Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/qL74mKXQxpFQwFGdLkvAXIhTNuE.roa
File: qL74mKXQxpFQwFGdLkvAXIhTNuE.roa (raw, json)
Hash identifier: Bw8reFWHrfgy2qPYGnDWEt8DE2xqJYP39tcnPyYAVOg=
Subject key identifier: A8:BE:F8:98:A5:D0:C6:91:50:C0:51:9D:2E:4B:C0:5C:88:53:36:E1
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01856C011EA2388301B343458082161E7CDA
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/qL74mKXQxpFQwFGdLkvAXIhTNuE.roa
Signing time: Sun 01 Jan 2023 06:24:50 +0000
ROA not before: Sun 01 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 194.113.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:1e:a2:38:83:01:b3:43:45:80:82:16:1e:7c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 1 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8bef898a5d0c69150c0519d2e4bc05c885336e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:78:cc:2d:e2:f3:2f:a4:19:64:13:b7:3d:0e:
ed:72:4a:30:08:af:c9:cd:f0:3d:75:b6:8c:21:06:
e0:b2:7f:8a:34:3a:8f:72:22:e6:11:83:51:93:25:
9b:08:92:bc:b4:0b:ba:69:4d:4e:34:ac:a1:de:bf:
8a:d6:6c:50:ae:ed:1c:6f:3e:0d:5b:3d:f2:c7:7f:
39:3a:2a:d2:e1:1d:60:91:30:6e:f8:49:24:e4:87:
81:b4:31:58:94:3f:c9:40:86:2b:10:0b:7b:2b:ac:
c9:5f:e3:2c:52:44:4e:77:f3:56:95:1b:fc:05:25:
08:3d:79:0c:56:86:4a:80:cd:da:da:ba:29:3a:30:
42:ed:ed:ee:c1:66:0a:7e:2f:dd:7c:45:2f:21:ce:
38:f3:78:fa:29:f5:0f:09:d1:7f:63:18:e2:98:ad:
9b:55:f8:90:1d:ff:f2:aa:2c:c8:67:0b:28:06:08:
14:9a:07:7f:86:0e:26:c1:c4:1f:c4:85:9d:f4:ea:
88:73:7f:42:0c:1e:2c:fa:46:6c:25:3f:fc:08:02:
ea:b7:ee:74:c1:69:61:3f:d6:cb:9f:e6:40:08:10:
5e:18:60:55:fd:0e:19:93:fe:a9:09:15:a1:fe:65:
31:a8:49:a8:8e:e2:18:30:44:78:a9:7d:5b:11:0d:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BE:F8:98:A5:D0:C6:91:50:C0:51:9D:2E:4B:C0:5C:88:53:36:E1
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/qL74mKXQxpFQwFGdLkvAXIhTNuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.238.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:94:a5:3a:ad:5a:f3:39:e8:46:0c:35:55:f8:f7:61:9a:e5:
3a:3b:ff:30:df:a5:26:08:d6:a0:98:5a:c4:b7:24:69:1e:bd:
7a:d2:2a:57:75:4c:9a:71:2f:7f:94:7a:3a:f2:51:c3:00:ac:
08:ef:b9:a0:7a:37:26:25:17:8a:4b:0f:10:2a:b1:84:58:5e:
fb:d3:03:3e:ea:d1:6c:19:d3:ff:ea:80:d0:e9:41:c4:d8:bc:
8d:85:1d:41:09:bd:b4:53:da:b3:36:75:12:aa:c6:e7:73:f7:
37:c7:f8:21:a6:2a:63:49:8e:58:31:ed:be:4b:50:e4:9f:9d:
07:4e:eb:21:b4:04:d7:1a:5f:0f:8d:25:9f:57:5b:c2:21:f5:
a4:09:65:12:d0:92:83:25:e5:c4:82:28:a5:d7:03:57:51:db:
51:e7:df:cb:5a:49:94:bd:00:9a:32:eb:7e:81:d2:97:7f:2e:
eb:b5:ff:d3:86:cb:b8:26:8c:ed:03:1c:dc:44:49:75:e2:3e:
51:97:aa:6a:29:b9:f5:42:0a:05:79:2d:31:c4:fd:e9:e1:c7:
42:65:95:f2:ac:08:6e:0d:6a:28:81:bb:7e:d0:1d:67:b4:ce:
f4:24:27:6c:e2:64:fb:fb:1f:3a:71:ce:4e:fe:95:f0:02:07:
ca:42:85:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAR6iOIMBs0NFgIIWHnzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwMTAxMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJlZjg5OGE1ZDBjNjkxNTBjMDUxOWQyZTRiYzA1Yzg4NTMzNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3jMLeLzL6QZZBO3PQ7tckowCK/J
zfA9dbaMIQbgsn+KNDqPciLmEYNRkyWbCJK8tAu6aU1ONKyh3r+K1mxQru0cbz4N
Wz3yx385OirS4R1gkTBu+Ekk5IeBtDFYlD/JQIYrEAt7K6zJX+MsUkROd/NWlRv8
BSUIPXkMVoZKgM3a2ropOjBC7e3uwWYKfi/dfEUvIc4483j6KfUPCdF/YxjimK2b
VfiQHf/yqizIZwsoBggUmgd/hg4mwcQfxIWd9OqIc39CDB4s+kZsJT/8CALqt+50
wWlhP9bLn+ZACBBeGGBV/Q4Zk/6pCRWh/mUxqEmojuIYMER4qX1bEQ3XeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi++Jil0MaRUMBRnS5LwFyIUzbhMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvcUw3NG1LWFF4cEZRd0ZHZExrdkFYSWhUTnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnHuMA0G
CSqGSIb3DQEBCwUAA4IBAQALlKU6rVrzOehGDDVV+PdhmuU6O/8w36UmCNagmFrE
tyRpHr160ipXdUyacS9/lHo68lHDAKwI77mgejcmJReKSw8QKrGEWF770wM+6tFs
GdP/6oDQ6UHE2LyNhR1BCb20U9qzNnUSqsbnc/c3x/ghpipjSY5YMe2+S1Dkn50H
TushtATXGl8PjSWfV1vCIfWkCWUS0JKDJeXEgiil1wNXUdtR59/LWkmUvQCaMut+
gdKXfy7rtf/Thsu4JoztAxzcREl14j5Rl6pqKbn1QgoFeS0xxP3p4cdCZZXyrAhu
DWoogbt+0B1ntM70JCds4mT7+x86cc5O/pXwAgfKQoWJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:20 2025 by rpki-client