Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/6cd870-0968-4cef-a91d-af20fe793e64/1/Qiqrfe8kB9GaXpsM0lx0qYLex1Y.roa
File: Qiqrfe8kB9GaXpsM0lx0qYLex1Y.roa (raw, json)
Hash identifier: wjrm5Cuv3WYI62Wa2AE0y6JBVls2W7DEVANrYb6LK08=
Subject key identifier: 42:2A:AB:7D:EF:24:07:D1:9A:5E:9B:0C:D2:5C:74:A9:82:DE:C7:56
Certificate issuer: /CN=9639a1a7de06d77ab2ae3387dca69a7fec766c43
Certificate serial: 019421B2543352CA1D6B92AB3F36F6A77322
Authority key identifier: 96:39:A1:A7:DE:06:D7:7A:B2:AE:33:87:DC:A6:9A:7F:EC:76:6C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljmhp94G13qyrjOH3Kaaf-x2bEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/6cd870-0968-4cef-a91d-af20fe793e64/1/Qiqrfe8kB9GaXpsM0lx0qYLex1Y.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212141
IP address blocks: 202.38.4.0/23 maxlen: 23
202.38.4.0/24 maxlen: 24
202.38.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:54:33:52:ca:1d:6b:92:ab:3f:36:f6:a7:73:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9639a1a7de06d77ab2ae3387dca69a7fec766c43
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=422aab7def2407d19a5e9b0cd25c74a982dec756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a9:ec:d8:b7:0b:fc:db:f0:e2:bb:36:dc:ca:
60:60:50:e6:68:07:39:d4:06:bb:45:35:8a:5f:51:
f1:67:28:0c:bd:ad:43:87:02:41:c5:88:5f:a6:14:
e7:19:de:0b:f9:29:64:b4:8f:92:04:3f:7d:22:4b:
e0:60:9f:63:70:5c:31:97:8c:74:6c:a2:1f:11:be:
74:e4:7a:af:08:f6:9a:f7:1c:f4:04:8b:31:00:c4:
1f:fb:66:c2:f2:13:5e:f4:80:30:63:0d:b4:af:87:
59:3d:a2:29:16:4d:bc:22:0b:5a:92:fb:82:17:a5:
2a:8b:e5:ee:58:a2:bc:0e:1c:88:64:49:48:60:33:
eb:55:a2:2c:75:3f:65:13:8c:67:e9:b9:b2:18:6b:
f6:cc:b4:1e:a9:09:34:c9:75:5e:c1:e7:d3:31:ab:
b1:43:e3:03:28:b0:66:fa:5b:7b:a4:f3:48:48:86:
16:7c:f3:35:cb:37:82:f8:61:b6:cb:19:03:c4:51:
14:af:8b:54:0d:54:75:1a:25:90:8e:44:8d:bc:e4:
0a:c7:62:ed:9a:0e:f5:4c:11:7a:bd:62:9c:60:90:
13:5b:46:33:54:74:f8:a5:53:84:0d:09:f7:b9:af:
78:8a:10:64:c0:24:a2:8a:fd:c8:84:4d:d7:c4:2c:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2A:AB:7D:EF:24:07:D1:9A:5E:9B:0C:D2:5C:74:A9:82:DE:C7:56
X509v3 Authority Key Identifier:
keyid:96:39:A1:A7:DE:06:D7:7A:B2:AE:33:87:DC:A6:9A:7F:EC:76:6C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljmhp94G13qyrjOH3Kaaf-x2bEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6cd870-0968-4cef-a91d-af20fe793e64/1/Qiqrfe8kB9GaXpsM0lx0qYLex1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6cd870-0968-4cef-a91d-af20fe793e64/1/ljmhp94G13qyrjOH3Kaaf-x2bEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.38.4.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:80:07:ae:24:90:7f:f9:28:8e:44:75:81:23:a2:81:5a:e8:
