Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/qrNw_4pWdm_geFtfy5BpF6RB3Lw.roa
File: qrNw_4pWdm_geFtfy5BpF6RB3Lw.roa (raw, json)
Hash identifier: QyClSiOoVb03SqPau0rHxsvXZNW+BEw2UB08FmFuOP0=
Subject key identifier: AA:B3:70:FF:8A:56:76:6F:E0:78:5B:5F:CB:90:69:17:A4:41:DC:BC
Certificate issuer: /CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Certificate serial: 019425FD9FADAB89AB0B7A051EE468E7A2A4
Authority key identifier: BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/qrNw_4pWdm_geFtfy5BpF6RB3Lw.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3304
IP address blocks: 193.28.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9f:ad:ab:89:ab:0b:7a:05:1e:e4:68:e7:a2:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab370ff8a56766fe0785b5fcb906917a441dcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6e:10:29:48:75:4f:ee:d4:ef:3e:3a:b4:88:
19:18:74:4b:1d:c3:5b:d8:bc:4c:f4:3e:a1:a6:15:
10:cd:83:42:fc:fc:1b:de:e2:7e:31:55:6b:cc:02:
86:7a:1e:c0:94:aa:1d:4a:7d:a9:ed:8e:4c:87:7c:
83:60:52:83:05:05:4f:c6:e0:ea:43:f1:a0:1b:8c:
07:42:d6:34:b2:72:f9:b4:29:6b:48:8d:d9:95:4d:
c9:f2:de:80:6f:08:7e:43:3e:95:4f:81:f3:a4:33:
1a:51:15:4d:73:ff:30:ee:b0:89:6d:19:f6:d5:71:
3f:d2:67:b0:d7:7e:05:42:5c:f0:51:1b:4b:b1:28:
43:38:f4:e2:ea:d4:9d:9e:21:4a:3d:fb:cc:bd:27:
b2:61:0b:fa:23:82:a6:70:f3:7f:7d:6b:7c:2a:7b:
41:c0:c9:13:34:cc:81:c2:76:f1:cd:0d:8c:2a:63:
8b:d8:57:b2:1a:29:fd:76:11:aa:b7:81:bb:89:b2:
9f:56:3f:aa:1f:e6:18:c0:bf:64:84:b3:0e:1c:52:
80:7f:73:17:22:c0:c0:12:9a:5c:3e:6f:ed:7c:43:
70:2f:b0:33:49:d4:d8:8f:a8:b5:72:87:9b:ed:a7:
2d:ff:cb:b3:a2:cf:9b:9c:0d:6c:06:26:a4:34:f1:
9a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B3:70:FF:8A:56:76:6F:E0:78:5B:5F:CB:90:69:17:A4:41:DC:BC
X509v3 Authority Key Identifier:
keyid:BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/qrNw_4pWdm_geFtfy5BpF6RB3Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.47.0/24
Signature Algorithm: sha256WithRSAEncryption
14:7b:01:e5:25:97:57:f6:e4:21:6c:12:6d:fa:7d:fd:9d:6c:
07:05:2d:df:8b:4a:d1:e0:a8:e0:18:07:6f:a0:ac:24:74:5a:
9c:d9:4f:b4:6c:8f:89:21:92:7c:e5:50:e8:c7:96:4a:17:3c:
b5:b6:4a:bd:8e:ae:a1:77:02:2f:f9:91:fd:a9:c4:4f:31:db:
7b:1a:fb:8d:9c:05:97:7d:a1:a2:89:0c:2d:49:60:ca:42:8d:
b6:ee:ac:76:63:73:07:3f:0c:27:b8:e3:a4:f8:38:e3:ba:76:
c7:52:0e:72:41:36:6f:e1:b2:b2:e1:c7:8a:73:c8:82:f6:f8:
6e:d8:d6:a5:07:cd:51:94:23:fa:ab:8a:44:70:85:db:d6:2d:
ed:1a:36:aa:9a:d9:38:02:cd:be:d0:3a:bb:b3:f4:d1:35:83:
e9:77:fe:8a:47:3a:8f:56:63:8f:c8:d3:25:21:6c:e4:cd:93:
15:f8:7c:ab:c4:e3:76:8a:05:7e:a7:5e:45:8a:72:1e:57:c0:
9b:44:41:56:00:fc:73:ef:d5:ba:bc:cc:5f:c4:4a:e0:15:af:
7d:e5:4a:75:dd:57:3d:29:26:6d:48:73:7d:5f:ca:be:d5:74:
23:89:fb:b1:e2:9c:f8:ce:d8:2f:d9:86:e3:b7:71:df:d5:a5:
4d:35:fb:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Z+tq4mrC3oFHuRo56KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmEzYWY4MzlhYTFkY2U3NThmNDg5ZTJkMzFhZTIyMDky
ZmM5OWEwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWIzNzBmZjhhNTY3NjZmZTA3ODViNWZjYjkwNjkxN2E0NDFkY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5m4QKUh1T+7U7z46tIgZGHRLHcNb
2LxM9D6hphUQzYNC/Pwb3uJ+MVVrzAKGeh7AlKodSn2p7Y5Mh3yDYFKDBQVPxuDq
Q/GgG4wHQtY0snL5tClrSI3ZlU3J8t6Abwh+Qz6VT4HzpDMaURVNc/8w7rCJbRn2
1XE/0mew134FQlzwURtLsShDOPTi6tSdniFKPfvMvSeyYQv6I4KmcPN/fWt8KntB
wMkTNMyBwnbxzQ2MKmOL2FeyGin9dhGqt4G7ibKfVj+qH+YYwL9khLMOHFKAf3MX
IsDAEppcPm/tfENwL7AzSdTYj6i1coeb7act/8uzos+bnA1sBiakNPGaNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqzcP+KVnZv4HhbX8uQaRekQdy8MB8GA1UdIwQY
MBaAFL36Ovg5qh3OdY9Ini0xriIJL8maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMt
YWU3NzQ2ZjA5NjMwLzEvcXJOd180cFdkbV9nZUZ0Znk1QnBGNlJCM0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMtYWU3NzQ2ZjA5NjMw
LzEvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRwvMA0G
CSqGSIb3DQEBCwUAA4IBAQAUewHlJZdX9uQhbBJt+n39nWwHBS3fi0rR4KjgGAdv
oKwkdFqc2U+0bI+JIZJ85VDox5ZKFzy1tkq9jq6hdwIv+ZH9qcRPMdt7GvuNnAWX
faGiiQwtSWDKQo227qx2Y3MHPwwnuOOk+DjjunbHUg5yQTZv4bKy4ceKc8iC9vhu
2NalB81RlCP6q4pEcIXb1i3tGjaqmtk4As2+0Dq7s/TRNYPpd/6KRzqPVmOPyNMl
IWzkzZMV+HyrxON2igV+p15FinIeV8CbREFWAPxz79W6vMxfxErgFa995Up13Vc9
KSZtSHN9X8q+1XQjifux4pz4ztgv2Ybjt3Hf1aVNNftE
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:50:40 2025 by rpki-client