Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/QMMtshGnsEfZOJ5LXnvc9oPO2go.roa
File: QMMtshGnsEfZOJ5LXnvc9oPO2go.roa (raw, json)
Hash identifier: DtO6TGlf5ZsS4V2vjDz0RDsin9EKDKv9JnwSUINIA1s=
Subject key identifier: 40:C3:2D:B2:11:A7:B0:47:D9:38:9E:4B:5E:7B:DC:F6:83:CE:DA:0A
Certificate issuer: /CN=dd849063616aee8b9ae9084ade72842a007d3676
Certificate serial: 01856C8135025FC85A98E0034D5EC497B624
Authority key identifier: DD:84:90:63:61:6A:EE:8B:9A:E9:08:4A:DE:72:84:2A:00:7D:36:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YSQY2Fq7oua6QhK3nKEKgB9NnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/QMMtshGnsEfZOJ5LXnvc9oPO2go.roa
Signing time: Sun 01 Jan 2023 08:44:45 +0000
ROA not before: Sun 01 Jan 2023 08:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15377
IP address blocks: 146.19.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:35:02:5f:c8:5a:98:e0:03:4d:5e:c4:97:b6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd849063616aee8b9ae9084ade72842a007d3676
Validity
Not Before: Jan 1 08:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40c32db211a7b047d9389e4b5e7bdcf683ceda0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:bf:92:d1:e6:cd:31:11:35:51:0a:39:29:
a0:87:82:82:64:8d:4b:02:90:14:7c:3e:8b:74:65:
98:da:4d:3d:b2:0a:88:3a:00:ad:a5:57:67:14:d1:
01:ad:f8:28:d1:ce:d7:b5:ad:60:ad:17:de:30:86:
90:2b:d7:cb:56:cd:93:53:56:80:52:60:a2:1d:c1:
6b:3e:b0:ce:97:b7:40:a6:f4:2e:57:e0:47:6f:14:
87:53:67:7c:be:38:a9:d2:5d:ef:e8:61:6a:55:54:
ec:b1:26:d8:a1:e6:5c:75:43:85:f4:16:12:81:ef:
8b:dd:5e:16:1c:7e:39:24:f3:94:74:3b:d1:42:c9:
f8:2f:3e:a6:2c:95:67:92:52:ad:99:ec:c3:f8:82:
8c:18:30:93:48:3a:65:e7:e2:10:c4:97:da:4e:90:
0d:29:87:8f:e6:f8:17:03:9c:2f:84:e2:a8:ca:14:
9b:96:ca:a6:a3:5d:55:c9:5e:67:01:8c:da:ee:3b:
94:95:a3:fc:67:8f:6f:60:8c:a1:07:d2:c9:16:30:
51:a0:74:e9:22:bd:7f:75:2a:4f:b0:12:1c:d6:5f:
eb:9e:74:d5:c5:e3:84:7c:72:55:b9:ca:9c:a2:5b:
28:1f:e3:c4:e4:7d:88:33:45:fa:ec:48:e7:6c:49:
bb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C3:2D:B2:11:A7:B0:47:D9:38:9E:4B:5E:7B:DC:F6:83:CE:DA:0A
X509v3 Authority Key Identifier:
keyid:DD:84:90:63:61:6A:EE:8B:9A:E9:08:4A:DE:72:84:2A:00:7D:36:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YSQY2Fq7oua6QhK3nKEKgB9NnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/QMMtshGnsEfZOJ5LXnvc9oPO2go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/3YSQY2Fq7oua6QhK3nKEKgB9NnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.38.0/24
Signature Algorithm: sha256WithRSAEncryption
