Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/QKIPUY8W9rG1LSw1ZEyZOELoapA.roa
File: QKIPUY8W9rG1LSw1ZEyZOELoapA.roa (raw, json)
Hash identifier: Z80mVuvHDatSxJ6yGfprXykxFLoYcEum7C9B/uFuICg=
Subject key identifier: 40:A2:0F:51:8F:16:F6:B1:B5:2D:2C:35:64:4C:99:38:42:E8:6A:90
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 01941FFA535DB50D8FFAF4DA21FACCEF1184
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/QKIPUY8W9rG1LSw1ZEyZOELoapA.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6939
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:53:5d:b5:0d:8f:fa:f4:da:21:fa:cc:ef:11:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40a20f518f16f6b1b52d2c35644c993842e86a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:4d:bf:ab:67:2f:1d:a6:d7:00:12:2b:b6:
ae:d8:40:0e:a6:dd:85:d0:39:40:74:56:8e:12:31:
86:16:7d:f8:f3:cb:2a:79:f9:b9:df:99:61:81:52:
c1:ac:dd:d6:1b:06:30:83:70:3f:76:ef:32:4b:6d:
89:f9:b1:fc:39:d9:cf:d3:73:b8:ff:85:56:e0:13:
64:93:98:2e:88:4c:1b:21:25:0b:2e:21:35:42:29:
ea:e3:02:80:55:3a:0b:0c:77:42:76:0b:6c:46:ac:
56:57:de:55:db:e4:b9:3e:65:0d:f3:45:5a:3d:14:
90:bf:36:80:90:72:82:ff:7b:5e:46:cf:47:53:ec:
a0:41:82:29:50:57:c7:a9:aa:db:aa:a0:82:68:1d:
24:c4:f0:61:1e:21:f0:49:74:3a:85:9c:09:99:cf:
cc:4f:69:82:10:30:d4:5b:92:de:c1:49:90:29:ed:
8e:dc:0f:04:3f:62:3b:f2:97:45:92:f3:e6:6b:fe:
27:4f:aa:b1:6e:b2:d2:03:0e:fc:d9:be:c9:46:54:
1a:7b:13:ab:df:5d:40:16:c4:0b:a3:71:c6:55:cd:
57:53:b2:a7:1e:9a:38:35:e0:ec:1b:05:f6:dc:01:
a9:69:e1:77:75:f9:64:99:10:90:20:86:cb:cc:e8:
bb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A2:0F:51:8F:16:F6:B1:B5:2D:2C:35:64:4C:99:38:42:E8:6A:90
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/QKIPUY8W9rG1LSw1ZEyZOELoapA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
13:b6:37:83:86:c2:5b:ea:25:49:49:39:14:e7:32:67:d8:c7:
8c:fd:ed:63:5d:a3:87:7b:ec:1a:b4:54:2f:f0:f7:e2:99:40:
53:b2:04:4b:af:37:35:e7:55:38:c3:da:b5:89:ed:2a:cb:85:
81:2e:a4:91:26:96:c6:ec:e0:94:a0:d6:59:34:c0:e4:b2:8d:
4f:74:f8:05:24:ac:90:c5:91:85:eb:93:af:42:56:2d:82:26:
5f:3c:33:90:91:2a:fd:6d:37:bf:88:02:95:d8:9d:13:ed:f8:
97:3e:51:a9:ac:0d:2e:8a:51:d7:9f:0f:23:81:ec:b4:c8:ee:
00:5d:be:1f:ff:9b:36:a9:9a:b4:9f:17:58:37:80:a6:8f:18:
26:7c:c1:d3:3e:fd:84:69:a0:8a:ce:b4:fc:e3:70:17:fc:dc:
d5:96:2b:83:11:67:22:00:03:4b:03:1e:a3:c3:cc:bf:b3:f6:
33:ed:f8:65:01:85:f4:a4:3d:ca:7e:da:c7:15:d3:ba:0a:70:
d5:7a:ed:77:51:51:68:a1:4a:82:f9:9a:b9:1e:7b:e1:df:66:
2b:ab:c6:44:91:f7:e1:ac:09:31:84:07:e4:e5:5e:93:2e:ff:
4d:39:dc:81:81:3a:e2:28:24:51:15:b5:8e:e3:9b:5a:c5:45:
70:45:97:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+lNdtQ2P+vTaIfrM7xGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODUxYzZmYzZlYjM4MTZlMTE2YzhhNGE4NTFkMGQxNzhj
OTBmMzEwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGEyMGY1MThmMTZmNmIxYjUyZDJjMzU2NDRjOTkzODQyZTg2YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0lNv6tnLx2m1wASK7au2EAOpt2F
0DlAdFaOEjGGFn3488sqefm535lhgVLBrN3WGwYwg3A/du8yS22J+bH8OdnP03O4
/4VW4BNkk5guiEwbISULLiE1Qinq4wKAVToLDHdCdgtsRqxWV95V2+S5PmUN80Va
PRSQvzaAkHKC/3teRs9HU+ygQYIpUFfHqarbqqCCaB0kxPBhHiHwSXQ6hZwJmc/M
T2mCEDDUW5LewUmQKe2O3A8EP2I78pdFkvPma/4nT6qxbrLSAw782b7JRlQaexOr
311AFsQLo3HGVc1XU7KnHpo4NeDsGwX23AGpaeF3dflkmRCQIIbLzOi7vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFECiD1GPFvaxtS0sNWRMmThC6GqQMB8GA1UdIwQY
MBaAFCiFHG/G6zgW4RbIpKhR0NF4yQ8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQt
NTI0NWIxMzUyMjFiLzEvUUtJUFVZOFc5ckcxTFN3MVpFeVpPRUxvYXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQtNTI0NWIxMzUyMjFi
LzEvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvPGRMA8E
AgACMAkDBwAqAKkAev4wDQYJKoZIhvcNAQELBQADggEBABO2N4OGwlvqJUlJORTn
MmfYx4z97WNdo4d77Bq0VC/w9+KZQFOyBEuvNzXnVTjD2rWJ7SrLhYEupJEmlsbs
4JSg1lk0wOSyjU90+AUkrJDFkYXrk69CVi2CJl88M5CRKv1tN7+IApXYnRPt+Jc+
UamsDS6KUdefDyOB7LTI7gBdvh//mzapmrSfF1g3gKaPGCZ8wdM+/YRpoIrOtPzj
cBf83NWWK4MRZyIAA0sDHqPDzL+z9jPt+GUBhfSkPcp+2scV07oKcNV67XdRUWih
SoL5mrkee+HfZiurxkSR9+GsCTGEB+TlXpMu/0053IGBOuIoJFEVtY7jm1rFRXBF
l1g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:51:06 2025 by rpki-client