Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/QzYmTvc-vIYHFQFHil12Pt_ZN8g.roa
File: QzYmTvc-vIYHFQFHil12Pt_ZN8g.roa (raw, json)
Hash identifier: 8SEyM+9x5nOP2NeT3g02fSTYuxIz9FpWLguFe8HKzd8=
Subject key identifier: 43:36:26:4E:F7:3E:BC:86:07:15:01:47:8A:5D:76:3E:DF:D9:37:C8
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01944F07328C0AE10CBB4D4207E316E07CE4
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/QzYmTvc-vIYHFQFHil12Pt_ZN8g.roa
Signing time: Fri 10 Jan 2025 07:04:19 +0000
ROA not before: Fri 10 Jan 2025 07:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.191.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:07:32:8c:0a:e1:0c:bb:4d:42:07:e3:16:e0:7c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 10 07:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4336264ef73ebc86071501478a5d763edfd937c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6e:96:49:c2:e9:a9:27:a5:a5:74:14:59:02:
03:73:9b:3a:32:44:73:03:ba:05:0c:3d:85:04:2d:
ff:e2:f1:7a:c3:c8:0e:5d:8a:6c:56:79:57:47:1f:
8a:b2:30:f8:72:c4:e3:1d:9a:aa:74:59:d1:41:c5:
4c:7f:8a:0f:6a:dc:1d:d1:fe:71:9b:06:6e:48:ca:
20:53:cc:ed:46:b6:2f:5d:6b:f4:5c:75:30:1b:14:
67:ba:c5:71:4a:f9:65:79:77:02:77:12:ee:6e:ef:
9f:95:37:d3:cb:d3:db:dc:1f:51:ce:79:4f:a5:2d:
27:9d:a2:0b:de:4b:cb:5c:ba:a2:9a:62:b4:a7:98:
d8:e5:84:36:8d:57:d2:ef:a1:33:28:9b:e7:a1:eb:
71:89:27:22:d3:aa:3f:d9:10:e6:db:9f:d3:45:ae:
c3:78:42:1e:6a:b7:0c:2a:60:df:b1:2e:a8:97:3e:
3e:6c:1b:90:9b:ff:88:48:59:d1:f7:ec:7d:d9:36:
e3:7d:b7:b3:c8:7b:98:e9:87:2c:4b:78:9c:5d:a2:
c3:6b:03:7c:49:b0:77:f9:e6:e4:49:c1:c1:2f:91:
f9:5a:f8:66:27:b2:d3:61:08:ad:a7:06:46:77:ff:
3f:6c:53:d5:7e:51:cc:9d:4d:f9:14:d6:57:02:fc:
68:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:36:26:4E:F7:3E:BC:86:07:15:01:47:8A:5D:76:3E:DF:D9:37:C8
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/QzYmTvc-vIYHFQFHil12Pt_ZN8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.97.0/24
Signature Algorithm: sha256WithRSAEncryption
42:47:03:a4:70:82:6e:fc:c9:d1:76:87:95:15:87:89:ce:55:
25:ee:55:df:02:40:30:ae:3a:50:6f:61:2f:36:c5:8c:f7:d7:
51:1c:52:53:0b:3a:f9:da:7d:6b:9c:2d:19:bd:6e:d9:ca:98:
00:6f:2a:a5:c8:62:75:83:41:f2:e6:57:fc:0c:67:92:b4:91:
9b:d5:18:2b:71:a3:97:f2:44:8a:35:4f:01:3a:61:57:5a:3a:
49:87:f2:e2:b4:1f:98:a9:c2:e2:19:91:67:64:50:92:3e:11:
84:85:34:3d:00:db:48:50:64:70:59:73:ad:2c:4b:4d:2f:3a:
1a:66:2e:5e:df:c0:b8:79:6c:b0:5a:ce:e4:7e:57:90:8a:9f:
82:77:bf:e6:78:7f:fe:90:41:70:11:45:79:b2:15:d9:47:96:
7d:c4:dc:ee:d5:f3:95:85:3e:80:dd:10:59:07:af:02:28:9a:
de:e9:7f:49:da:ba:91:ab:83:b5:6d:a5:ba:90:8c:69:23:4f:
45:56:10:13:07:c8:80:15:7c:74:04:ee:ba:5d:14:72:41:51:
be:6b:40:a1:17:da:97:af:b1:9b:15:33:09:46:2f:69:cc:20:
84:06:2f:52:5c:09:81:df:a5:52:ae:43:63:20:b7:6c:e2:10:
54:fa:66:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRPBzKMCuEMu01CB+MW4HzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTEwMDcwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM2MjY0ZWY3M2ViYzg2MDcxNTAxNDc4YTVkNzYzZWRmZDkzN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW6WScLpqSelpXQUWQIDc5s6MkRz
A7oFDD2FBC3/4vF6w8gOXYpsVnlXRx+KsjD4csTjHZqqdFnRQcVMf4oPatwd0f5x
mwZuSMogU8ztRrYvXWv0XHUwGxRnusVxSvlleXcCdxLubu+flTfTy9Pb3B9RznlP
pS0nnaIL3kvLXLqimmK0p5jY5YQ2jVfS76EzKJvnoetxiSci06o/2RDm25/TRa7D
eEIearcMKmDfsS6olz4+bBuQm/+ISFnR9+x92TbjfbezyHuY6YcsS3icXaLDawN8
SbB3+ebkScHBL5H5WvhmJ7LTYQitpwZGd/8/bFPVflHMnU35FNZXAvxoWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEM2Jk73PryGBxUBR4pddj7f2TfIMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvUXpZbVR2Yy12SVlIRlFGSGlsMTJQdF9aTjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9hMA0G
CSqGSIb3DQEBCwUAA4IBAQBCRwOkcIJu/MnRdoeVFYeJzlUl7lXfAkAwrjpQb2Ev
NsWM99dRHFJTCzr52n1rnC0ZvW7ZypgAbyqlyGJ1g0Hy5lf8DGeStJGb1RgrcaOX
8kSKNU8BOmFXWjpJh/LitB+YqcLiGZFnZFCSPhGEhTQ9ANtIUGRwWXOtLEtNLzoa
Zi5e38C4eWywWs7kfleQip+Cd7/meH/+kEFwEUV5shXZR5Z9xNzu1fOVhT6A3RBZ
B68CKJre6X9J2rqRq4O1baW6kIxpI09FVhATB8iAFXx0BO66XRRyQVG+a0ChF9qX
r7GbFTMJRi9pzCCEBi9SXAmB36VSrkNjILds4hBU+mba
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:39 2025 by rpki-client