Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/067d02-52b6-43c4-bf01-ecb5fecf7d0e/1/QUTYy5DDss2sqMvWr4nwKY0bOlQ.roa
File: QUTYy5DDss2sqMvWr4nwKY0bOlQ.roa (raw, json)
Hash identifier: uC04tuGEQAyOoRhUlpjp4+H/dZYIrT4mhF7SihoWXcA=
Subject key identifier: 41:44:D8:CB:90:C3:B2:CD:AC:A8:CB:D6:AF:89:F0:29:8D:1B:3A:54
Certificate issuer: /CN=219f8d1fba35d49835d42fcd2294008fa741da8f
Certificate serial: 018CC871359BC78F90B66E2EA9DB2D8CB5D6
Authority key identifier: 21:9F:8D:1F:BA:35:D4:98:35:D4:2F:CD:22:94:00:8F:A7:41:DA:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZ-NH7o11Jg11C_NIpQAj6dB2o8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/067d02-52b6-43c4-bf01-ecb5fecf7d0e/1/QUTYy5DDss2sqMvWr4nwKY0bOlQ.roa
Signing time: Tue 02 Jan 2024 04:31:51 +0000
ROA not before: Tue 02 Jan 2024 04:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 193.32.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:35:9b:c7:8f:90:b6:6e:2e:a9:db:2d:8c:b5:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219f8d1fba35d49835d42fcd2294008fa741da8f
Validity
Not Before: Jan 2 04:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4144d8cb90c3b2cdaca8cbd6af89f0298d1b3a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e3:43:0f:cf:e6:72:c8:34:19:36:d6:db:9b:
b0:68:e7:6e:4f:3c:14:6a:6e:a6:19:e8:2e:40:36:
2f:43:7f:19:fc:f0:31:36:66:91:03:8b:64:9c:0f:
3b:f5:19:ac:8c:6c:46:70:66:8e:b6:a0:3c:b3:a8:
3f:53:10:98:33:80:f2:d0:b2:5d:fc:30:45:b8:9b:
f4:c7:60:0a:3f:fe:d0:6c:c3:b3:5e:2c:0a:02:ba:
f6:3d:43:33:71:a3:40:47:84:8f:99:c5:db:71:3d:
c4:89:27:a1:9f:88:85:69:6a:7f:2b:9b:fe:9d:1f:
6f:a8:a5:24:57:b2:83:2e:1d:6d:9a:33:94:ef:8b:
b4:e0:e9:de:51:01:cc:8f:c0:b0:44:69:7d:7c:8b:
85:3d:ea:ab:34:cf:06:7f:36:c2:7c:46:bf:37:d6:
4c:46:39:9d:b8:e4:13:be:60:1d:16:a9:9c:b6:29:
ee:7b:7d:13:9b:bc:5a:3e:c7:cf:3e:97:2c:2c:69:
83:61:59:79:16:b3:e7:2e:18:f9:9d:ae:6c:b5:1f:
da:45:4e:07:5d:df:31:af:e3:8d:86:db:8b:96:8d:
42:69:4e:6d:b1:8f:2b:ec:ec:0d:29:a5:6c:50:cf:
38:d7:e7:cb:a3:b2:c4:58:1d:4d:80:08:38:db:ae:
1a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:44:D8:CB:90:C3:B2:CD:AC:A8:CB:D6:AF:89:F0:29:8D:1B:3A:54
X509v3 Authority Key Identifier:
keyid:21:9F:8D:1F:BA:35:D4:98:35:D4:2F:CD:22:94:00:8F:A7:41:DA:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZ-NH7o11Jg11C_NIpQAj6dB2o8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/067d02-52b6-43c4-bf01-ecb5fecf7d0e/1/QUTYy5DDss2sqMvWr4nwKY0bOlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/067d02-52b6-43c4-bf01-ecb5fecf7d0e/1/IZ-NH7o11Jg11C_NIpQAj6dB2o8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.85.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:0b:7a:41:81:35:4c:38:5b:22:b3:b1:aa:ad:bd:39:33:76:
