Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa
File: qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa (raw, json)
Hash identifier: A0zVfMWFcmAvQiJtyOik4/Esuwb1ukoj8nbTE0+n850=
Subject key identifier: A8:26:00:3E:9E:C3:8A:6D:14:D9:63:7C:55:D9:F3:06:DF:5D:50:E6
Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea
Certificate serial: 019420D5F54326E6A1DB711032BEDB11F417
Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa
Signing time: Wed 01 Jan 2025 07:48:00 +0000
ROA not before: Wed 01 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42010
IP address blocks: 193.8.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f5:43:26:e6:a1:db:71:10:32:be:db:11:f4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea
Validity
Not Before: Jan 1 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a826003e9ec38a6d14d9637c55d9f306df5d50e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:9a:5d:a7:63:bf:e3:2f:e3:92:e7:48:0d:
12:a2:ef:cb:0c:6f:6e:87:10:24:15:a5:ad:3b:03:
d6:50:43:d2:f3:0e:68:9d:18:83:83:c6:05:9c:eb:
b3:b4:f6:cd:9f:8c:37:69:33:41:03:c6:e2:a6:74:
f6:36:db:3d:2d:70:38:91:d5:85:dc:31:88:d1:59:
31:50:3e:f0:af:d5:f5:e7:48:ec:68:59:d4:7b:fa:
13:2a:9f:f8:b3:6c:81:70:bc:a8:fe:d5:5d:dd:90:
75:a9:23:f6:fd:36:b5:ee:8c:94:9f:06:03:76:44:
00:8b:3e:30:92:64:7a:36:ea:a5:3b:1c:aa:17:cb:
b9:16:c6:28:27:fe:4c:d2:0a:1b:5e:07:4b:3e:45:
b6:7a:7e:2b:ea:a0:09:ee:3c:8e:a3:95:ec:07:1d:
b5:11:4c:8f:ed:19:8f:f4:d8:21:14:2d:29:95:b9:
20:04:2d:f2:8f:2f:d9:8f:97:ed:e3:79:59:57:0c:
81:b6:a1:1b:c8:53:7c:c9:98:4c:72:70:07:e8:0a:
c9:86:26:ba:85:d4:d9:ef:4b:57:1e:cd:d0:8a:a7:
2c:07:b9:06:57:7d:c3:60:31:37:bd:9e:19:d0:0a:
a6:b8:ce:65:9e:a7:7b:63:83:cf:bf:99:32:e4:90:
5d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:26:00:3E:9E:C3:8A:6D:14:D9:63:7C:55:D9:F3:06:DF:5D:50:E6
X509v3 Authority Key Identifier:
keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.240.0/22
Signature Algorithm: sha256WithRSAEncryption
09:c8:ac:8d:c6:d4:34:23:41:6c:c7:42:c7:a5:bd:e0:bb:ce:
09:e0:1b:1f:2d:ab:84:d8:cf:be:25:ab:04:d3:7b:7e:be:e3:
4c:a5:f3:e5:3e:ec:63:70:54:15:d1:92:ac:95:9e:a6:e2:f0:
46:15:6e:e8:ee:25:1e:17:69:78:9e:00:23:0f:4a:48:58:09:
33:1b:80:54:2e:1c:15:1f:28:95:f6:4c:5b:82:6c:89:76:96:
02:bf:08:78:d2:48:b7:98:91:24:b0:c4:35:78:4d:cf:19:ed:
4d:b8:f3:81:69:a7:e0:ad:a2:17:7c:b8:9b:70:d4:ae:ea:05:
30:d3:d2:f4:ba:4f:90:b5:7a:05:ba:bb:1c:cc:64:da:9e:69:
70:de:b2:83:48:ac:23:b0:66:89:05:20:25:bd:fb:ec:3e:ca:
d1:57:d7:65:5c:ed:f1:f1:cd:43:10:ee:0c:c6:fd:8c:04:4d:
b3:94:24:99:0b:4d:18:66:9b:d0:01:42:28:73:56:b0:9b:91:
7a:07:ff:85:79:c7:a7:a0:2f:36:d0:64:c8:fd:b8:bb:c4:5e:
7a:48:00:e7:05:d8:6d:41:f8:a3:96:34:7c:c3:57:f1:69:3f:
7f:34:ac:27:1e:68:11:41:23:18:a9:1b:13:a3:e2:8e:61:97:
eb:5f:14:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fVDJuah23EQMr7bEfQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy
NDk1ZWEwHhcNMjUwMTAxMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI2MDAzZTllYzM4YTZkMTRkOTYzN2M1NWQ5ZjMwNmRmNWQ1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2aXadjv+Mv45LnSA0Sou/LDG9u
hxAkFaWtOwPWUEPS8w5onRiDg8YFnOuztPbNn4w3aTNBA8bipnT2Nts9LXA4kdWF
3DGI0VkxUD7wr9X150jsaFnUe/oTKp/4s2yBcLyo/tVd3ZB1qSP2/Ta17oyUnwYD
dkQAiz4wkmR6NuqlOxyqF8u5FsYoJ/5M0gobXgdLPkW2en4r6qAJ7jyOo5XsBx21
EUyP7RmP9NghFC0plbkgBC3yjy/Zj5ft43lZVwyBtqEbyFN8yZhMcnAH6ArJhia6
hdTZ70tXHs3QiqcsB7kGV33DYDE3vZ4Z0AqmuM5lnqd7Y4PPv5ky5JBdswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgmAD6ew4ptFNljfFXZ8wbfXVDmMB8GA1UdIwQY
MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt
ZmJkYmU1MTRkZjVhLzEvcUNZQVBwN0RpbTBVMldOOFZkbnpCdDlkVU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh
LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQjwMA0G
CSqGSIb3DQEBCwUAA4IBAQAJyKyNxtQ0I0Fsx0LHpb3gu84J4BsfLauE2M++JasE
03t+vuNMpfPlPuxjcFQV0ZKslZ6m4vBGFW7o7iUeF2l4ngAjD0pIWAkzG4BULhwV
HyiV9kxbgmyJdpYCvwh40ki3mJEksMQ1eE3PGe1NuPOBaafgraIXfLibcNSu6gUw
09L0uk+QtXoFursczGTanmlw3rKDSKwjsGaJBSAlvfvsPsrRV9dlXO3x8c1DEO4M
xv2MBE2zlCSZC00YZpvQAUIoc1awm5F6B/+FecenoC820GTI/bi7xF56SADnBdht
QfijljR8w1fxaT9/NKwnHmgRQSMYqRsTo+KOYZfrXxRb
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:43 2025 by rpki-client