Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/940a74-a2f2-4bd6-8e5a-9554a5ac36bb/1/qGUXVQ_YIWaxyPrsBvv99Mi17Xk.roa
File: qGUXVQ_YIWaxyPrsBvv99Mi17Xk.roa (raw, json)
Hash identifier: ahyxLXkQdJnYzPf9suZu/LdsDie1JIPApAeOAOCQ4OE=
Subject key identifier: A8:65:17:55:0F:D8:21:66:B1:C8:FA:EC:06:FB:FD:F4:C8:B5:ED:79
Certificate issuer: /CN=7bb3382c16a0a5615990d4bce634dc51682f2eaa
Certificate serial: 019420D63E624BA76C8CF3F954B9E23E7348
Authority key identifier: 7B:B3:38:2C:16:A0:A5:61:59:90:D4:BC:E6:34:DC:51:68:2F:2E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e7M4LBagpWFZkNS85jTcUWgvLqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/940a74-a2f2-4bd6-8e5a-9554a5ac36bb/1/qGUXVQ_YIWaxyPrsBvv99Mi17Xk.roa
Signing time: Wed 01 Jan 2025 07:48:19 +0000
ROA not before: Wed 01 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47160
IP address blocks: 87.236.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3e:62:4b:a7:6c:8c:f3:f9:54:b9:e2:3e:73:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bb3382c16a0a5615990d4bce634dc51682f2eaa
Validity
Not Before: Jan 1 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86517550fd82166b1c8faec06fbfdf4c8b5ed79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:f9:d4:e2:38:b7:07:a4:e4:be:62:42:6e:
cf:75:7c:d3:07:22:de:38:f1:43:6b:25:f1:db:06:
e1:20:12:4f:81:f2:07:c3:84:b8:aa:4a:fb:9d:38:
27:97:74:23:89:58:7b:27:1b:5f:a6:10:5f:97:f1:
a3:24:6e:9c:5d:85:46:90:e4:02:53:fa:ab:d7:fe:
a9:91:f9:98:c2:1e:3a:18:44:9b:31:ef:6f:7a:33:
bd:86:fa:a0:ac:20:0e:f0:38:15:e6:a1:d6:90:8a:
e4:1a:b6:48:f0:7e:3a:00:45:97:b3:b9:d7:d0:1f:
e5:61:c5:ba:1c:5f:16:8e:1f:fb:ec:be:8c:34:6c:
97:89:6c:7f:c2:3d:70:09:a5:46:64:6a:39:85:1b:
5b:f0:b8:d6:fd:5b:1c:f4:bb:dc:1a:a0:40:a1:4b:
81:a3:ca:92:4a:41:8c:0a:ba:cc:62:90:8b:5b:a3:
f0:49:59:60:ce:db:7b:1f:0d:61:bc:e2:34:12:bb:
e7:bb:db:11:b5:95:5e:a3:f0:e8:2f:c4:52:79:0a:
85:2b:00:4a:dc:c4:2f:ef:5e:28:c6:59:84:d6:9d:
d1:e6:c0:b7:74:af:74:a1:51:57:15:49:57:83:01:
5f:2a:b6:42:8b:4f:4a:e4:0a:af:67:26:7f:1a:24:
b4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:65:17:55:0F:D8:21:66:B1:C8:FA:EC:06:FB:FD:F4:C8:B5:ED:79
X509v3 Authority Key Identifier:
keyid:7B:B3:38:2C:16:A0:A5:61:59:90:D4:BC:E6:34:DC:51:68:2F:2E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7M4LBagpWFZkNS85jTcUWgvLqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/940a74-a2f2-4bd6-8e5a-9554a5ac36bb/1/qGUXVQ_YIWaxyPrsBvv99Mi17Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/940a74-a2f2-4bd6-8e5a-9554a5ac36bb/1/e7M4LBagpWFZkNS85jTcUWgvLqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.35.0/24