22:0c:7b:58:a6:e7:a6:d9:5b:1b:6c:41:a9:e9:92:a4:28:35:
6d:0c:c7:04:00:f8:d7:b6:ff:ec:c4:f7:ff:ff:95:a8:51:99:
4c:f4:7f:cc:0a:3e:9f:89:a5:97:20:da:eb:0a:0c:a5:7c:32:
fa:17:1f:00:11:3e:7e:05:a4:50:de:b8:e4:ef:4b:73:d9:c4:
03:ff:76:ef:2f:1e:df:28:fb:4d:55:12:0f:b9:54:af:5d:02:
92:85:d5:78:15:e0:93:d2:74:77:60:34:3f:18:69:de:b9:73:
16:a9:0c:0a:35:6e:54:7e:82:96:64:d0:94:a9:e7:0c:8b:6a:
f4:b0:0e:3b:f0:9d:21:d2:7e:f5:8c:57:f7:4e:f8:ed:18:e3:
91:c4:63:4d:04:95:00:eb:d5:a1:0f:08:47:6b:3a:69:0f:06:
e9:e0:94:d5:9e:d4:04:c8:32:6b:0f:0f:f9:61:32:db:5e:1c:
ff:12:81:e3:2c:c0:61:46:18:f5:a6:8a:51:3e:5b:8f:9c:04:
97:96:d6:77:e8:21:d3:1a:55:66:6e:44:41:2c:a0:ae:d8:35:
c4:80:53:b9:aa:9e:7e:43:f4:9e:88:b4:ee:d9:c8:97:5b:e7:
1a:e5:42:6b:fb:8a:85:ad:d4:f1:00:26:a0:0b:54:87:70:fa:
5d:aa:ce:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsgTUCX8hamOADTV7El7YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODQ5MDYzNjE2YWVlOGI5YWU5MDg0YWRlNzI4NDJhMDA3
ZDM2NzYwHhcNMjMwMTAxMDg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMzMmRiMjExYTdiMDQ3ZDkzODllNGI1ZTdiZGNmNjgzY2VkYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsm/ktHmzTERNVEKOSmgh4KCZI1L
ApAUfD6LdGWY2k09sgqIOgCtpVdnFNEBrfgo0c7Xta1grRfeMIaQK9fLVs2TU1aA
UmCiHcFrPrDOl7dApvQuV+BHbxSHU2d8vjip0l3v6GFqVVTssSbYoeZcdUOF9BYS
ge+L3V4WHH45JPOUdDvRQsn4Lz6mLJVnklKtmezD+IKMGDCTSDpl5+IQxJfaTpAN
KYeP5vgXA5wvhOKoyhSblsqmo11VyV5nAYza7juUlaP8Z49vYIyhB9LJFjBRoHTp
Ir1/dSpPsBIc1l/rnnTVxeOEfHJVucqcolsoH+PE5H2IM0X67EjnbEm7HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDDLbIRp7BH2TieS1573PaDztoKMB8GA1UdIwQY
MBaAFN2EkGNhau6LmukISt5yhCoAfTZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lTUVkyRnE3b3VhNlFoSzNuS0VLZ0I5Tm5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wOTMwNTgtZGU0MC00NWQ5LThmMmYt
YzhmMWUxNDc4ODM4LzEvUU1NdHNoR25zRWZaT0o1TFhudmM5b1BPMmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wOTMwNTgtZGU0MC00NWQ5LThmMmYtYzhmMWUxNDc4ODM4
LzEvM1lTUVkyRnE3b3VhNlFoSzNuS0VLZ0I5Tm5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMmMA0G
CSqGSIb3DQEBCwUAA4IBAQAiDHtYpuem2VsbbEGp6ZKkKDVtDMcEAPjXtv/sxPf/
/5WoUZlM9H/MCj6fiaWXINrrCgylfDL6Fx8AET5+BaRQ3rjk70tz2cQD/3bvLx7f
KPtNVRIPuVSvXQKShdV4FeCT0nR3YDQ/GGneuXMWqQwKNW5UfoKWZNCUqecMi2r0
sA478J0h0n71jFf3TvjtGOORxGNNBJUA69WhDwhHazppDwbp4JTVntQEyDJrDw/5
YTLbXhz/EoHjLMBhRhj1popRPluPnASXltZ36CHTGlVmbkRBLKCu2DXEgFO5qp5+
Q/SeiLTu2ciXW+ca5UJr+4qFrdTxACagC1SHcPpdqs5t
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:57 2025 by rpki-client