Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/QKasLKu7GHgPpKNwnyN3906EaKc.roa
File: QKasLKu7GHgPpKNwnyN3906EaKc.roa (raw, json)
Hash identifier: d/u41tAhdz/N1xXp0pVCdcYGBeF0gA8vH2iafjCzExU=
Subject key identifier: 40:A6:AC:2C:AB:BB:18:78:0F:A4:A3:70:9F:23:77:F7:4E:84:68:A7
Certificate issuer: /CN=dd82de4f1304339fde527ba06033ca9e511171bd
Certificate serial: 01856D3875EF3110AE77D8576948438CABEB
Authority key identifier: DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/QKasLKu7GHgPpKNwnyN3906EaKc.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34865
IP address blocks: 157.119.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:75:ef:31:10:ae:77:d8:57:69:48:43:8c:ab:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd82de4f1304339fde527ba06033ca9e511171bd
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40a6ac2cabbb18780fa4a3709f2377f74e8468a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bf:77:e4:2b:e2:c2:72:9c:9a:6b:4a:bb:b8:
f2:9a:4a:ca:85:4d:01:6f:3f:2e:b2:aa:66:83:0b:
8f:79:99:98:2a:0e:41:c9:41:50:4c:41:d7:12:66:
e2:b7:e6:5b:b8:db:76:c7:75:89:5d:82:91:65:e4:
4e:1e:8e:a5:1e:c1:89:ef:30:0a:d1:8b:36:d8:fa:
b4:57:a6:24:24:ef:91:62:3a:fd:01:ff:22:26:68:
c5:8b:65:a9:d9:06:05:f6:6f:41:58:43:c4:2c:52:
03:c5:24:d3:1e:e8:b0:e7:84:02:91:23:9e:c2:17:
1c:26:f1:84:5c:7f:6c:76:2a:5b:9a:e7:6b:b1:a9:
4b:84:0b:f5:d4:51:16:4b:8a:10:f7:b2:5b:86:3a:
cb:36:d6:3b:f9:3c:a9:5f:5f:2e:25:70:e6:9b:de:
92:d3:74:a2:2b:94:fc:3a:3f:d8:11:d9:6d:2a:06:
aa:ec:14:f4:41:d6:85:2c:96:76:50:94:8e:28:92:
db:85:48:68:15:42:13:2a:99:f7:06:24:e7:b3:bd:
7f:c9:a1:8e:2f:74:de:be:a2:da:70:d9:f0:d4:1e:
d0:ba:c1:9e:22:3a:32:c7:73:4e:40:a9:20:6b:24:
09:8d:ba:1b:df:88:aa:dd:27:fd:ae:80:d6:fd:f1:
e3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A6:AC:2C:AB:BB:18:78:0F:A4:A3:70:9F:23:77:F7:4E:84:68:A7
X509v3 Authority Key Identifier:
keyid:DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/QKasLKu7GHgPpKNwnyN3906EaKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/3YLeTxMEM5_eUnugYDPKnlERcb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.119.189.0/24
Signature Algorithm: sha256WithRSAEncryption
00:75:ad:47:9b:a5:b6:eb:5b:c1:ac:e3:ce:a9:cb:0b:64:39:
a3:96:a3:b3:ad:72:d1:be:49:06:3f:03:9b:35:c6:0e:84:8f:
8b:5a:b2:4e:0b:b8:6d:d9:5d:83:aa:77:a4:76:a7:d4:a6:79:
15:cd:a1:9c:d5:39:12:8e:e2:12:d2:a6:2c:e8:c4:98:47:06:
24:fc:36:05:4a:e3:43:2b:29:67:98:11:d8:9d:64:6b:ea:4e:
5f:3c:85:89:9f:07:b0:52:d0:fb:9e:9c:5c:17:47:3b:a9:0e:
bb:12:f0:f7:2a:7b:8c:72:6a:89:6d:78:66:5d:0b:d4:28:07:
d3:58:c5:a7:75:1f:ed:d6:f3:43:74:40:22:9c:65:0f:b7:e0:
8f:28:b6:17:5b:48:eb:9d:a0:62:29:b7:c7:d1:49:2c:54:e1:
82:db:f4:fc:00:96:b6:5f:03:ce:bd:ae:bb:1a:76:d1:43:bd:
76:2e:f3:f6:9e:73:08:81:3b:b3:1a:c8:66:bd:2c:39:67:f5:
6f:9e:87:59:4c:7f:28:a2:f2:96:b0:7f:16:5f:b4:9f:24:9d:
d0:e8:b2:97:f1:82:91:20:f9:6b:6c:3b:4d:67:56:c9:42:33:
2b:82:5d:29:6b:d7:f8:3b:21:20:9d:00:bf:3e:e2:56:38:11:
4f:3f:1f:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOHXvMRCud9hXaUhDjKvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODJkZTRmMTMwNDMzOWZkZTUyN2JhMDYwMzNjYTllNTEx
MTcxYmQwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE2YWMyY2FiYmIxODc4MGZhNGEzNzA5ZjIzNzdmNzRlODQ2OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb935CviwnKcmmtKu7jymkrKhU0B
bz8usqpmgwuPeZmYKg5ByUFQTEHXEmbit+ZbuNt2x3WJXYKRZeROHo6lHsGJ7zAK
0Ys22Pq0V6YkJO+RYjr9Af8iJmjFi2Wp2QYF9m9BWEPELFIDxSTTHuiw54QCkSOe
whccJvGEXH9sdipbmudrsalLhAv11FEWS4oQ97JbhjrLNtY7+TypX18uJXDmm96S
03SiK5T8Oj/YEdltKgaq7BT0QdaFLJZ2UJSOKJLbhUhoFUITKpn3BiTns71/yaGO
L3TevqLacNnw1B7QusGeIjoyx3NOQKkgayQJjbob34iq3Sf9roDW/fHjLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECmrCyruxh4D6SjcJ8jd/dOhGinMB8GA1UdIwQY
MBaAFN2C3k8TBDOf3lJ7oGAzyp5REXG9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMt
ZmYxNTdiZWYwNjIxLzEvUUthc0xLdTdHSGdQcEtOd255TjM5MDZFYUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMtZmYxNTdiZWYwNjIx
LzEvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnXe9MA0G
CSqGSIb3DQEBCwUAA4IBAQAAda1Hm6W261vBrOPOqcsLZDmjlqOzrXLRvkkGPwOb
NcYOhI+LWrJOC7ht2V2DqnekdqfUpnkVzaGc1TkSjuIS0qYs6MSYRwYk/DYFSuND
KylnmBHYnWRr6k5fPIWJnwewUtD7npxcF0c7qQ67EvD3KnuMcmqJbXhmXQvUKAfT
WMWndR/t1vNDdEAinGUPt+CPKLYXW0jrnaBiKbfH0UksVOGC2/T8AJa2XwPOva67
GnbRQ712LvP2nnMIgTuzGshmvSw5Z/VvnodZTH8oovKWsH8WX7SfJJ3Q6LKX8YKR
IPlrbDtNZ1bJQjMrgl0pa9f4OyEgnQC/PuJWOBFPPx+S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:29 2025 by rpki-client