Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QOhAVLAOmIp1_9DUUNRjh_YclqI.roa
File: QOhAVLAOmIp1_9DUUNRjh_YclqI.roa (raw, json)
Hash identifier: foTIjrrSPicnHBTTRW04gf0obc67YUIBsxnjcoNariw=
Subject key identifier: 40:E8:40:54:B0:0E:98:8A:75:FF:D0:D4:50:D4:63:87:F6:1C:96:A2
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018D599FC60A2F446157928CE8FA25246C46
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QOhAVLAOmIp1_9DUUNRjh_YclqI.roa
Signing time: Tue 30 Jan 2024 09:07:39 +0000
ROA not before: Tue 30 Jan 2024 09:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.206.64.0/21 maxlen: 24
82.206.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:9f:c6:0a:2f:44:61:57:92:8c:e8:fa:25:24:6c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 30 09:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e84054b00e988a75ffd0d450d46387f61c96a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7c:5a:af:26:81:2f:dc:70:1f:b5:d4:cc:38:
cb:36:fc:0d:d2:66:25:f4:f0:dc:f4:eb:de:c8:5d:
d2:8c:6d:69:05:73:2d:5c:bc:ca:22:6c:6a:18:69:
0b:37:3d:23:0b:50:33:2d:92:9e:2a:79:85:e0:cd:
1f:4d:a1:c8:df:a6:07:b2:58:cb:5f:9f:4e:52:96:
ad:79:e2:73:23:8f:83:89:45:db:2d:85:3e:2a:6e:
58:38:1c:29:18:c9:9e:bb:96:6b:b6:74:c4:20:42:
7b:da:d7:d0:fd:a6:5f:ec:b8:ad:dc:8c:5c:f6:09:
2e:a6:31:46:76:74:de:e5:a6:9a:eb:89:c2:5f:18:
7a:fa:23:6d:bd:82:61:f9:7f:1e:6f:a4:5f:0d:5b:
8e:a7:16:0f:9b:fc:a1:b3:10:2e:4a:38:97:18:69:
f2:f8:00:42:8b:f7:a1:ec:19:c6:ad:8b:bf:b0:07:
4c:e5:07:c6:b4:92:de:33:14:a5:33:3c:24:2d:c9:
74:8d:d6:44:cf:ed:a1:9e:5e:f4:2d:d4:cc:6d:83:
a8:14:59:a6:dd:48:ea:a6:67:28:94:97:ee:c3:14:
06:fa:9d:ed:fc:e3:c9:a7:14:45:4a:59:c8:5b:67:
a2:3e:6b:27:04:61:b4:ae:60:95:04:40:62:d0:b3:
0a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E8:40:54:B0:0E:98:8A:75:FF:D0:D4:50:D4:63:87:F6:1C:96:A2
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QOhAVLAOmIp1_9DUUNRjh_YclqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.64.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:20:f8:f1:a8:98:f6:65:0f:1c:ba:83:27:85:c9:84:c0:6f:
81:a7:9d:b8:a9:41:99:96:86:22:5b:ac:ed:96:6a:9d:14:46:
a3:37:21:a7:74:7a:4d:fd:c2:36:32:0e:94:54:1c:c3:de:3c:
53:e0:3f:fb:08:39:39:97:65:a2:c9:be:28:cc:f4:9e:16:b0:
32:89:f6:1e:d8:74:a9:52:cd:2d:28:c9:a2:dc:ce:8c:63:71:
43:32:c9:57:0b:cc:fc:be:62:f5:c1:31:f0:22:54:5f:16:89:
01:ef:6d:93:3e:96:ec:8d:77:b8:7f:3f:74:4f:37:82:5b:d0:
de:26:78:00:16:37:92:ec:4a:3b:de:93:8b:d2:7e:4c:4e:5d:
85:97:32:62:01:54:4b:84:b6:fb:bb:73:7b:08:29:f6:94:29:
3a:02:5a:eb:ca:95:4d:17:c5:b5:b1:c6:cb:a8:52:2d:7e:34:
7d:54:66:61:45:b3:61:75:d2:6c:c9:e7:73:c8:50:f8:bf:29:
2f:58:da:03:8d:90:07:62:6b:4c:6e:4f:95:4a:0c:e0:c0:ad:
ec:aa:c6:64:20:e4:f1:ea:dc:8b:19:66:07:d9:78:b1:7d:48:
85:de:bc:2b:0a:e6:06:7a:8c:e7:33:59:92:d7:2f:cf:4f:cd:
cb:b3:69:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1Zn8YKL0RhV5KM6PolJGxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMTMwMDkwNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU4NDA1NGIwMGU5ODhhNzVmZmQwZDQ1MGQ0NjM4N2Y2MWM5NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnxaryaBL9xwH7XUzDjLNvwN0mYl
9PDc9OveyF3SjG1pBXMtXLzKImxqGGkLNz0jC1AzLZKeKnmF4M0fTaHI36YHsljL
X59OUpateeJzI4+DiUXbLYU+Km5YOBwpGMmeu5ZrtnTEIEJ72tfQ/aZf7Lit3Ixc
9gkupjFGdnTe5aaa64nCXxh6+iNtvYJh+X8eb6RfDVuOpxYPm/yhsxAuSjiXGGny
+ABCi/eh7BnGrYu/sAdM5QfGtJLeMxSlMzwkLcl0jdZEz+2hnl70LdTMbYOoFFmm
3UjqpmcolJfuwxQG+p3t/OPJpxRFSlnIW2eiPmsnBGG0rmCVBEBi0LMKqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDoQFSwDpiKdf/Q1FDUY4f2HJaiMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvUU9oQVZMQU9tSXAxXzlEVVVOUmpoX1ljbHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUs5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAvIPjxqJj2ZQ8cuoMnhcmEwG+Bp524qUGZloYiW6zt
lmqdFEajNyGndHpN/cI2Mg6UVBzD3jxT4D/7CDk5l2Wiyb4ozPSeFrAyifYe2HSp
Us0tKMmi3M6MY3FDMslXC8z8vmL1wTHwIlRfFokB722TPpbsjXe4fz90TzeCW9De
JngAFjeS7Eo73pOL0n5MTl2FlzJiAVRLhLb7u3N7CCn2lCk6AlrrypVNF8W1scbL
qFItfjR9VGZhRbNhddJsyedzyFD4vykvWNoDjZAHYmtMbk+VSgzgwK3sqsZkIOTx
6tyLGWYH2XixfUiF3rwrCuYGeoznM1mS1y/PT83Ls2nd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:30 2025 by rpki-client