34:dd:39:9a:f5:f1:e7:db:b3:0e:70:d0:ad:22:1e:1d:06:2c:
5a:ce:a4:78:da:30:f9:ed:95:b9:ab:82:36:3f:91:22:de:51:
67:2a:a5:e2:50:07:e8:70:20:c4:48:39:c3:a7:da:df:7d:db:
cf:f0:34:eb:c4:a1:d6:4a:d9:37:fe:51:42:02:8f:86:d2:01:
53:ed:5f:6f:d8:ab:7c:71:94:c0:49:da:1a:71:f3:cc:7e:90:
5e:7f:e2:f9:1f:05:a6:40:d4:96:e3:3a:cf:8e:2f:b3:65:55:
db:b2:b8:24:af:63:30:e6:d1:f6:91:39:1a:d6:5e:8b:01:63:
94:0f:56:b7:84:5c:ee:97:72:73:0d:37:18:c5:7e:be:2d:cf:
85:fe:a2:93:01:83:08:0f:64:57:a1:6f:11:54:ef:43:0c:d5:
b8:27:ed:90:0f:37:3c:bb:f2:b6:68:cc:3a:c1:5d:f0:b5:1a:
ac:bc:d0:f6:22:4b:da:19:22:f9:25:b2:b5:a8:d6:33:a2:bc:
ec:42:3a:f2:87:c7:6f:eb:05:57:a4:ae:66:b7:8c:41:e4:33:
6c:f6:cf:33:0d:c1:8f:df:ce:9b:63:3e:d6:1f:e9:1a:86:eb:
89:80:dc:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcTWbx4+Qtm4uqdstjLXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOWY4ZDFmYmEzNWQ0OTgzNWQ0MmZjZDIyOTQwMDhmYTc0
MWRhOGYwHhcNMjQwMTAyMDQzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ0ZDhjYjkwYzNiMmNkYWNhOGNiZDZhZjg5ZjAyOThkMWIzYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleNDD8/mcsg0GTbW25uwaOduTzwU
am6mGeguQDYvQ38Z/PAxNmaRA4tknA879RmsjGxGcGaOtqA8s6g/UxCYM4Dy0LJd
/DBFuJv0x2AKP/7QbMOzXiwKArr2PUMzcaNAR4SPmcXbcT3EiSehn4iFaWp/K5v+
nR9vqKUkV7KDLh1tmjOU74u04OneUQHMj8CwRGl9fIuFPeqrNM8GfzbCfEa/N9ZM
RjmduOQTvmAdFqmctinue30Tm7xaPsfPPpcsLGmDYVl5FrPnLhj5na5stR/aRU4H
Xd8xr+ONhtuLlo1CaU5tsY8r7OwNKaVsUM841+fLo7LEWB1NgAg4264aQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFE2MuQw7LNrKjL1q+J8CmNGzpUMB8GA1UdIwQY
MBaAFCGfjR+6NdSYNdQvzSKUAI+nQdqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVotTkg3bzExSmcxMUNfTklwUUFqNmRCMm84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNjdkMDItNTJiNi00M2M0LWJmMDEt
ZWNiNWZlY2Y3ZDBlLzEvUVVUWXk1RERzczJzcU12V3I0bndLWTBiT2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wNjdkMDItNTJiNi00M2M0LWJmMDEtZWNiNWZlY2Y3ZDBl
LzEvSVotTkg3bzExSmcxMUNfTklwUUFqNmRCMm84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSBVMA0G
CSqGSIb3DQEBCwUAA4IBAQBcC3pBgTVMOFsis7Gqrb05M3Y03Tma9fHn27MOcNCt
Ih4dBixazqR42jD57ZW5q4I2P5Ei3lFnKqXiUAfocCDESDnDp9rffdvP8DTrxKHW
Stk3/lFCAo+G0gFT7V9v2Kt8cZTASdoacfPMfpBef+L5HwWmQNSW4zrPji+zZVXb
srgkr2Mw5tH2kTka1l6LAWOUD1a3hFzul3JzDTcYxX6+Lc+F/qKTAYMID2RXoW8R
VO9DDNW4J+2QDzc8u/K2aMw6wV3wtRqsvND2IkvaGSL5JbK1qNYzorzsQjryh8dv
6wVXpK5mt4xB5DNs9s8zDcGP386bYz7WH+kahuuJgNzG
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:36:54 2025 by rpki-client