Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/qcWsYUsKj2uijOUkkay0IIcPg5I.roa
File: qcWsYUsKj2uijOUkkay0IIcPg5I.roa (raw, json)
Hash identifier: XwR1QhOdOgyWqCgQIK+o5GFfQMfwxHAxkkmlRgUywbE=
Subject key identifier: A9:C5:AC:61:4B:0A:8F:6B:A2:8C:E5:24:91:AC:B4:20:87:0F:83:92
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CD4C5E522AEACF18090D5BD4B9FC6EAB2
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/qcWsYUsKj2uijOUkkay0IIcPg5I.roa
Signing time: Thu 04 Jan 2024 13:59:48 +0000
ROA not before: Thu 04 Jan 2024 13:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47159
IP address blocks: 84.21.12.0/23 maxlen: 23
87.229.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:c5:e5:22:ae:ac:f1:80:90:d5:bd:4b:9f:c6:ea:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 4 13:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9c5ac614b0a8f6ba28ce52491acb420870f8392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e9:e6:8c:fa:cf:80:ec:89:11:a1:6d:e7:99:
8e:a3:6d:7a:28:ee:92:85:fe:df:48:63:cc:a5:ab:
35:7d:c3:9c:15:05:15:f3:89:40:60:aa:e4:6a:61:
1e:1f:a2:4d:26:24:26:9d:57:56:08:3e:b7:98:6c:
a1:7e:11:03:c2:ed:84:af:d5:d0:a3:e1:85:d2:6c:
35:c0:ce:d5:04:77:d3:f7:4e:23:51:bd:97:e1:fd:
27:c0:8a:be:a8:26:fa:e9:38:07:b6:5e:89:94:ce:
a8:fb:de:e7:0f:56:db:35:5a:ec:c5:fa:92:16:1e:
73:8a:18:bb:e7:5a:31:7e:ed:b6:fd:de:c2:4a:92:
f1:a7:bf:18:93:2d:81:b8:09:e6:a7:99:ec:c0:f1:
af:54:5b:a0:5b:07:42:7c:e1:fd:a5:a8:9e:4d:02:
fd:1b:75:39:a1:cb:a5:32:1f:4f:c1:97:05:b5:3c:
91:25:50:02:72:98:96:0e:1e:1c:b6:03:dc:a9:44:
2d:c3:ed:d1:fb:55:d6:cb:f8:8d:de:12:41:28:85:
f8:38:1b:ca:2b:aa:44:72:63:9a:6f:08:21:c7:e6:
51:ae:7f:11:3d:aa:7f:84:3c:ff:39:43:84:ce:33:
ec:20:69:75:4e:cd:86:71:9c:69:b1:b6:49:53:b4:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C5:AC:61:4B:0A:8F:6B:A2:8C:E5:24:91:AC:B4:20:87:0F:83:92
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/qcWsYUsKj2uijOUkkay0IIcPg5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.12.0/23
87.229.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:f4:3e:2d:3c:b5:5d:ab:2f:52:93:9c:c3:12:82:45:e2:76:
39:16:e3:51:b5:53:d6:d8:5c:dc:6c:0b:e4:37:91:40:fc:98:
17:b4:cf:5a:f7:3b:10:2c:90:61:f1:1f:3c:39:47:01:92:7e:
46:8f:32:db:d4:2a:69:82:f6:58:d7:5e:fd:7c:24:49:af:64:
1c:7f:a2:0b:82:5f:85:fc:ca:a3:2a:13:a6:7f:cf:62:9f:13:
a3:39:54:30:18:b8:f9:9b:63:9a:2f:be:1a:13:05:e9:cd:ff:
e0:ba:db:ca:a3:f4:64:2b:55:0d:22:12:1c:2c:8f:27:58:6f:
21:2e:de:23:bf:b9:eb:b7:6d:92:a7:a6:3e:3d:c9:c2:f4:5a:
ff:61:55:6b:97:44:6d:17:7a:c4:bf:cd:9b:49:60:69:9a:9b:
ed:92:77:a8:ba:17:f0:44:51:31:28:28:f5:67:9c:65:e0:c9:
73:2d:e5:2a:2e:af:83:59:12:5e:f9:07:2b:24:ea:45:a3:3e:
2e:a5:86:80:14:01:0f:3e:c0:f5:3f:4b:8d:37:69:ff:d9:2e:
fb:26:2e:11:84:f5:f3:9f:08:88:5a:c5:71:b1:72:c3:89:3b:
8b:c8:90:dd:1d:d0:34:43:ee:9d:d4:c9:bd:ca:af:9d:72:63:
48:49:30:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzUxeUirqzxgJDVvUufxuqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA0MTM1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM1YWM2MTRiMGE4ZjZiYTI4Y2U1MjQ5MWFjYjQyMDg3MGY4MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqunmjPrPgOyJEaFt55mOo216KO6S
hf7fSGPMpas1fcOcFQUV84lAYKrkamEeH6JNJiQmnVdWCD63mGyhfhEDwu2Er9XQ
o+GF0mw1wM7VBHfT904jUb2X4f0nwIq+qCb66TgHtl6JlM6o+97nD1bbNVrsxfqS
Fh5zihi751oxfu22/d7CSpLxp78Yky2BuAnmp5nswPGvVFugWwdCfOH9paieTQL9
G3U5oculMh9PwZcFtTyRJVACcpiWDh4ctgPcqUQtw+3R+1XWy/iN3hJBKIX4OBvK
K6pEcmOabwghx+ZRrn8RPap/hDz/OUOEzjPsIGl1Ts2GcZxpsbZJU7SVjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnFrGFLCo9roozlJJGstCCHD4OSMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvcWNXc1lVc0tqMnVpak9Va2theTBJSWNQZzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVBUMAwQC
V+U8MA0GCSqGSIb3DQEBCwUAA4IBAQB89D4tPLVdqy9Sk5zDEoJF4nY5FuNRtVPW
2FzcbAvkN5FA/JgXtM9a9zsQLJBh8R88OUcBkn5GjzLb1CppgvZY1179fCRJr2Qc
f6ILgl+F/MqjKhOmf89inxOjOVQwGLj5m2OaL74aEwXpzf/gutvKo/RkK1UNIhIc
LI8nWG8hLt4jv7nrt22Sp6Y+PcnC9Fr/YVVrl0RtF3rEv82bSWBpmpvtkneouhfw
RFExKCj1Z5xl4MlzLeUqLq+DWRJe+QcrJOpFoz4upYaAFAEPPsD1P0uNN2n/2S77
Ji4RhPXznwiIWsVxsXLDiTuLyJDdHdA0Q+6d1Mm9yq+dcmNISTAQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:33 2025 by rpki-client