Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/QMKY9gH2fJEvFSrOUJHTm_xlFbk.roa
File: QMKY9gH2fJEvFSrOUJHTm_xlFbk.roa (raw, json)
Hash identifier: GvG5+A3Fonoygg0ES5gPUPHlW5rl5LMXDPetfjgPpkY=
Subject key identifier: 40:C2:98:F6:01:F6:7C:91:2F:15:2A:CE:50:91:D3:9B:FC:65:15:B9
Certificate issuer: /CN=f7e784f370640383e97ec92963bcad3181b99774
Certificate serial: 01857082B7299220D15CF544BCF9D52ED576
Authority key identifier: F7:E7:84:F3:70:64:03:83:E9:7E:C9:29:63:BC:AD:31:81:B9:97:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-eE83BkA4PpfskpY7ytMYG5l3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/QMKY9gH2fJEvFSrOUJHTm_xlFbk.roa
Signing time: Mon 02 Jan 2023 03:24:52 +0000
ROA not before: Mon 02 Jan 2023 03:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 92.249.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b7:29:92:20:d1:5c:f5:44:bc:f9:d5:2e:d5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e784f370640383e97ec92963bcad3181b99774
Validity
Not Before: Jan 2 03:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40c298f601f67c912f152ace5091d39bfc6515b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:57:d7:cd:dd:9d:b2:97:c3:d8:38:5d:c1:34:
cf:1b:25:73:20:67:03:67:82:d3:40:bf:76:6a:e8:
d3:f9:ac:87:1d:64:7e:1e:fc:7a:3b:e1:20:e5:dc:
19:b6:44:f0:ae:c4:4f:38:49:2a:1a:bc:5b:e7:04:
33:18:a8:0e:5c:91:1c:3b:98:a2:2e:b8:98:12:93:
b3:86:80:df:0c:34:77:bd:0b:73:24:aa:8c:a1:1c:
87:f4:da:68:6f:be:8e:79:16:a8:a7:1b:a4:65:d6:
7c:2b:0a:76:59:72:9e:10:0b:77:8f:37:0a:bb:58:
76:82:f9:aa:80:02:3b:d4:08:d5:55:db:18:cf:a3:
27:d5:2d:3b:88:bb:98:5a:7a:76:d7:b3:2a:6c:37:
60:b5:f1:22:d6:46:f6:ed:4b:1b:e2:6f:ed:8f:fa:
98:22:66:da:e8:02:3d:2d:8e:f6:96:96:83:15:dc:
c0:0e:32:6d:9f:3d:0e:4d:32:dc:59:0b:74:79:4d:
56:af:2d:f2:90:58:28:af:ed:95:c7:74:ba:32:3a:
74:be:51:bd:dc:3e:bc:2b:21:b7:b0:f7:f4:48:35:
49:85:c2:6e:a0:45:65:56:e6:64:5d:7e:9d:46:32:
31:10:82:f1:1b:b4:48:58:28:61:8b:43:40:63:9f:
11:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C2:98:F6:01:F6:7C:91:2F:15:2A:CE:50:91:D3:9B:FC:65:15:B9
X509v3 Authority Key Identifier:
keyid:F7:E7:84:F3:70:64:03:83:E9:7E:C9:29:63:BC:AD:31:81:B9:97:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-eE83BkA4PpfskpY7ytMYG5l3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/QMKY9gH2fJEvFSrOUJHTm_xlFbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/9-eE83BkA4PpfskpY7ytMYG5l3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.24.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7b:c0:b6:4a:4d:8d:8f:b2:9b:e4:d5:0d:09:1f:48:ff:c2:
