Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QhRiGtn1ORRQt0FTUygjugy0uIE.roa
File: QhRiGtn1ORRQt0FTUygjugy0uIE.roa (raw, json)
Hash identifier: 4IOriaXsUH798m1ZxeYEYCLuYvwA+pBkFqaUpCnIU7c=
Subject key identifier: 42:14:62:1A:D9:F5:39:14:50:B7:41:53:53:28:23:BA:0C:B4:B8:81
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0193B547CF4B65BC2C9AA2E6D8846D0DA422
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QhRiGtn1ORRQt0FTUygjugy0uIE.roa
Signing time: Wed 11 Dec 2024 10:33:22 +0000
ROA not before: Wed 11 Dec 2024 10:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 213.137.89.0/24 maxlen: 24
213.137.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:47:cf:4b:65:bc:2c:9a:a2:e6:d8:84:6d:0d:a4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Dec 11 10:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4214621ad9f5391450b74153532823ba0cb4b881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:f4:84:12:87:14:01:cd:ac:0d:9d:c2:06:
b9:96:79:fc:6e:f4:3f:28:ef:7f:50:d4:c2:9c:21:
c0:db:73:63:98:29:a7:a7:b2:cb:0a:dd:e0:05:dd:
1d:be:6a:82:96:38:2b:03:75:26:50:f4:ce:f4:e3:
42:a9:e3:6a:99:87:87:d0:f6:18:4e:00:d6:cd:00:
a6:e4:e6:a3:84:67:55:0d:71:70:cc:88:e7:a5:c1:
06:99:7d:41:4e:5d:b8:3d:4f:21:fc:12:c0:a9:2f:
ec:a4:97:53:f6:0d:74:94:c3:f4:33:8d:f2:2d:04:
ed:21:84:f1:b2:8a:57:2a:45:68:6e:5e:8a:e4:88:
59:41:6f:d7:6d:d4:ff:8b:80:a0:1a:46:9c:9f:91:
62:3b:3a:ee:dd:50:3d:0c:c8:da:31:e7:bb:21:ca:
e3:bd:49:8f:70:99:20:fc:b3:8c:54:77:9d:e4:c6:
5e:34:fe:33:17:d9:bc:fa:fa:ff:2f:31:d9:c9:b6:
04:f7:6f:bc:8c:7e:e0:ed:db:cc:b6:1c:41:48:b9:
72:77:6d:0c:9a:27:80:a0:65:62:d2:b4:d0:b9:33:
80:e7:15:e1:21:f5:03:f6:83:ce:03:85:c7:f6:4c:
ca:ca:38:0a:01:cd:f7:f0:18:d7:24:a2:3e:9e:76:
49:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:14:62:1A:D9:F5:39:14:50:B7:41:53:53:28:23:BA:0C:B4:B8:81
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QhRiGtn1ORRQt0FTUygjugy0uIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.89.0/24
213.137.91.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:25:0c:b0:d9:f7:a6:2f:fe:47:3c:8a:a2:f2:bd:9a:12:48:
e3:c3:cc:71:84:8a:38:df:22:70:c5:f6:22:a8:52:c2:38:1c:
8d:8a:7f:29:e6:a3:a6:91:b3:c5:cd:f0:d9:4d:29:b0:71:36:
0c:61:5a:d7:75:0b:0d:00:27:9a:dd:3d:3e:49:21:60:50:89:
93:31:c5:94:55:81:2f:73:80:81:d9:54:75:69:1f:ba:cd:41:
b6:f0:87:25:fd:44:da:09:17:4f:45:e8:01:e8:9a:8f:de:2d:
cd:5a:67:68:77:d3:6c:45:ab:6f:0e:6a:36:19:15:cd:0d:41:
ff:24:a1:89:45:02:1e:86:66:43:59:56:50:1d:23:77:1e:ce:
48:35:81:63:7c:55:06:ea:6d:4b:64:b4:84:7e:cb:5c:50:6c:
4d:aa:7f:b6:06:2f:77:8f:2b:e5:dc:cb:b5:8f:fc:63:cf:27:
ff:e1:86:0a:de:5f:e9:33:a8:21:6e:63:80:8f:65:ae:a2:92:
4c:32:c9:86:30:94:d3:ef:86:62:da:cd:65:28:73:4a:b9:ab:
60:9c:3a:0b:aa:21:d0:81:26:f4:30:c3:8c:41:36:65:1a:8a:
5f:6e:d5:76:10:f8:6c:47:95:63:05:f9:09:ad:1a:73:48:d8:
1e:32:bc:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZO1R89LZbwsmqLm2IRtDaQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjQxMjExMTAzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE0NjIxYWQ5ZjUzOTE0NTBiNzQxNTM1MzI4MjNiYTBjYjRiODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GT0hBKHFAHNrA2dwga5lnn8bvQ/
KO9/UNTCnCHA23NjmCmnp7LLCt3gBd0dvmqCljgrA3UmUPTO9ONCqeNqmYeH0PYY
TgDWzQCm5OajhGdVDXFwzIjnpcEGmX1BTl24PU8h/BLAqS/spJdT9g10lMP0M43y
LQTtIYTxsopXKkVobl6K5IhZQW/XbdT/i4CgGkacn5FiOzru3VA9DMjaMee7Icrj
vUmPcJkg/LOMVHed5MZeNP4zF9m8+vr/LzHZybYE92+8jH7g7dvMthxBSLlyd20M
mieAoGVi0rTQuTOA5xXhIfUD9oPOA4XH9kzKyjgKAc338BjXJKI+nnZJ2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIUYhrZ9TkUULdBU1MoI7oMtLiBMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvUWhSaUd0bjFPUlJRdDBGVFV5Z2p1Z3kwdUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1YlZAwQA
1YlbMA0GCSqGSIb3DQEBCwUAA4IBAQAbJQyw2femL/5HPIqi8r2aEkjjw8xxhIo4
3yJwxfYiqFLCOByNin8p5qOmkbPFzfDZTSmwcTYMYVrXdQsNACea3T0+SSFgUImT
McWUVYEvc4CB2VR1aR+6zUG28Icl/UTaCRdPRegB6JqP3i3NWmdod9NsRatvDmo2
GRXNDUH/JKGJRQIehmZDWVZQHSN3Hs5INYFjfFUG6m1LZLSEfstcUGxNqn+2Bi93
jyvl3Mu1j/xjzyf/4YYK3l/pM6ghbmOAj2WuopJMMsmGMJTT74Zi2s1lKHNKuatg
nDoLqiHQgSb0MMOMQTZlGopfbtV2EPhsR5VjBfkJrRpzSNgeMrxh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:32 2025 by rpki-client