Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/QRa99f4r2tAolatN2miPso8KA2I.roa
File: QRa99f4r2tAolatN2miPso8KA2I.roa (raw, json)
Hash identifier: YPtaKj8wR3NyMQW9LwSumH+mMr+Z/fQgsJG4Q1COz94=
Subject key identifier: 41:16:BD:F5:FE:2B:DA:D0:28:95:AB:4D:DA:68:8F:B2:8F:0A:03:62
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 0185738FCABA6D94B14FBC70778AD3ED6567
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/QRa99f4r2tAolatN2miPso8KA2I.roa
Signing time: Mon 02 Jan 2023 17:38:01 +0000
ROA not before: Mon 02 Jan 2023 17:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 185.21.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ca:ba:6d:94:b1:4f:bc:70:77:8a:d3:ed:65:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 2 17:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4116bdf5fe2bdad02895ab4dda688fb28f0a0362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:f2:11:53:ea:05:02:34:f0:5e:28:b8:f8:
6a:c2:21:53:0e:3a:8c:f5:03:a5:fd:fd:0f:d2:3c:
2a:92:88:c8:f0:af:d8:e7:a9:e3:b0:23:2a:1c:83:
fc:ec:ea:2c:98:17:01:7a:75:c0:3c:7e:5d:19:45:
d7:1b:c5:c3:31:ed:05:40:09:84:22:cc:45:52:a3:
43:c3:61:3f:e6:bf:2f:98:d9:16:06:5a:f7:f5:c9:
6d:0d:7f:dc:37:03:70:13:19:fd:08:75:78:fd:0b:
7b:92:52:e3:53:9e:1e:2d:bb:38:1b:31:5c:08:50:
71:06:09:dc:09:3f:75:36:9e:8b:99:c3:64:12:f7:
f1:78:df:d5:d7:42:ba:d8:a2:f8:88:94:cc:3e:8d:
c0:45:99:29:b1:b9:3a:40:48:fd:85:f2:a5:10:03:
d2:63:c7:11:ab:c1:0c:72:a6:57:e0:09:2a:b1:0d:
23:49:fe:de:5a:e2:cc:8a:4c:66:ac:6a:54:13:34:
b4:82:b1:6c:ca:31:f5:cd:47:21:4e:11:70:77:23:
69:47:21:b7:5d:04:43:f3:1b:dd:d6:d7:b9:6c:bb:
62:4a:51:1a:8d:b7:93:86:e6:2c:7b:20:4a:57:46:
94:85:f6:73:3c:31:c2:dc:f8:d9:f5:47:2d:ce:c1:
8a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:16:BD:F5:FE:2B:DA:D0:28:95:AB:4D:DA:68:8F:B2:8F:0A:03:62
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/QRa99f4r2tAolatN2miPso8KA2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.131.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:81:73:39:c5:29:bf:c7:75:c6:46:04:39:aa:c1:67:69:62:
df:85:57:b0:9e:96:4c:76:c2:be:71:c5:3b:59:5a:46:dc:e8:
53:ec:1d:88:f1:90:c3:fb:02:de:34:2b:10:ba:a3:ce:ee:99:
33:f7:4f:6d:10:41:d9:84:cb:50:ab:0d:81:44:9a:9b:c5:6f:
34:d1:dd:bd:f6:77:8e:9e:2f:93:87:55:65:52:68:06:e9:04:
28:14:e1:b4:79:46:5c:20:56:5e:7b:cd:41:b5:7b:35:ef:75:
16:19:f4:21:24:5d:e9:ef:ba:2c:2f:56:a6:82:7d:8b:d3:3c:
04:cf:eb:e9:80:34:c3:e9:a1:f3:26:4f:f4:ea:ce:12:3c:45:
92:ae:75:fa:93:66:f9:d6:f3:a9:07:47:f9:4d:1e:53:2f:07:
81:0f:e0:8f:e8:26:30:eb:7a:68:d6:18:99:ee:67:75:5d:c2:
f9:9d:98:a1:e5:69:b2:47:a1:3a:01:07:44:81:da:61:7f:e2:
85:ec:c6:00:c6:57:cb:79:c8:ca:7d:cd:96:6b:53:b5:ee:6b:
4e:db:f4:45:5b:ca:2f:55:be:be:94:7f:d0:14:bb:43:4a:8e:
d2:46:e2:3c:60:d6:89:48:44:1d:bc:df:20:e0:7b:2e:ad:7e:
91:4d:83:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj8q6bZSxT7xwd4rT7WVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMwMTAyMTczODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE2YmRmNWZlMmJkYWQwMjg5NWFiNGRkYTY4OGZiMjhmMGEwMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0XyEVPqBQI08F4ouPhqwiFTDjqM
9QOl/f0P0jwqkojI8K/Y56njsCMqHIP87OosmBcBenXAPH5dGUXXG8XDMe0FQAmE
IsxFUqNDw2E/5r8vmNkWBlr39cltDX/cNwNwExn9CHV4/Qt7klLjU54eLbs4GzFc
CFBxBgncCT91Np6LmcNkEvfxeN/V10K62KL4iJTMPo3ARZkpsbk6QEj9hfKlEAPS
Y8cRq8EMcqZX4AkqsQ0jSf7eWuLMikxmrGpUEzS0grFsyjH1zUchThFwdyNpRyG3
XQRD8xvd1te5bLtiSlEajbeThuYseyBKV0aUhfZzPDHC3PjZ9UctzsGKfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEWvfX+K9rQKJWrTdpoj7KPCgNiMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvUVJhOTlmNHIydEFvbGF0TjJtaVBzbzhLQTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRWDMA0G
CSqGSIb3DQEBCwUAA4IBAQBcgXM5xSm/x3XGRgQ5qsFnaWLfhVewnpZMdsK+ccU7
WVpG3OhT7B2I8ZDD+wLeNCsQuqPO7pkz909tEEHZhMtQqw2BRJqbxW800d299neO
ni+Th1VlUmgG6QQoFOG0eUZcIFZee81BtXs173UWGfQhJF3p77osL1amgn2L0zwE
z+vpgDTD6aHzJk/06s4SPEWSrnX6k2b51vOpB0f5TR5TLweBD+CP6CYw63po1hiZ
7md1XcL5nZih5WmyR6E6AQdEgdphf+KF7MYAxlfLecjKfc2Wa1O17mtO2/RFW8ov
Vb6+lH/QFLtDSo7SRuI8YNaJSEQdvN8g4HsurX6RTYPm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:54 2025 by rpki-client