Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QgKI5aBPUOAxcbXbKUwycvlpAA0.roa
File: QgKI5aBPUOAxcbXbKUwycvlpAA0.roa (raw, json)
Hash identifier: W1+mqpp4K/OeFI4521Uvm2YH/8rtI3SFwFCR+79Ol9E=
Subject key identifier: 42:02:88:E5:A0:4F:50:E0:31:71:B5:DB:29:4C:32:72:F9:69:00:0D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01898D25BC7C0A6ABA489ADBCF0D3DBD8D6D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QgKI5aBPUOAxcbXbKUwycvlpAA0.roa
Signing time: Tue 25 Jul 2023 13:03:27 +0000
ROA not before: Tue 25 Jul 2023 13:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201159
IP address blocks: 31.148.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:25:bc:7c:0a:6a:ba:48:9a:db:cf:0d:3d:bd:8d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 25 13:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=420288e5a04f50e03171b5db294c3272f969000d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:99:10:25:d8:34:08:7d:68:a4:42:0f:0f:07:
3d:51:02:d5:8c:b0:a5:5e:e1:69:88:12:6b:2f:9e:
2a:dc:82:1b:73:a3:85:7f:83:94:e3:8c:4c:2a:58:
1e:f1:8e:42:95:1f:04:d7:c2:dd:7b:36:5b:2d:a4:
11:e5:bf:d8:d0:23:f4:d6:a2:ac:72:a0:89:ff:b1:
b6:a7:b8:86:89:dd:ec:29:cc:0c:ac:f2:19:2b:58:
17:73:ba:dc:a8:1b:a6:c9:7b:d5:14:4a:3f:d9:13:
2d:0d:b3:b4:d3:61:23:a2:71:8f:4d:b2:3a:2d:b1:
6a:fb:23:31:c2:66:5a:ad:c8:c9:2c:16:35:d2:20:
84:94:d6:46:49:11:57:71:8c:38:22:fd:e4:5b:42:
8a:05:b7:08:88:03:ad:40:9b:ba:3c:38:d3:ad:ea:
e6:94:f0:8c:7b:bc:83:83:4e:0c:12:d7:d2:7e:35:
24:d5:7e:fd:0b:c4:86:6f:6d:2e:30:00:62:f5:48:
a0:62:3b:88:4b:b0:0f:a9:05:46:59:16:30:18:13:
1c:39:b6:c3:04:bb:b2:a4:cb:fe:61:9c:53:cc:5c:
b5:a7:13:f8:4c:65:cc:8b:59:40:b0:a7:8c:93:76:
fc:bc:8d:0a:fa:5a:83:e1:b4:54:9e:e7:78:1b:14:
f2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:02:88:E5:A0:4F:50:E0:31:71:B5:DB:29:4C:32:72:F9:69:00:0D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QgKI5aBPUOAxcbXbKUwycvlpAA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:23:d8:3b:fa:b4:26:f2:95:57:63:6e:cd:1b:69:55:48:84:
a0:dc:34:00:49:7b:eb:4e:18:ba:87:b8:61:f6:e7:ed:3a:88:
c8:29:d5:3a:55:bd:f1:a1:50:4f:bc:3d:5d:6c:16:8a:85:64:
1b:1e:30:6d:08:86:f7:37:d6:47:c3:62:cd:c3:c3:81:51:70:
12:47:28:69:be:c9:00:44:c9:50:a9:d0:e2:34:f3:8d:06:77:
e0:86:d8:e0:a4:e4:31:23:ed:24:dc:49:cf:8c:ba:d6:f5:5f:
99:7d:a6:38:cc:23:91:51:22:8d:f3:b2:e0:08:7e:70:ef:ba:
89:c9:da:ad:02:74:d3:93:44:94:85:d7:d3:e9:e1:07:ad:0a:
63:0e:f8:29:04:fa:dd:0a:55:57:2b:1f:f3:85:f7:56:ad:9b:
9a:6b:1c:07:27:5e:94:6e:22:a6:74:69:cb:aa:c3:6b:18:1e:
b5:99:03:fc:9a:9c:89:83:e3:9b:e5:76:0c:df:69:02:5b:d7:
9c:cd:ec:bc:b9:33:81:ec:2f:ea:6a:c8:e4:e3:3e:1c:29:ec:
05:40:fe:1b:fa:11:65:9e:66:f3:ac:7d:24:fc:a1:58:ee:2d:
0c:bf:42:a0:f7:5e:15:e2:62:f0:54:33:9a:fe:20:c1:d3:04:
73:95:b3:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmNJbx8Cmq6SJrbzw09vY1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNzI1MTMwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjAyODhlNWEwNGY1MGUwMzE3MWI1ZGIyOTRjMzI3MmY5NjkwMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJkQJdg0CH1opEIPDwc9UQLVjLCl
XuFpiBJrL54q3IIbc6OFf4OU44xMKlge8Y5ClR8E18LdezZbLaQR5b/Y0CP01qKs
cqCJ/7G2p7iGid3sKcwMrPIZK1gXc7rcqBumyXvVFEo/2RMtDbO002EjonGPTbI6
LbFq+yMxwmZarcjJLBY10iCElNZGSRFXcYw4Iv3kW0KKBbcIiAOtQJu6PDjTrerm
lPCMe7yDg04MEtfSfjUk1X79C8SGb20uMABi9UigYjuIS7APqQVGWRYwGBMcObbD
BLuypMv+YZxTzFy1pxP4TGXMi1lAsKeMk3b8vI0K+lqD4bRUnud4GxTy2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEICiOWgT1DgMXG12ylMMnL5aQANMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUWdLSTVhQlBVT0F4Y2JYYktVd3ljdmxwQUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5SqMA0G
CSqGSIb3DQEBCwUAA4IBAQB8I9g7+rQm8pVXY27NG2lVSISg3DQASXvrThi6h7hh
9uftOojIKdU6Vb3xoVBPvD1dbBaKhWQbHjBtCIb3N9ZHw2LNw8OBUXASRyhpvskA
RMlQqdDiNPONBnfghtjgpOQxI+0k3EnPjLrW9V+ZfaY4zCORUSKN87LgCH5w77qJ
ydqtAnTTk0SUhdfT6eEHrQpjDvgpBPrdClVXKx/zhfdWrZuaaxwHJ16UbiKmdGnL
qsNrGB61mQP8mpyJg+Ob5XYM32kCW9eczey8uTOB7C/qasjk4z4cKewFQP4b+hFl
nmbzrH0k/KFY7i0Mv0Kg914V4mLwVDOa/iDB0wRzlbNc
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:56 2025 by rpki-client