Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/Qz5OY3j3-s9qIqLTR9Ioyyp5esM.roa
File: Qz5OY3j3-s9qIqLTR9Ioyyp5esM.roa (raw, json)
Hash identifier: enWrA3U//X4SevjuqIqqkXe1LWPlKo4SqYrXw0Js1/I=
Subject key identifier: 43:3E:4E:63:78:F7:FA:CF:6A:22:A2:D3:47:D2:28:CB:2A:79:7A:C3
Certificate issuer: /CN=42353f86149491271024582d461ef55cad776166
Certificate serial: 01856B6E997A760C4B10C1D8FFA15A60BFF7
Authority key identifier: 42:35:3F:86:14:94:91:27:10:24:58:2D:46:1E:F5:5C:AD:77:61:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QjU_hhSUkScQJFgtRh71XK13YWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/Qz5OY3j3-s9qIqLTR9Ioyyp5esM.roa
Signing time: Sun 01 Jan 2023 03:44:48 +0000
ROA not before: Sun 01 Jan 2023 03:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.138.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:99:7a:76:0c:4b:10:c1:d8:ff:a1:5a:60:bf:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42353f86149491271024582d461ef55cad776166
Validity
Not Before: Jan 1 03:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433e4e6378f7facf6a22a2d347d228cb2a797ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d4:8c:7e:17:a0:f9:3f:bf:0b:7e:d8:41:cc:
73:e7:77:2a:91:53:69:24:ea:cd:1a:82:d7:9a:a7:
97:00:f6:9a:56:c0:dd:ed:62:e9:d2:15:5c:c5:06:
bb:3c:6b:78:ff:a5:82:10:2a:7c:8a:7a:69:e9:87:
26:fd:9f:82:7a:b4:05:14:ea:e4:be:09:6e:4d:0b:
2c:3e:a9:cd:1c:62:97:64:72:8b:45:f2:08:04:26:
c3:f8:d6:86:3a:78:0f:23:c5:49:28:67:06:1f:34:
0f:16:02:93:c1:97:e7:84:b9:60:ca:93:7b:25:06:
86:79:a2:2d:a0:1e:12:03:22:4e:ae:48:fd:ce:45:
8c:30:0c:81:bb:0d:7e:b4:b3:51:55:8c:9d:e6:75:
11:a8:38:f2:02:c5:31:26:60:d9:3f:c5:7c:e4:30:
bb:2f:d8:08:36:c2:ec:ac:1e:f1:8e:89:f2:f9:00:
65:8d:76:0d:5e:87:b4:c7:40:03:26:02:2a:94:a9:
73:02:c2:9c:29:b8:a2:ec:9c:26:bf:7f:b9:0a:1b:
a7:42:51:4a:78:28:7e:57:a6:ad:99:aa:97:4d:e2:
38:20:91:2e:db:5e:84:5d:c3:49:e9:7a:67:2f:aa:
25:cb:3d:7b:bb:b4:4b:ee:4b:ba:52:96:42:bd:84:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3E:4E:63:78:F7:FA:CF:6A:22:A2:D3:47:D2:28:CB:2A:79:7A:C3
X509v3 Authority Key Identifier:
keyid:42:35:3F:86:14:94:91:27:10:24:58:2D:46:1E:F5:5C:AD:77:61:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QjU_hhSUkScQJFgtRh71XK13YWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/Qz5OY3j3-s9qIqLTR9Ioyyp5esM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/654968-d18e-4dc9-a50e-67521fea4ddd/1/QjU_hhSUkScQJFgtRh71XK13YWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.136.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ba:44:08:f1:b4:d2:5c:c0:5e:46:79:fa:4f:fd:cc:93:c0:
