Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QMjiuDHITuqbFP2LN3I3CZPLgWI.roa
File: QMjiuDHITuqbFP2LN3I3CZPLgWI.roa (raw, json)
Hash identifier: Kfhw8fmOPjo/OS/20uLdVFQ3N90jwnTfyYD27cLFsfI=
Subject key identifier: 40:C8:E2:B8:31:C8:4E:EA:9B:14:FD:8B:37:72:37:09:93:CB:81:62
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A2922A0C59EB31FD4AB3FF654FD1E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QMjiuDHITuqbFP2LN3I3CZPLgWI.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61371
IP address blocks: 93.171.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:29:22:a0:c5:9e:b3:1f:d4:ab:3f:f6:54:fd:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c8e2b831c84eea9b14fd8b3772370993cb8162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fd:70:68:00:73:d3:7b:cf:37:44:c9:f8:91:
77:3f:39:7c:1b:c0:20:2d:c5:6a:8d:f7:78:e3:6a:
b8:b5:b8:3a:a7:1a:68:68:bb:7c:ad:01:8a:ee:c9:
a5:59:b6:71:56:42:31:fc:8d:74:45:3b:85:7d:9c:
91:a1:a0:2c:18:7f:32:6a:e7:59:e9:b1:29:3f:ed:
79:30:54:8b:ea:dc:94:66:77:ef:ea:18:54:ca:64:
f3:a3:6d:d7:db:9b:62:ec:8b:a5:44:11:1b:78:90:
5d:5f:43:6b:e1:7f:e2:7f:3f:0f:f3:48:15:01:aa:
32:9e:12:4d:2b:e8:bf:f1:1e:da:b2:35:38:f2:12:
89:27:a3:28:d8:f7:ea:b8:b0:bd:96:9c:fb:b7:a0:
91:49:97:c2:cb:15:11:0d:df:7b:6f:8d:f5:9e:f9:
8d:5b:18:0d:8a:0e:98:6f:3b:9a:ca:36:52:93:2e:
8a:f7:02:a4:1a:79:cd:4a:01:0c:35:3f:c4:83:bd:
18:ce:9c:5f:f4:78:c3:ac:1c:a4:74:ec:86:44:f0:
b1:ae:6d:10:0a:df:f5:87:ff:65:eb:8a:1b:21:c3:
5c:ed:f1:3e:95:ff:34:d5:b0:1f:91:bc:02:bf:64:
1f:29:d2:02:c9:ad:70:80:25:a9:d6:8b:78:88:cd:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C8:E2:B8:31:C8:4E:EA:9B:14:FD:8B:37:72:37:09:93:CB:81:62
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QMjiuDHITuqbFP2LN3I3CZPLgWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.185.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e4:26:7e:be:b8:56:a7:a6:dd:c8:45:7e:7e:d2:f8:af:35:
59:fd:29:e5:2f:ad:8f:dc:0a:cd:00:41:69:48:2f:85:82:d0:
bc:90:79:86:21:36:6f:54:40:3c:31:f1:6d:df:e8:7d:95:18:
cb:15:7d:c4:10:49:0d:d8:1d:b9:4f:83:a2:d1:33:f3:49:52:
c6:47:7b:93:13:e8:da:cc:99:d5:7b:c0:2b:db:28:f4:20:fc:
c3:f4:03:f8:e0:a9:03:83:6f:fe:07:1f:90:e9:9e:fd:9d:c9:
02:87:19:86:8a:1d:1d:45:c4:31:de:b0:0f:8f:8f:35:c7:80:
82:6b:74:65:55:74:4c:54:26:fa:53:91:5b:14:bd:25:1e:ab:
4f:49:c2:6e:12:e0:79:62:bd:ca:be:ba:27:c3:8c:53:d0:6f:
ef:96:ee:c2:0a:3b:4c:55:b0:f9:ba:75:82:0d:d5:c7:1f:f9:
2b:1b:50:d1:3b:69:ba:2d:f1:af:63:7b:0d:49:40:ac:6a:0c:
50:a4:5f:16:20:a1:37:87:95:31:14:c7:71:c0:40:e3:04:b7:
2a:e6:d1:24:2f:b9:2c:61:c7:53:2a:12:91:49:f6:c1:3d:92:
7c:a3:d6:63:20:0c:a4:5e:d8:48:6e:0b:4e:ad:3e:90:5f:7b:
01:82:0e:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKikioMWesx/Uqz/2VP0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM4ZTJiODMxYzg0ZWVhOWIxNGZkOGIzNzcyMzcwOTkzY2I4MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/1waABz03vPN0TJ+JF3Pzl8G8Ag
LcVqjfd442q4tbg6pxpoaLt8rQGK7smlWbZxVkIx/I10RTuFfZyRoaAsGH8yaudZ
6bEpP+15MFSL6tyUZnfv6hhUymTzo23X25ti7IulRBEbeJBdX0Nr4X/ifz8P80gV
AaoynhJNK+i/8R7asjU48hKJJ6Mo2PfquLC9lpz7t6CRSZfCyxURDd97b431nvmN
WxgNig6YbzuayjZSky6K9wKkGnnNSgEMNT/Eg70Yzpxf9HjDrBykdOyGRPCxrm0Q
Ct/1h/9l64obIcNc7fE+lf801bAfkbwCv2QfKdICya1wgCWp1ot4iM06cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDI4rgxyE7qmxT9izdyNwmTy4FiMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUU1qaXVESElUdXFiRlAyTE4zSTNDWlBMZ1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXau5MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ5CZ+vrhWp6bdyEV+ftL4rzVZ/SnlL62P3ArNAEFp
SC+FgtC8kHmGITZvVEA8MfFt3+h9lRjLFX3EEEkN2B25T4Oi0TPzSVLGR3uTE+ja
zJnVe8Ar2yj0IPzD9AP44KkDg2/+Bx+Q6Z79nckChxmGih0dRcQx3rAPj481x4CC
a3RlVXRMVCb6U5FbFL0lHqtPScJuEuB5Yr3Kvronw4xT0G/vlu7CCjtMVbD5unWC
DdXHH/krG1DRO2m6LfGvY3sNSUCsagxQpF8WIKE3h5UxFMdxwEDjBLcq5tEkL7ks
YcdTKhKRSfbBPZJ8o9ZjIAykXthIbgtOrT6QX3sBgg6x
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:00 2025 by rpki-client