1d:2b:cf:c1:ee:1e:53:fa:f0:88:b4:81:3c:c3:ab:8c:1e:73:
9b:15:82:56:44:2b:79:e3:08:a8:d0:3b:04:da:a7:1f:8a:3e:
24:64:9e:9a:f6:be:1e:f8:e6:8f:25:9e:48:6a:10:a3:d9:b5:
07:9a:1f:03:63:b6:94:ab:61:2e:28:b9:f0:61:20:3b:30:cb:
b2:0b:3b:33:13:db:55:1f:ab:62:b0:9b:39:90:07:f2:d8:bf:
03:30:04:3e:6d:b3:a7:e1:04:cc:62:2d:b1:f0:e7:1f:da:8f:
ac:f5:70:0d:43:84:f1:91:c4:58:b1:36:45:46:5b:e1:36:e9:
ec:a6:56:7f:bb:78:c4:cb:94:9c:2a:fb:cf:5a:aa:fa:32:0c:
3b:c6:49:3a:17:60:30:ac:33:7f:c7:20:b0:ed:a8:c6:04:c2:
32:30:57:a8:be:7b:47:56:7d:83:5a:d4:45:c7:a9:65:92:8a:
d7:46:da:59:27:2d:b2:f7:7e:63:9d:ae:d2:91:18:92:2d:0c:
35:29:b2:85:95:e2:dd:18:41:32:33:09:a2:9a:c2:27:c8:ff:
63:f8:22:fe:8c:47:f9:df:11:f7:6f:ae:7d:5d:ec:b5:a4:30:
99:13:0a:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgrcpkiDRXPVEvPnVLtV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZTc4NGYzNzA2NDAzODNlOTdlYzkyOTYzYmNhZDMxODFi
OTk3NzQwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMyOThmNjAxZjY3YzkxMmYxNTJhY2U1MDkxZDM5YmZjNjUxNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlfXzd2dspfD2DhdwTTPGyVzIGcD
Z4LTQL92aujT+ayHHWR+Hvx6O+Eg5dwZtkTwrsRPOEkqGrxb5wQzGKgOXJEcO5ii
LriYEpOzhoDfDDR3vQtzJKqMoRyH9Npob76OeRaopxukZdZ8Kwp2WXKeEAt3jzcK
u1h2gvmqgAI71AjVVdsYz6Mn1S07iLuYWnp217MqbDdgtfEi1kb27Usb4m/tj/qY
Imba6AI9LY72lpaDFdzADjJtnz0OTTLcWQt0eU1Wry3ykFgor+2Vx3S6Mjp0vlG9
3D68KyG3sPf0SDVJhcJuoEVlVuZkXX6dRjIxEILxG7RIWChhi0NAY58REwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDCmPYB9nyRLxUqzlCR05v8ZRW5MB8GA1UdIwQY
MBaAFPfnhPNwZAOD6X7JKWO8rTGBuZd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS1lRTgzQmtBNFBwZnNrcFk3eXRNWUc1bDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MDBiMDItMzJhOC00ODk5LTgwNWMt
NjhlMGE4NGZlYjQ2LzEvUU1LWTlnSDJmSkV2RlNyT1VKSFRtX3hsRmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MDBiMDItMzJhOC00ODk5LTgwNWMtNjhlMGE4NGZlYjQ2
LzEvOS1lRTgzQmtBNFBwZnNrcFk3eXRNWUc1bDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPkYMA0G
CSqGSIb3DQEBCwUAA4IBAQAke8C2Sk2Nj7Kb5NUNCR9I/8IdK8/B7h5T+vCItIE8
w6uMHnObFYJWRCt54wio0DsE2qcfij4kZJ6a9r4e+OaPJZ5IahCj2bUHmh8DY7aU
q2EuKLnwYSA7MMuyCzszE9tVH6tisJs5kAfy2L8DMAQ+bbOn4QTMYi2x8Ocf2o+s
9XANQ4TxkcRYsTZFRlvhNunsplZ/u3jEy5ScKvvPWqr6Mgw7xkk6F2AwrDN/xyCw
7ajGBMIyMFeovntHVn2DWtRFx6llkorXRtpZJy2y935jna7SkRiSLQw1KbKFleLd
GEEyMwmimsInyP9j+CL+jEf53xH3b659Xey1pDCZEwpU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org