VU42N0tEYkZhT2ZaajlnM3ZDOXJVUW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsCoJMA0G
CSqGSIb3DQEBCwUAA4IBAQCQCc76fh2ryItO+eyEZabnFwBttq9hvIS28IPsV32+
Oi0ahH0AF4FDsGPqoxv2kU/C1ouKhO2u867cV3ECLlnQBhfVoHDal7c3qBmqiYmG
9K85zNKhI0Sni0dBJhmltzmPnr9H9NSbsn8Di/hBJPOp54ma/Ix48ZBmxl3yKpxm
P8+QrRX984k7rrYs/X5cY1oMZ231nTw9QNIpgKLLhpsbVqMVeTUxETEzmeP/pX4i
90E2vAEND4QVVYGliE94Odanw9G4iDI8u1ATJmRtqRVIBUamlr6jvTelkjAwkYXe
MuswC1xMB8o2gQfu+drpIYk46ihWTYabjJPLzvc0fddG
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:43:42 2025 by rpki-client