db:fc:40:84:88:f6:06:83:60:78:b0:36:d5:07:28:07:87:7a:
e1:15:35:d2:a0:93:68:83:93:e5:31:47:1e:de:96:84:66:67:
12:c3:16:6b:5b:3a:3f:a5:66:da:45:04:a5:e4:e6:44:53:b8:
f5:bf:04:2b:38:32:58:df:b1:e6:73:e2:66:3b:b8:f6:8c:5f:
21:12:52:70:80:be:e6:ed:43:2c:e0:61:7a:fb:a0:43:69:8d:
ee:9c:a2:87:1e:a6:74:11:21:0a:ce:d1:0d:48:87:49:a8:e7:
8c:ee:c8:74:14:df:86:1f:80:81:09:39:8b:c7:6b:e9:49:0c:
9e:77:6e:50:85:f3:ee:bd:73:81:5c:26:57:35:cb:4f:2d:69:
43:6b:8c:5c:17:70:cb:d4:c7:dd:43:e9:80:b4:28:76:9e:e2:
71:38:45:a3:1d:35:f4:42:58:65:9f:55:cc:71:ff:77:43:5f:
13:37:69:86:82:fc:25:72:8d:a5:ed:87:4b:1f:e9:3e:e9:fc:
e9:fe:94:68:ec:31:68:75:c5:59:35:a2:96:05:df:c9:16:5d:
d2:55:76:18:d4:1b:b6:6d:d5:81:24:c3:43:b1:a2:b9:17:9e:
47:67:06:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslQzUsoda5KrPzb2p3MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzlhMWE3ZGUwNmQ3N2FiMmFlMzM4N2RjYTY5YTdmZWM3
NjZjNDMwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJhYWI3ZGVmMjQwN2QxOWE1ZTliMGNkMjVjNzRhOTgyZGVjNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Kns2LcL/Nvw4rs23MpgYFDmaAc5
1Aa7RTWKX1HxZygMva1DhwJBxYhfphTnGd4L+SlktI+SBD99IkvgYJ9jcFwxl4x0
bKIfEb505HqvCPaa9xz0BIsxAMQf+2bC8hNe9IAwYw20r4dZPaIpFk28IgtakvuC
F6Uqi+XuWKK8DhyIZElIYDPrVaIsdT9lE4xn6bmyGGv2zLQeqQk0yXVewefTMaux
Q+MDKLBm+lt7pPNISIYWfPM1yzeC+GG2yxkDxFEUr4tUDVR1GiWQjkSNvOQKx2Lt
mg71TBF6vWKcYJATW0YzVHT4pVOEDQn3ua94ihBkwCSiiv3IhE3XxCziNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIqq33vJAfRml6bDNJcdKmC3sdWMB8GA1UdIwQY
MBaAFJY5oafeBtd6sq4zh9ymmn/sdmxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGptaHA5NEcxM3F5cmpPSDNLYWFmLXgyYkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS82Y2Q4NzAtMDk2OC00Y2VmLWE5MWQt
YWYyMGZlNzkzZTY0LzEvUWlxcmZlOGtCOUdhWHBzTTBseDBxWUxleDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS82Y2Q4NzAtMDk2OC00Y2VmLWE5MWQtYWYyMGZlNzkzZTY0
LzEvbGptaHA5NEcxM3F5cmpPSDNLYWFmLXgyYkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByiYEMA0G
CSqGSIb3DQEBCwUAA4IBAQA8gAeuJJB/+SiORHWBI6KBWujb/ECEiPYGg2B4sDbV
BygHh3rhFTXSoJNog5PlMUce3paEZmcSwxZrWzo/pWbaRQSl5OZEU7j1vwQrODJY
37Hmc+JmO7j2jF8hElJwgL7m7UMs4GF6+6BDaY3unKKHHqZ0ESEKztENSIdJqOeM
7sh0FN+GH4CBCTmLx2vpSQyed25QhfPuvXOBXCZXNctPLWlDa4xcF3DL1MfdQ+mA
tCh2nuJxOEWjHTX0Qlhln1XMcf93Q18TN2mGgvwlco2l7YdLH+k+6fzp/pRo7DFo
dcVZNaKWBd/JFl3SVXYY1Bu2bdWBJMNDsaK5F55HZwaJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:39 2025 by rpki-client