Signature Algorithm: sha256WithRSAEncryption
67:63:02:cd:ff:cb:99:57:6e:90:0c:b5:54:47:b8:74:17:1e:
74:da:c5:09:5e:f9:15:9b:5c:24:0d:a6:23:84:64:da:e7:dc:
dd:aa:b3:bf:a6:10:a4:4a:ef:4d:a8:fd:25:fd:af:98:b0:91:
c3:a4:4c:11:52:53:54:60:bb:07:c9:39:98:b6:a1:35:cd:6f:
f2:57:bf:60:d6:2c:cb:91:38:8e:48:70:95:17:d4:cd:8b:60:
eb:81:9b:ae:eb:cb:df:d2:3b:87:01:8c:9e:93:28:aa:a8:bb:
a2:ac:33:91:49:46:65:9a:45:45:dc:3b:d1:d0:ba:4a:b2:9a:
6d:06:20:a4:95:33:b7:a8:11:66:2f:49:9f:97:e4:60:18:75:
6f:17:ce:6f:00:2a:d6:2c:fa:f4:90:76:9e:20:6e:a7:b7:b5:
09:c6:55:4f:eb:5f:d6:32:c6:39:01:98:74:ff:a3:12:21:ef:
8d:85:ac:da:93:72:c1:ca:bf:f9:67:c5:6f:e9:d1:cf:9b:db:
80:c7:ca:e7:f7:0c:43:3a:91:16:9d:50:b8:38:05:5a:27:e6:
5c:eb:71:1b:9a:8d:8b:e9:f6:20:22:f2:eb:81:b8:92:14:3a:
29:be:f7:bd:e9:45:f3:c9:14:14:96:12:55:c1:56:4d:06:aa:
83:25:0b:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1j5iS6dsjPP5VLniPnNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYjMzODJjMTZhMGE1NjE1OTkwZDRiY2U2MzRkYzUxNjgy
ZjJlYWEwHhcNMjUwMTAxMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY1MTc1NTBmZDgyMTY2YjFjOGZhZWMwNmZiZmRmNGM4YjVlZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL351OI4twek5L5iQm7PdXzTByLe
OPFDayXx2wbhIBJPgfIHw4S4qkr7nTgnl3QjiVh7JxtfphBfl/GjJG6cXYVGkOQC
U/qr1/6pkfmYwh46GESbMe9vejO9hvqgrCAO8DgV5qHWkIrkGrZI8H46AEWXs7nX
0B/lYcW6HF8Wjh/77L6MNGyXiWx/wj1wCaVGZGo5hRtb8LjW/Vsc9LvcGqBAoUuB
o8qSSkGMCrrMYpCLW6PwSVlgztt7Hw1hvOI0Ervnu9sRtZVeo/DoL8RSeQqFKwBK
3MQv714oxlmE1p3R5sC3dK90oVFXFUlXgwFfKrZCi09K5AqvZyZ/GiS0TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhlF1UP2CFmscj67Ab7/fTIte15MB8GA1UdIwQY
MBaAFHuzOCwWoKVhWZDUvOY03FFoLy6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTdNNExCYWdwV0Zaa05TODVqVGNVV2d2THFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NDBhNzQtYTJmMi00YmQ2LThlNWEt
OTU1NGE1YWMzNmJiLzEvcUdVWFZRX1lJV2F4eVByc0J2djk5TWkxN1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NDBhNzQtYTJmMi00YmQ2LThlNWEtOTU1NGE1YWMzNmJi
LzEvZTdNNExCYWdwV0Zaa05TODVqVGNVV2d2THFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+wjMA0G
CSqGSIb3DQEBCwUAA4IBAQBnYwLN/8uZV26QDLVUR7h0Fx502sUJXvkVm1wkDaYj
hGTa59zdqrO/phCkSu9NqP0l/a+YsJHDpEwRUlNUYLsHyTmYtqE1zW/yV79g1izL
kTiOSHCVF9TNi2DrgZuu68vf0juHAYyekyiqqLuirDORSUZlmkVF3DvR0LpKsppt
BiCklTO3qBFmL0mfl+RgGHVvF85vACrWLPr0kHaeIG6nt7UJxlVP61/WMsY5AZh0
/6MSIe+Nhazak3LByr/5Z8Vv6dHPm9uAx8rn9wxDOpEWnVC4OAVaJ+Zc63Ebmo2L
6fYgIvLrgbiSFDopvve96UXzyRQUlhJVwVZNBqqDJQt5
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:26:13 2025 by rpki-client