Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNH4LjV_a0G2bfU3AA-yMVg9DmA.roa
File: QNH4LjV_a0G2bfU3AA-yMVg9DmA.roa (raw, json)
Hash identifier: tg/jf2MNz0az/QFWczGps0YHGhRItbDUegOPOmXqM6Q=
Subject key identifier: 40:D1:F8:2E:35:7F:6B:41:B6:6D:F5:37:00:0F:B2:31:58:3D:0E:60
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909054DB75D12EE53D35E021E1E41BED38
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNH4LjV_a0G2bfU3AA-yMVg9DmA.roa
Signing time: Mon 08 Jul 2024 03:13:18 +0000
ROA not before: Mon 08 Jul 2024 03:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:90:54:db:75:d1:2e:e5:3d:35:e0:21:e1:e4:1b:ed:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 03:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d1f82e357f6b41b66df537000fb231583d0e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:38:e9:65:0b:24:05:93:a1:75:2e:13:3a:
84:65:f7:03:7f:5c:2c:ec:da:a4:99:ff:99:46:18:
5a:e3:1e:97:13:47:96:93:24:ac:4b:6b:61:f0:d8:
32:57:9a:e7:06:c5:23:82:b1:66:53:9d:5a:d0:dd:
6d:4c:04:33:93:e5:54:5a:67:4e:a4:7c:8a:61:82:
01:d4:66:38:d0:2a:94:d1:6d:16:94:b6:27:83:f0:
0f:03:7e:74:34:7d:54:57:90:80:f3:63:90:3b:a8:
fd:23:42:96:48:a5:e6:b8:f3:bb:ad:0f:b3:33:44:
da:56:c0:64:78:95:bb:5a:68:fb:c5:ac:28:9b:c6:
89:67:87:22:e1:c2:85:af:35:2e:b3:5d:23:bc:75:
46:b3:11:de:f7:a3:08:00:ef:2a:e4:ae:e7:f4:30:
57:14:95:7c:00:0e:ad:eb:38:e1:34:97:0a:19:b7:
d3:db:68:cb:b2:59:e6:ae:42:43:fa:73:4b:89:e9:
35:36:82:ff:20:f8:db:4e:08:f4:04:51:65:33:e7:
be:c8:65:88:9b:57:8f:df:fb:87:a6:17:85:4a:18:
dd:bc:51:ce:1e:81:05:9b:ff:d5:9e:5f:8c:f6:63:
57:6b:5d:37:eb:b5:44:d6:f1:e0:98:84:11:d9:88:
cb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D1:F8:2E:35:7F:6B:41:B6:6D:F5:37:00:0F:B2:31:58:3D:0E:60
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNH4LjV_a0G2bfU3AA-yMVg9DmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:81:80:75:ff:1a:10:bb:19:ce:e1:01:42:60:4c:a9:38:7a:
23:54:ae:df:92:0f:df:83:72:68:5e:45:bb:c9:cf:ab:ba:dc:
c9:e0:a1:7c:f2:93:47:bd:38:da:66:49:e9:b4:7c:eb:9f:4d:
3b:d0:e3:20:5c:fe:1c:9c:aa:0e:01:fe:35:ff:ac:db:19:b5:
61:7a:da:f7:02:48:b6:ec:9c:b1:d4:dd:79:b4:82:8d:c7:0a:
a0:97:fd:fa:8d:44:c2:66:a9:f0:5e:b2:c0:95:3d:22:50:9d:
ce:d9:ab:f1:00:0a:ba:11:32:8b:38:d3:e9:3f:5b:93:40:dc:
20:ce:05:ab:1e:ff:6d:0c:55:66:e8:1a:31:27:14:26:9a:f0:
84:cd:1f:3a:f1:21:1d:9c:df:4a:91:b8:5c:96:bb:3c:80:1a:
52:0f:e3:28:71:6e:c0:a8:10:d4:5c:ce:67:e8:ee:3e:f2:ed:
92:f0:16:d2:51:ae:c1:f3:a2:72:9b:9f:dc:0d:72:c2:26:7a:
5f:34:7a:21:c1:8b:2e:3d:b0:d4:4c:25:8e:76:0b:ec:15:38:
da:ea:4c:fc:33:5d:26:f4:77:09:3d:7a:e6:67:a4:48:93:1f:
99:9d:65:49:0e:75:34:c3:f3:84:12:20:27:f4:de:8c:7b:50:
53:f7:7c:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCQVNt10S7lPTXgIeHkG+04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MDMxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQxZjgyZTM1N2Y2YjQxYjY2ZGY1MzcwMDBmYjIzMTU4M2QwZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYY46WULJAWToXUuEzqEZfcDf1ws
7Nqkmf+ZRhha4x6XE0eWkySsS2th8NgyV5rnBsUjgrFmU51a0N1tTAQzk+VUWmdO
pHyKYYIB1GY40CqU0W0WlLYng/APA350NH1UV5CA82OQO6j9I0KWSKXmuPO7rQ+z
M0TaVsBkeJW7Wmj7xawom8aJZ4ci4cKFrzUus10jvHVGsxHe96MIAO8q5K7n9DBX
FJV8AA6t6zjhNJcKGbfT22jLslnmrkJD+nNLiek1NoL/IPjbTgj0BFFlM+e+yGWI
m1eP3/uHpheFShjdvFHOHoEFm//Vnl+M9mNXa10367VE1vHgmIQR2YjLBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDR+C41f2tBtm31NwAPsjFYPQ5gMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUU5INExqVl9hMEcyYmZVM0FBLXlNVmc5RG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADOBgHX/GhC7Gc7hAUJg
TKk4eiNUrt+SD9+DcmheRbvJz6u63MngoXzyk0e9ONpmSem0fOufTTvQ4yBc/hyc
qg4B/jX/rNsZtWF62vcCSLbsnLHU3Xm0go3HCqCX/fqNRMJmqfBessCVPSJQnc7Z
q/EACroRMos40+k/W5NA3CDOBase/20MVWboGjEnFCaa8ITNHzrxIR2c30qRuFyW
uzyAGlIP4yhxbsCoENRczmfo7j7y7ZLwFtJRrsHzonKbn9wNcsImel80eiHBiy49
sNRMJY52C+wVONrqTPwzXSb0dwk9euZnpEiTH5mdZUkOdTTD84QSICf03ox7UFP3
fO8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:41:21 2025 by rpki-client