a3:75:56:b1:c5:8c:af:86:f1:dd:d0:19:cb:60:80:c7:ca:16:
41:6f:c7:ca:59:a0:7c:76:57:c4:32:4e:8f:50:06:cd:a1:cd:
e8:80:d6:23:a0:ae:4c:34:13:5f:3f:cc:86:96:26:5b:1f:87:
a3:bf:16:eb:27:3e:89:67:71:3e:78:11:30:6e:05:fb:4f:1c:
13:4d:60:86:0e:92:99:1c:e9:6d:35:c7:01:c9:d9:36:72:55:
b7:e4:9c:a8:e8:fc:f8:94:0f:89:b9:99:39:50:9d:c3:61:7a:
2c:50:47:0e:09:af:1c:d5:72:08:fb:26:8f:68:7d:5a:93:ad:
5a:ed:5e:5a:0d:6e:42:95:bb:19:56:3a:1b:ad:a7:bb:d7:25:
41:45:6d:59:1f:cf:53:74:07:05:59:88:3c:95:f2:b3:e9:2c:
db:68:04:79:34:f9:ab:7f:ce:a2:6b:28:09:fd:eb:b8:f4:6e:
1b:ee:d1:56:ad:cc:52:06:3f:f4:94:17:25:4d:e9:4b:26:a2:
a7:8d:d5:76:d0:4f:a8:9b:4a:af:94:8b:48:d7:37:b5:10:59:
5f:e1:50:e7:4b:6a:00:20:c5:6d:09:30:98:f6:78:9e:62:53:
12:ea:a2:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrbpl6dgxLEMHY/6FaYL/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMzUzZjg2MTQ5NDkxMjcxMDI0NTgyZDQ2MWVmNTVjYWQ3
NzYxNjYwHhcNMjMwMTAxMDM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNlNGU2Mzc4ZjdmYWNmNmEyMmEyZDM0N2QyMjhjYjJhNzk3YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNSMfheg+T+/C37YQcxz53cqkVNp
JOrNGoLXmqeXAPaaVsDd7WLp0hVcxQa7PGt4/6WCECp8inpp6Ycm/Z+CerQFFOrk
vgluTQssPqnNHGKXZHKLRfIIBCbD+NaGOngPI8VJKGcGHzQPFgKTwZfnhLlgypN7
JQaGeaItoB4SAyJOrkj9zkWMMAyBuw1+tLNRVYyd5nURqDjyAsUxJmDZP8V85DC7
L9gINsLsrB7xjony+QBljXYNXoe0x0ADJgIqlKlzAsKcKbii7Jwmv3+5ChunQlFK
eCh+V6atmaqXTeI4IJEu216EXcNJ6XpnL6olyz17u7RL7ku6UpZCvYQRdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEM+TmN49/rPaiKi00fSKMsqeXrDMB8GA1UdIwQY
MBaAFEI1P4YUlJEnECRYLUYe9Vytd2FmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWpVX2hoU1VrU2NRSkZndFJoNzFYSzEzWVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82NTQ5NjgtZDE4ZS00ZGM5LWE1MGUt
Njc1MjFmZWE0ZGRkLzEvUXo1T1kzajMtczlxSXFMVFI5SW95eXA1ZXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82NTQ5NjgtZDE4ZS00ZGM5LWE1MGUtNjc1MjFmZWE0ZGRk
LzEvUWpVX2hoU1VrU2NRSkZndFJoNzFYSzEzWVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYqIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2ukQI8bTSXMBeRnn6T/3Mk8CjdVaxxYyvhvHd0BnL
YIDHyhZBb8fKWaB8dlfEMk6PUAbNoc3ogNYjoK5MNBNfP8yGliZbH4ejvxbrJz6J
Z3E+eBEwbgX7TxwTTWCGDpKZHOltNccBydk2clW35Jyo6Pz4lA+JuZk5UJ3DYXos
UEcOCa8c1XII+yaPaH1ak61a7V5aDW5ClbsZVjobrae71yVBRW1ZH89TdAcFWYg8
lfKz6SzbaAR5NPmrf86iaygJ/eu49G4b7tFWrcxSBj/0lBclTelLJqKnjdV20E+o
m0qvlItI1ze1EFlf4VDnS2oAIMVtCTCY9nieYlMS6qJW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:05 2025 by rpki-client