Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QNnZ4-kTcvK4oSHwGTPEvHrZ5Rs.roa
File: QNnZ4-kTcvK4oSHwGTPEvHrZ5Rs.roa (raw, json)
Hash identifier: +/O1c2HIlNfhkTR2rhysPFQ3DF+7ILNfZc86qecdvZA=
Subject key identifier: 40:D9:D9:E3:E9:13:72:F2:B8:A1:21:F0:19:33:C4:BC:7A:D9:E5:1B
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0188B01548FB05246BCEF756D3D732034EF8
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QNnZ4-kTcvK4oSHwGTPEvHrZ5Rs.roa
Signing time: Mon 12 Jun 2023 14:49:24 +0000
ROA not before: Mon 12 Jun 2023 14:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 141.226.243.0/24 maxlen: 24
141.226.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b0:15:48:fb:05:24:6b:ce:f7:56:d3:d7:32:03:4e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jun 12 14:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d9d9e3e91372f2b8a121f01933c4bc7ad9e51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c7:70:86:42:4e:07:a6:30:90:18:63:cb:16:
19:e8:c0:c7:8f:38:dc:98:e5:9a:e7:ce:a8:f2:11:
12:2a:38:9c:55:38:71:ef:de:97:f0:85:06:e0:e2:
86:e3:8c:10:9f:f5:05:58:b8:98:b1:fc:2a:a7:47:
1b:93:38:92:73:da:83:1d:8e:e3:27:cf:6f:04:10:
35:7a:de:6c:72:47:4e:7b:4e:85:0d:08:0f:fd:2d:
26:a3:28:d9:1c:84:2a:cc:67:d2:16:eb:e2:9c:16:
a0:08:e0:54:83:9e:ef:6b:af:0f:1b:6d:6d:10:de:
46:f2:26:d0:87:67:a7:eb:28:3b:d3:af:60:12:92:
c0:16:df:5f:0c:ce:4d:98:b2:4c:a9:ab:5a:c7:f4:
e2:4c:df:8d:e6:f5:07:af:1e:c2:fb:74:d5:13:21:
e6:de:29:22:e2:08:59:4a:2c:7a:4b:6c:2e:73:78:
84:eb:74:88:b1:ad:79:d0:08:34:dc:07:81:1d:01:
75:a0:89:ef:53:1a:c0:a8:b1:57:45:b9:91:ef:8e:
5b:ff:53:77:71:9c:95:0f:3c:63:8d:f4:28:de:87:
3e:c0:ac:7a:5d:30:10:57:c4:83:f7:f2:8c:f4:e7:
e7:f5:09:9a:17:e8:64:41:f9:7a:5e:b6:20:80:9c:
ee:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D9:D9:E3:E9:13:72:F2:B8:A1:21:F0:19:33:C4:BC:7A:D9:E5:1B
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QNnZ4-kTcvK4oSHwGTPEvHrZ5Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.243.0/24
141.226.247.0/24
Signature Algorithm: sha256WithRSAEncryption
69:d9:71:f4:38:bf:6f:8e:a0:3a:ee:ea:a2:f6:47:e8:45:e6:
23:fa:96:8d:10:52:62:26:49:c5:8f:88:32:03:f9:e9:6e:f4:
dc:91:58:e8:72:47:3e:e1:b2:3b:17:2a:e0:48:f4:cf:e0:cc:
47:cb:bc:df:0e:e8:ae:6a:5b:70:0a:bb:55:5a:2f:17:5d:e9:
20:d0:93:0d:13:58:9f:f4:06:8d:a4:a1:52:ab:8a:5c:2f:72:
8f:c8:64:64:13:8a:27:f7:9e:d9:41:eb:e5:3b:15:1d:94:34:
d2:18:ff:11:4c:05:62:11:79:97:ef:05:af:39:51:4f:62:35:
6a:de:12:96:25:0d:9c:1b:5c:55:41:c5:f9:8e:12:e0:b2:68:
bb:be:14:a7:b8:e0:cc:fb:ab:e1:1f:7e:24:8c:3f:96:c9:1d:
7c:e1:a9:48:b1:3f:81:34:99:af:43:2a:8f:01:c9:bd:97:8f:
08:9e:8c:77:be:a8:63:73:bc:98:8f:02:2a:e2:a2:54:a2:2c:
49:02:cd:0b:ab:31:4f:7b:8d:3f:ae:fe:b6:9b:58:7c:ca:cc:
3a:3c:60:6d:19:a5:96:5a:6f:b2:81:4f:e8:df:b0:f5:9e:ba:
41:b8:7e:58:95:a2:89:ea:64:3c:f8:e3:43:4a:b1:9d:39:d0:
20:fd:e9:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiwFUj7BSRrzvdW09cyA074MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMwNjEyMTQ0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ5ZDllM2U5MTM3MmYyYjhhMTIxZjAxOTMzYzRiYzdhZDllNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcdwhkJOB6YwkBhjyxYZ6MDHjzjc
mOWa586o8hESKjicVThx796X8IUG4OKG44wQn/UFWLiYsfwqp0cbkziSc9qDHY7j
J89vBBA1et5sckdOe06FDQgP/S0moyjZHIQqzGfSFuvinBagCOBUg57va68PG21t
EN5G8ibQh2en6yg7069gEpLAFt9fDM5NmLJMqatax/TiTN+N5vUHrx7C+3TVEyHm
3iki4ghZSix6S2wuc3iE63SIsa150Ag03AeBHQF1oInvUxrAqLFXRbmR745b/1N3
cZyVDzxjjfQo3oc+wKx6XTAQV8SD9/KM9Ofn9QmaF+hkQfl6XrYggJzu/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDZ2ePpE3LyuKEh8BkzxLx62eUbMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvUU5uWjQta1Rjdks0b1NId0dUUEV2SHJaNVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjeLzAwQA
jeL3MA0GCSqGSIb3DQEBCwUAA4IBAQBp2XH0OL9vjqA67uqi9kfoReYj+paNEFJi
JknFj4gyA/npbvTckVjockc+4bI7FyrgSPTP4MxHy7zfDuiualtwCrtVWi8XXekg
0JMNE1if9AaNpKFSq4pcL3KPyGRkE4on957ZQevlOxUdlDTSGP8RTAViEXmX7wWv
OVFPYjVq3hKWJQ2cG1xVQcX5jhLgsmi7vhSnuODM+6vhH34kjD+WyR184alIsT+B
NJmvQyqPAcm9l48Inox3vqhjc7yYjwIq4qJUoixJAs0LqzFPe40/rv62m1h8ysw6
PGBtGaWWWm+ygU/o37D1nrpBuH5YlaKJ6mQ8+ONDSrGdOdAg/ek2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:19 2025 by rpki-client