Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/onql_vLFkfny5LtAO09oO2kr-JQ.roa
File: onql_vLFkfny5LtAO09oO2kr-JQ.roa (raw, json)
Hash identifier: HquTpMaJMtrVBBgWq474B2nepZUevyCskNiHfyQkPsw=
Subject key identifier: A2:7A:A5:FE:F2:C5:91:F9:F2:E4:BB:40:3B:4F:68:3B:69:2B:F8:94
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 01834BE95C2765543CD6044B2B233D96DCB1
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/onql_vLFkfny5LtAO09oO2kr-JQ.roa
Signing time: Sat 17 Sep 2022 14:45:28 +0000
ROA not before: Sat 17 Sep 2022 14:45:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.209.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4b:e9:5c:27:65:54:3c:d6:04:4b:2b:23:3d:96:dc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Sep 17 14:45:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a27aa5fef2c591f9f2e4bb403b4f683b692bf894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:f4:3c:1f:34:cf:50:84:ac:26:a0:78:94:
00:ea:8d:a8:bb:61:da:be:94:f1:54:db:53:75:fc:
b7:2b:03:c9:47:c8:3d:48:d0:22:be:92:58:25:1a:
16:79:6b:0c:45:20:af:6f:34:7a:7c:62:42:ce:b3:
b1:5e:6b:08:84:f7:42:0a:02:ee:76:17:a8:4d:14:
ec:39:cb:84:00:28:bb:36:6a:30:96:d5:a8:a0:fe:
5a:1f:e0:f7:45:99:db:24:56:0d:71:78:c8:e3:4c:
79:c7:db:38:98:10:d5:2e:f8:f5:02:21:3c:b5:aa:
f7:cc:4b:12:22:0b:b2:72:0d:30:52:65:e8:1f:b6:
75:f6:b3:1b:a0:76:f3:49:99:f1:a9:4d:2b:f9:3a:
83:a1:51:21:82:46:ed:f3:fe:4b:71:9f:8d:7b:cf:
bc:bb:63:06:77:38:a1:53:b8:d6:01:7d:6d:6a:fb:
59:e4:8e:3b:ed:20:55:c1:4d:ac:06:ae:13:57:c7:
35:d8:6c:77:02:78:eb:04:77:e6:8d:ba:b2:74:12:
45:db:af:e2:ce:8d:ce:3b:a6:4d:f5:6e:08:d9:31:
98:66:e3:e3:73:ce:fc:f7:58:e5:f4:8e:84:26:4d:
16:fa:2a:7e:8e:9f:f8:e1:4e:dc:95:5c:4f:78:21:
84:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7A:A5:FE:F2:C5:91:F9:F2:E4:BB:40:3B:4F:68:3B:69:2B:F8:94
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/onql_vLFkfny5LtAO09oO2kr-JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.221.0/24
Signature Algorithm: sha256WithRSAEncryption
34:59:d6:28:7f:19:dc:0f:64:ef:a5:ce:a8:79:70:ec:66:a9:
0a:20:bd:5f:21:46:b3:a7:42:bd:88:77:b0:80:bc:8b:4f:8b:
78:af:54:fc:64:ed:78:c8:71:74:95:2e:cc:91:49:35:37:d0:
3d:15:09:3a:69:64:65:f4:92:93:d3:f3:a0:92:4d:79:4e:8c:
3b:66:a1:d8:00:7a:ed:a5:04:7d:96:e1:a9:10:a3:e5:54:71:
10:03:4b:f7:77:5d:1c:17:18:0e:6a:e6:39:dd:a0:66:23:71:
64:cc:85:a5:fe:09:34:12:cb:78:0d:57:c7:84:c1:03:7e:5b:
8c:49:b6:57:76:c4:fe:f4:27:3b:b8:ea:bc:8a:89:0c:3b:e4:
f0:fc:63:61:f7:55:28:1c:78:ac:67:a7:43:3c:ad:dc:26:65:
84:35:3a:a7:e0:84:92:64:c6:c4:37:7c:b5:3e:ed:1d:56:03:
d0:a5:f6:09:77:d2:5c:69:da:83:19:11:4f:e2:4d:9a:ba:53:
70:e6:55:e4:2f:94:47:6c:4f:4d:8a:70:37:1b:e8:0d:bd:15:
15:68:eb:7e:cb:02:53:cc:8f:36:59:36:e1:3b:d9:5b:cd:67:
1d:6e:53:32:d0:ff:cd:85:51:99:af:e0:8f:79:d3:10:1f:93:
6b:bd:f5:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNL6VwnZVQ81gRLKyM9ltyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIwOTE3MTQ0NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdhYTVmZWYyYzU5MWY5ZjJlNGJiNDAzYjRmNjgzYjY5MmJmODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubL0PB80z1CErCageJQA6o2ou2Ha
vpTxVNtTdfy3KwPJR8g9SNAivpJYJRoWeWsMRSCvbzR6fGJCzrOxXmsIhPdCCgLu
dheoTRTsOcuEACi7NmowltWooP5aH+D3RZnbJFYNcXjI40x5x9s4mBDVLvj1AiE8
tar3zEsSIguycg0wUmXoH7Z19rMboHbzSZnxqU0r+TqDoVEhgkbt8/5LcZ+Ne8+8
u2MGdzihU7jWAX1tavtZ5I477SBVwU2sBq4TV8c12Gx3AnjrBHfmjbqydBJF26/i
zo3OO6ZN9W4I2TGYZuPjc87891jl9I6EJk0W+ip+jp/44U7clVxPeCGEOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ6pf7yxZH58uS7QDtPaDtpK/iUMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvb25xbF92TEZrZm55NUx0QU8wOW9PMmtyLUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdHdMA0G
CSqGSIb3DQEBCwUAA4IBAQA0WdYofxncD2Tvpc6oeXDsZqkKIL1fIUazp0K9iHew
gLyLT4t4r1T8ZO14yHF0lS7MkUk1N9A9FQk6aWRl9JKT0/Ogkk15Tow7ZqHYAHrt
pQR9luGpEKPlVHEQA0v3d10cFxgOauY53aBmI3FkzIWl/gk0Est4DVfHhMEDfluM
SbZXdsT+9Cc7uOq8iokMO+Tw/GNh91UoHHisZ6dDPK3cJmWENTqn4ISSZMbEN3y1
Pu0dVgPQpfYJd9JcadqDGRFP4k2aulNw5lXkL5RHbE9NinA3G+gNvRUVaOt+ywJT
zI82WTbhO9lbzWcdblMy0P/NhVGZr+CPedMQH5NrvfVC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:15 2023 by rpki-client on console-ams.rpki-client.org