Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qXEkILvPmK7ozi8BXkIsfx_ZuY4.roa
File: qXEkILvPmK7ozi8BXkIsfx_ZuY4.roa (raw, json)
Hash identifier: Iww10Mw0khL9kXU5ZCxI29NwCNMFjj+t63T+93k9VPU=
Subject key identifier: A9:71:24:20:BB:CF:98:AE:E8:CE:2F:01:5E:42:2C:7F:1F:D9:B9:8E
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018DA2EDA83E2114728A4644AFD187992FED
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qXEkILvPmK7ozi8BXkIsfx_ZuY4.roa
Signing time: Tue 13 Feb 2024 14:45:00 +0000
ROA not before: Tue 13 Feb 2024 14:45:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 88.135.96.0/20 maxlen: 24
89.40.220.0/23 maxlen: 24
94.26.110.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:ed:a8:3e:21:14:72:8a:46:44:af:d1:87:99:2f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Feb 13 14:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9712420bbcf98aee8ce2f015e422c7f1fd9b98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:0f:43:c6:23:8a:4b:71:44:b9:48:64:22:
fa:f3:0e:45:5d:de:09:52:e2:06:ca:b2:59:f7:41:
1a:75:4a:b5:a3:43:87:08:d3:8f:04:6f:26:af:2e:
76:a9:75:fa:19:b6:55:b8:75:4e:fb:59:d3:02:7f:
dd:25:c8:97:a0:e7:23:cd:3d:3c:ea:3e:56:27:32:
b6:e2:2e:e8:b2:8d:f1:1e:bd:10:fd:fa:d9:fb:dc:
94:05:dc:b1:89:9a:57:5e:53:94:cc:51:a8:c6:74:
c0:33:b4:cf:79:66:0f:73:57:f5:7c:60:5d:98:7c:
ff:a5:ac:d2:a5:89:0a:4e:1a:e3:a4:e9:7d:84:09:
bc:51:da:5a:ce:23:6a:7e:80:be:72:fd:01:cb:ec:
72:68:96:61:bd:4a:c2:6a:d2:f9:d7:31:e4:b4:e9:
d2:27:85:87:70:0a:2d:e6:0d:ce:ec:54:5a:91:d0:
49:43:45:03:a0:a7:b8:f9:4a:24:de:68:57:83:4e:
58:ba:38:5d:9d:14:87:54:49:49:30:85:77:68:17:
8b:8e:3d:24:92:9f:06:3b:31:b0:91:85:e9:56:99:
3b:d2:3b:70:c6:7f:c3:f8:fc:ed:c6:4d:2d:2a:d0:
5c:c6:c3:c2:9b:7a:ae:78:b1:ed:d3:b0:22:9a:80:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:71:24:20:BB:CF:98:AE:E8:CE:2F:01:5E:42:2C:7F:1F:D9:B9:8E
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qXEkILvPmK7ozi8BXkIsfx_ZuY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
89.40.220.0/23
94.26.110.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:ff:2a:c9:30:dc:ea:c7:57:f5:7c:78:b8:f1:b7:b1:f6:1f:
16:54:ce:79:2c:11:d9:e4:c1:d8:98:c6:99:25:f0:0b:38:89:
f4:d1:5b:e9:26:a1:67:6d:84:96:76:15:ac:bc:32:75:af:18:
a5:6f:f8:e5:c0:0c:14:d8:49:83:31:71:ad:c8:b2:37:47:0c:
f9:ef:84:45:93:7a:d2:b4:fe:48:b2:37:b8:80:ac:76:8b:ad:
dc:ad:ca:65:3a:54:c5:b0:1b:a8:45:c3:53:b2:df:b7:70:7a:
c6:47:42:47:89:19:5f:63:d4:33:85:5b:8d:8c:05:f4:c5:f4:
8a:30:ca:b8:59:fe:79:b9:34:4f:e9:9b:33:e9:33:25:7e:f2:
ce:8b:03:5c:17:cd:1c:20:5d:3f:62:c7:e9:a9:54:2b:fe:da:
e5:27:91:ab:6e:67:7f:92:8d:ef:eb:fc:01:2d:10:c8:30:03:
3e:a1:c3:22:bf:fa:6a:9c:0f:8c:98:55:f5:a9:c7:a0:ca:16:
54:2d:98:bd:3d:04:ac:3e:e3:f0:99:e4:8d:06:a9:f3:68:4f:
fb:50:97:e7:94:52:b6:df:bb:71:b6:0c:a4:3a:89:f7:03:19:
55:84:66:99:9d:d2:b0:87:e5:43:c9:41:e4:d3:fb:69:c5:1a:
2e:71:10:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2i7ag+IRRyikZEr9GHmS/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMjEzMTQ0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTcxMjQyMGJiY2Y5OGFlZThjZTJmMDE1ZTQyMmM3ZjFmZDliOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb0PQ8YjiktxRLlIZCL68w5FXd4J
UuIGyrJZ90EadUq1o0OHCNOPBG8mry52qXX6GbZVuHVO+1nTAn/dJciXoOcjzT08
6j5WJzK24i7oso3xHr0Q/frZ+9yUBdyxiZpXXlOUzFGoxnTAM7TPeWYPc1f1fGBd
mHz/pazSpYkKThrjpOl9hAm8UdpaziNqfoC+cv0By+xyaJZhvUrCatL51zHktOnS
J4WHcAot5g3O7FRakdBJQ0UDoKe4+Uok3mhXg05YujhdnRSHVElJMIV3aBeLjj0k
kp8GOzGwkYXpVpk70jtwxn/D+Pztxk0tKtBcxsPCm3queLHt07AimoBbsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKlxJCC7z5iu6M4vAV5CLH8f2bmOMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvcVhFa0lMdlBtSzdvemk4QlhrSXNmeF9adVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWIdgAwQB
WSjcAwQBXhpuMA0GCSqGSIb3DQEBCwUAA4IBAQCw/yrJMNzqx1f1fHi48bex9h8W
VM55LBHZ5MHYmMaZJfALOIn00VvpJqFnbYSWdhWsvDJ1rxilb/jlwAwU2EmDMXGt
yLI3Rwz574RFk3rStP5Isje4gKx2i63crcplOlTFsBuoRcNTst+3cHrGR0JHiRlf
Y9QzhVuNjAX0xfSKMMq4Wf55uTRP6Zsz6TMlfvLOiwNcF80cIF0/YsfpqVQr/trl
J5Grbmd/ko3v6/wBLRDIMAM+ocMiv/pqnA+MmFX1qcegyhZULZi9PQSsPuPwmeSN
BqnzaE/7UJfnlFK237txtgykOon3AxlVhGaZndKwh+VDyUHk0/tpxRoucRB0
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:58:57 2025 by rpki-client