Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/u1qwwdANG6CfHeSXNYRqAWGaM5k.roa
File: u1qwwdANG6CfHeSXNYRqAWGaM5k.roa (raw, json)
Hash identifier: 1LbETNtSQowfeZYN/FR83MgGP9HNsEaRPsaOGvnKANk=
Subject key identifier: BB:5A:B0:C1:D0:0D:1B:A0:9F:1D:E4:97:35:84:6A:01:61:9A:33:99
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 01856C6F206B32394ECFEF184B0EA87F6CAA
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/u1qwwdANG6CfHeSXNYRqAWGaM5k.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1820
IP address blocks: 91.192.184.0/22 maxlen: 32
194.246.120.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:20:6b:32:39:4e:cf:ef:18:4b:0e:a8:7f:6c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb5ab0c1d00d1ba09f1de49735846a01619a3399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:96:4a:4f:71:e1:95:c4:28:80:34:e8:b4:f4:
1a:8f:be:27:1f:0a:93:e8:89:a5:37:59:75:90:67:
05:67:f3:cd:37:cc:c7:85:6b:90:13:b0:b2:e1:4f:
e5:dc:69:85:10:5a:d1:40:d4:8d:ad:eb:49:86:ac:
6e:74:15:1a:17:1a:5c:db:a3:af:3d:47:54:01:c1:
d7:df:4e:0c:c1:90:1d:ef:0c:8f:4b:50:38:11:d4:
9b:0b:a1:a8:42:9f:1c:1a:63:e7:08:a4:e7:2e:94:
1d:ab:c4:aa:2d:49:fe:36:bf:b1:41:9f:4e:37:f2:
68:0d:2d:cd:7b:7b:5f:e2:26:ea:5b:aa:47:3f:aa:
a1:dc:53:12:66:ed:12:dd:c6:f2:01:d3:8d:9f:da:
c5:8f:7f:3e:8d:86:6b:0e:02:ad:fb:34:aa:8f:09:
37:9d:64:8f:aa:0d:2f:f9:2f:6e:32:ea:db:a3:c7:
14:11:3c:c7:da:a5:78:a5:95:76:83:f2:44:ef:5a:
43:f9:0c:b9:0c:a5:5e:d5:7e:c3:10:ff:4d:93:db:
73:c5:64:03:dd:b0:62:96:43:7b:55:1c:6f:df:5d:
5e:19:78:b3:a8:bd:8c:b2:ac:c7:26:1c:a0:d2:1f:
4a:ea:af:15:50:34:5e:54:c7:fa:d5:f0:72:04:88:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5A:B0:C1:D0:0D:1B:A0:9F:1D:E4:97:35:84:6A:01:61:9A:33:99
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/u1qwwdANG6CfHeSXNYRqAWGaM5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.184.0/22
194.246.120.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:1c:b0:b3:e9:c2:3c:7b:48:9d:62:3b:d4:5b:26:28:29:60:
54:77:f9:a0:dc:c7:3f:83:34:4d:da:47:1b:32:c0:00:5c:db:
04:b7:e0:1c:0c:ec:12:54:f1:f2:af:d7:34:02:8b:65:73:2d:
fd:f1:51:7c:ad:af:00:4d:84:8b:eb:b6:f8:e8:75:a7:44:6a:
e3:d4:1f:29:a4:d2:14:26:9d:97:ce:26:3a:58:2f:c9:d3:04:
55:d0:27:1a:c1:c5:9e:d1:70:ee:08:00:7f:36:1f:cb:03:77:
cc:de:04:8f:78:8f:ac:ff:36:7e:02:17:c3:25:85:b7:cb:f1:
d3:0e:30:88:e7:8e:c6:a8:dd:04:0d:c2:dd:2b:5a:93:f9:3b:
b8:6a:ab:78:b9:9c:7a:78:29:84:de:c3:de:3d:b7:4d:2f:a9:
a3:7e:a1:1d:f5:4e:da:06:89:f9:fc:e4:4b:b5:a6:9e:91:7c:
3b:a5:1d:15:0e:ad:00:54:19:f3:e3:f1:13:1a:32:1b:2f:e7:
5b:7e:11:08:53:45:3d:6f:f9:71:81:98:47:b8:c9:4a:c8:a1:
33:ec:64:ed:25:81:12:40:c4:4c:1e:66:d0:d7:14:14:51:d0:
8d:c5:13:a3:84:08:84:8b:c0:07:30:bb:13:c6:4f:37:4d:3d:
bc:59:d5:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsbyBrMjlOz+8YSw6of2yqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjVhYjBjMWQwMGQxYmEwOWYxZGU0OTczNTg0NmEwMTYxOWEzMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pZKT3HhlcQogDTotPQaj74nHwqT
6ImlN1l1kGcFZ/PNN8zHhWuQE7Cy4U/l3GmFEFrRQNSNretJhqxudBUaFxpc26Ov
PUdUAcHX304MwZAd7wyPS1A4EdSbC6GoQp8cGmPnCKTnLpQdq8SqLUn+Nr+xQZ9O
N/JoDS3Ne3tf4ibqW6pHP6qh3FMSZu0S3cbyAdONn9rFj38+jYZrDgKt+zSqjwk3
nWSPqg0v+S9uMurbo8cUETzH2qV4pZV2g/JE71pD+Qy5DKVe1X7DEP9Nk9tzxWQD
3bBilkN7VRxv311eGXizqL2MsqzHJhyg0h9K6q8VUDReVMf61fByBIi/yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLtasMHQDRugnx3klzWEagFhmjOZMB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvdTFxd3dkQU5HNkNmSGVTWE5ZUnFBV0dhTTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8C4AwQB
wvZ4MA0GCSqGSIb3DQEBCwUAA4IBAQAfHLCz6cI8e0idYjvUWyYoKWBUd/mg3Mc/
gzRN2kcbMsAAXNsEt+AcDOwSVPHyr9c0Aotlcy398VF8ra8ATYSL67b46HWnRGrj
1B8ppNIUJp2XziY6WC/J0wRV0CcawcWe0XDuCAB/Nh/LA3fM3gSPeI+s/zZ+AhfD
JYW3y/HTDjCI547GqN0EDcLdK1qT+Tu4aqt4uZx6eCmE3sPePbdNL6mjfqEd9U7a
Bon5/ORLtaaekXw7pR0VDq0AVBnz4/ETGjIbL+dbfhEIU0U9b/lxgZhHuMlKyKEz
7GTtJYESQMRMHmbQ1xQUUdCNxROjhAiEi8AHMLsTxk83TT28WdVf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:39 2025 by rpki-client