Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/QHrBIBuD-dIq2_2Kb_iV4X3Tvr8.roa
File: QHrBIBuD-dIq2_2Kb_iV4X3Tvr8.roa (raw, json)
Hash identifier: BqAzrOrplAEdRsolpRbFSr5bt0QDC4A+AWz6QKat1JE=
Subject key identifier: 40:7A:C1:20:1B:83:F9:D2:2A:DB:FD:8A:6F:F8:95:E1:7D:D3:BE:BF
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01941FFAA6B3C866E2F1FB389CEE45DF1145
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/QHrBIBuD-dIq2_2Kb_iV4X3Tvr8.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205595
IP address blocks: 37.228.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a6:b3:c8:66:e2:f1:fb:38:9c:ee:45:df:11:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407ac1201b83f9d22adbfd8a6ff895e17dd3bebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7f:62:83:30:b4:c6:a2:88:24:7b:03:20:d6:
41:ba:22:ae:cc:f8:b5:b2:1d:05:12:a4:4d:98:9c:
67:9f:fe:4e:3e:5e:d3:15:e7:76:03:26:c9:f7:ae:
ad:74:60:8c:61:36:7c:c2:41:24:1a:c6:69:e3:d5:
78:27:e5:ba:dc:fb:99:08:d3:17:7c:dd:28:b5:ca:
78:1a:a8:98:f2:99:f5:c6:71:60:84:2f:0b:89:94:
87:bc:4d:64:8b:c1:0f:41:a8:0f:22:e9:8c:04:9b:
18:d2:eb:b9:59:d3:e3:8b:31:03:67:63:7b:30:49:
09:c2:9a:89:5e:c4:dd:0f:b7:ac:95:11:7e:06:d6:
7f:f6:28:3b:c7:f2:59:4f:05:5e:0f:94:86:81:cb:
eb:c2:c1:bf:a0:2e:4d:a1:53:7a:f2:fb:1d:94:3a:
d3:a0:8a:14:86:26:cb:34:2d:6e:bf:ec:c1:84:83:
5a:da:7d:ee:40:8a:47:87:01:9d:97:e1:37:8e:b9:
f5:ff:44:24:72:53:7e:57:53:d7:1a:f0:cc:9e:61:
81:2b:69:6a:85:5d:b8:52:49:8a:be:ad:dc:c2:86:
07:1a:38:f9:37:37:e9:0f:05:8b:3b:e1:49:44:00:
e1:b1:e6:da:cf:79:2a:9e:88:51:d8:8f:9c:d8:8c:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7A:C1:20:1B:83:F9:D2:2A:DB:FD:8A:6F:F8:95:E1:7D:D3:BE:BF
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/QHrBIBuD-dIq2_2Kb_iV4X3Tvr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.95.0/24
Signature Algorithm: sha256WithRSAEncryption
10:53:92:48:1a:81:a8:4a:ce:1e:39:d2:cc:82:ab:7e:a3:1c:
34:6f:91:9e:98:af:3e:a6:a6:64:f1:c8:19:ed:77:0e:4d:0d:
e0:68:34:08:ea:b0:aa:c5:a8:89:62:42:16:4d:d5:8d:24:5a:
01:75:85:84:97:19:b3:ae:9c:be:b1:1f:44:f1:17:c8:fc:2f:
7d:d9:df:c3:30:d5:ad:f1:f3:58:f8:92:8e:15:ef:6f:cf:89:
14:f4:a9:30:be:f8:a8:b0:8e:88:88:c4:4d:6a:02:f2:57:2b:
83:52:31:77:4d:f6:35:43:e4:21:ba:a3:c9:4c:00:af:23:3c:
f2:f3:ef:e9:e1:b0:77:9c:be:05:41:50:37:bb:05:38:b4:46:
d7:65:6a:8a:00:92:22:08:5d:95:86:77:22:a8:99:20:69:1f:
3f:01:ff:a4:63:da:f5:d5:6b:bf:dc:0e:7d:05:4d:67:30:0e:
5c:63:bf:32:ae:84:c7:53:62:cc:2c:73:2a:39:bb:2a:0a:36:
78:42:73:73:32:39:ff:f8:3e:12:9f:c9:fc:53:3e:06:7e:6c:
61:25:83:2a:0c:92:e6:55:b3:d0:02:10:c0:4f:dd:99:a1:c3:
87:cf:64:ae:ec:73:e1:64:bc:e6:ba:08:b4:6f:e9:1a:3f:43:
90:91:5b:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qazyGbi8fs4nO5F3xFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdhYzEyMDFiODNmOWQyMmFkYmZkOGE2ZmY4OTVlMTdkZDNiZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H9igzC0xqKIJHsDINZBuiKuzPi1
sh0FEqRNmJxnn/5OPl7TFed2AybJ966tdGCMYTZ8wkEkGsZp49V4J+W63PuZCNMX
fN0otcp4GqiY8pn1xnFghC8LiZSHvE1ki8EPQagPIumMBJsY0uu5WdPjizEDZ2N7
MEkJwpqJXsTdD7eslRF+BtZ/9ig7x/JZTwVeD5SGgcvrwsG/oC5NoVN68vsdlDrT
oIoUhibLNC1uv+zBhINa2n3uQIpHhwGdl+E3jrn1/0QkclN+V1PXGvDMnmGBK2lq
hV24UkmKvq3cwoYHGjj5NzfpDwWLO+FJRADhsebaz3kqnohR2I+c2IzPMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEB6wSAbg/nSKtv9im/4leF9076/MB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvUUhyQklCdUQtZElxMl8yS2JfaVY0WDNUdnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeRfMA0G
CSqGSIb3DQEBCwUAA4IBAQAQU5JIGoGoSs4eOdLMgqt+oxw0b5GemK8+pqZk8cgZ
7XcOTQ3gaDQI6rCqxaiJYkIWTdWNJFoBdYWElxmzrpy+sR9E8RfI/C992d/DMNWt
8fNY+JKOFe9vz4kU9KkwvviosI6IiMRNagLyVyuDUjF3TfY1Q+QhuqPJTACvIzzy
8+/p4bB3nL4FQVA3uwU4tEbXZWqKAJIiCF2VhnciqJkgaR8/Af+kY9r11Wu/3A59
BU1nMA5cY78yroTHU2LMLHMqObsqCjZ4QnNzMjn/+D4Sn8n8Uz4GfmxhJYMqDJLm
VbPQAhDAT92ZocOHz2Su7HPhZLzmugi0b+kaP0OQkVtl
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:18:11 2025 by rpki-client