Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qkZAW_tKFnv0EhuTjD81wptPYIA.roa
File: qkZAW_tKFnv0EhuTjD81wptPYIA.roa (raw, json)
Hash identifier: vEawDlvA8e5GNMY7vLum3HuflNKXxdoe9v4/sepdE34=
Subject key identifier: AA:46:40:5B:FB:4A:16:7B:F4:12:1B:93:8C:3F:35:C2:9B:4F:60:80
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 02A124C2
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qkZAW_tKFnv0EhuTjD81wptPYIA.roa
Signing time: Sat 01 Jan 2022 02:53:16 +0000
ROA not before: Sat 01 Jan 2022 02:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 89.46.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44115138 (0x2a124c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 1 02:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa46405bfb4a167bf4121b938c3f35c29b4f6080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:16:4c:02:7b:94:f7:76:f2:3d:37:03:35:
89:03:a8:18:15:f0:aa:59:c6:0e:75:20:9e:c5:cb:
f4:2d:4d:a4:f7:e5:7c:de:49:5f:76:f6:7a:68:13:
ce:93:e8:2b:77:0f:87:5e:66:3c:be:22:0f:74:46:
76:4c:8c:f3:b2:6b:bb:6e:7a:3c:a9:bd:17:10:0d:
b9:28:da:50:b7:59:59:8d:25:86:a3:55:d2:f0:57:
7d:54:9c:23:2b:c3:11:e4:8e:ed:b9:98:85:d8:a9:
fe:40:eb:d5:4f:74:b6:d3:07:08:7d:c5:ba:f3:55:
5a:eb:85:76:1e:34:8a:46:58:6b:70:3c:4c:0c:3c:
9f:c0:6c:82:6b:16:ea:d4:43:ad:d0:cc:2d:47:9e:
3d:18:0c:e8:7b:cc:48:61:c7:69:85:54:11:fe:d9:
27:b6:00:9c:1e:7b:ed:7b:66:33:bf:63:cb:80:11:
d8:e0:a3:e8:32:0a:d1:f9:75:6d:5d:48:a1:0f:1e:
47:58:64:7b:68:dd:6e:4a:0e:d3:f7:43:c6:4c:41:
d7:28:c1:6f:0c:f8:8f:c3:78:3e:5f:de:a2:ea:bc:
1c:af:08:79:da:32:9d:50:34:4c:b3:cb:07:9a:e2:
6a:f8:07:de:9d:5b:20:07:48:98:ef:ec:ce:7b:77:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:46:40:5B:FB:4A:16:7B:F4:12:1B:93:8C:3F:35:C2:9B:4F:60:80
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qkZAW_tKFnv0EhuTjD81wptPYIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.248.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:1b:05:47:bc:18:b0:ef:d3:d7:ba:3b:fd:d7:49:f3:fc:ee:
63:d2:1e:77:2e:60:a2:db:b7:87:b5:0d:78:ab:c5:df:b9:b8:
f6:f3:b0:ea:7b:ee:3e:b6:1f:40:bd:ca:ed:52:17:36:5d:fd:
72:b5:47:7a:e6:00:a7:cf:e2:6d:d2:6d:37:ce:1d:05:f1:0a:
b9:78:8b:0a:8d:fe:c3:13:48:8f:5d:84:3b:79:af:bf:46:7e:
ac:5b:38:f1:dd:35:57:00:ad:61:09:1a:1e:e6:c3:aa:f8:19:
9a:96:81:e6:81:88:81:ba:8f:e4:6c:f2:2f:54:3c:66:f9:f4:
d4:33:bb:a4:e8:fd:27:74:84:c1:d8:7f:dd:ca:50:8a:f2:ea:
0a:4d:a0:cd:76:23:f1:39:34:59:9c:1b:80:35:6e:da:7a:2c:
a9:e2:6a:f0:29:ed:a7:04:f6:7c:da:ae:68:55:bd:98:56:28:
ba:46:f4:0e:71:34:dc:92:14:cd:73:6d:74:bf:2c:fc:68:8a:
fb:b3:37:9f:10:9d:be:fd:04:c1:8b:2f:a4:86:a5:74:29:cc:
6b:9c:6c:61:67:af:67:6f:74:68:27:0e:6d:55:ed:dc:6b:3b:
b7:46:4b:28:b2:e5:5c:bb:2c:55:9a:73:de:6a:dc:74:64:9e:
52:bd:44:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqEkwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU4Y2M4ZjVhZjFlNzM2MmQ0NTRmM2RkOTFhODI5NTI5MTlkYjYxMB4XDTIyMDEw
MTAyNTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE0NjQwNWJmYjRh
MTY3YmY0MTIxYjkzOGMzZjM1YzI5YjRmNjA4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkkFkwCe5T3dvI9NwM1iQOoGBXwqlnGDnUgnsXL9C1NpPfl
fN5JX3b2emgTzpPoK3cPh15mPL4iD3RGdkyM87Jru256PKm9FxANuSjaULdZWY0l
hqNV0vBXfVScIyvDEeSO7bmYhdip/kDr1U90ttMHCH3FuvNVWuuFdh40ikZYa3A8
TAw8n8BsgmsW6tRDrdDMLUeePRgM6HvMSGHHaYVUEf7ZJ7YAnB577XtmM79jy4AR
2OCj6DIK0fl1bV1IoQ8eR1hke2jdbkoO0/dDxkxB1yjBbwz4j8N4Pl/eouq8HK8I
edoynVA0TLPLB5riavgH3p1bIAdImO/sznt3RZ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqRkBb+0oWe/QSG5OMPzXCm09ggDAfBgNVHSMEGDAWgBTb6MyPWvHnNi1F
Tz3ZGoKVKRnbYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItak1qMXJ4NXpZdFJVODkyUnFDbFNrWjIyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYTU3M2ZlLTZlMGUtNGJmZi05OWZjLTI2MjFkNWM5OWNhYi8x
L3FrWkFXX3RLRm52MEVodVRqRDgxd3B0UFlJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YTU3M2ZlLTZlMGUtNGJmZi05OWZjLTI2MjFkNWM5OWNhYi8xLzItak1qMXJ4NXpZ
dFJVODkyUnFDbFNrWjIyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlku+DANBgkqhkiG9w0BAQsFAAOC
AQEAvRsFR7wYsO/T17o7/ddJ8/zuY9Iedy5gotu3h7UNeKvF37m49vOw6nvuPrYf
QL3K7VIXNl39crVHeuYAp8/ibdJtN84dBfEKuXiLCo3+wxNIj12EO3mvv0Z+rFs4
8d01VwCtYQkaHubDqvgZmpaB5oGIgbqP5GzyL1Q8Zvn01DO7pOj9J3SEwdh/3cpQ
ivLqCk2gzXYj8Tk0WZwbgDVu2nosqeJq8CntpwT2fNquaFW9mFYoukb0DnE03JIU
zXNtdL8s/GiK+7M3nxCdvv0EwYsvpIaldCnMa5xsYWevZ290aCcObVXt3Gs7t0ZL
KLLlXLssVZpz3mrcdGSeUr1EbQ==
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:50:29 2025 by rpki-client