Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/Qhs38KYgmHnujEPLDoSqNiMguV8.roa
File: Qhs38KYgmHnujEPLDoSqNiMguV8.roa (raw, json)
Hash identifier: GAYPzXMbboZLBi0G9ROUBpuR5s1UA7+a4BXwoNMtptU=
Subject key identifier: 42:1B:37:F0:A6:20:98:79:EE:8C:43:CB:0E:84:AA:36:23:20:B9:5F
Certificate issuer: /CN=aa563f5200a4933024e7b47d778619458568adb0
Certificate serial: 01856B40E8C94FF75A9F6EF691E765FF0FC7
Authority key identifier: AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/Qhs38KYgmHnujEPLDoSqNiMguV8.roa
Signing time: Sun 01 Jan 2023 02:54:54 +0000
ROA not before: Sun 01 Jan 2023 02:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210703
IP address blocks: 194.26.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:e8:c9:4f:f7:5a:9f:6e:f6:91:e7:65:ff:0f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa563f5200a4933024e7b47d778619458568adb0
Validity
Not Before: Jan 1 02:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=421b37f0a6209879ee8c43cb0e84aa362320b95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:14:73:b2:22:06:bb:6d:e8:9d:45:d6:78:
c2:bc:c8:7f:78:f7:55:ec:99:d4:11:88:74:c9:70:
9c:99:45:38:fe:e5:bd:7f:24:76:aa:d7:16:21:92:
77:22:c9:03:e7:49:d8:84:dc:e6:8e:45:22:14:a4:
22:b8:29:54:76:8c:69:a9:79:f8:97:2f:50:50:42:
3c:86:42:e2:e0:11:5e:07:13:c7:40:1e:60:56:0e:
57:cf:5c:66:0b:a8:36:3b:ea:32:0b:f1:07:71:b1:
1a:57:cf:23:c1:51:9d:1e:74:95:e4:04:45:07:5e:
79:1d:a4:3f:78:a6:18:cc:68:ce:89:8e:6b:8f:55:
5a:80:5c:55:70:1c:99:f0:a4:52:98:27:fa:e8:97:
68:02:6f:29:dd:41:8a:7b:54:5b:21:cf:5c:11:ed:
4f:a2:ba:43:99:86:b8:81:7b:a4:ac:f1:cf:ba:7f:
17:a1:b1:78:42:02:da:4c:bb:2f:73:7f:43:b6:b6:
f7:3a:f6:55:da:08:0e:ec:e0:4c:35:73:f3:d6:f2:
bf:ef:e7:c1:71:be:7d:23:10:8e:83:34:b9:5e:b8:
c5:73:6c:0e:90:39:e8:6e:ea:fc:c3:1e:95:1e:01:
f4:29:dd:f3:fa:7b:6f:21:f7:4e:43:86:6a:02:1d:
ca:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1B:37:F0:A6:20:98:79:EE:8C:43:CB:0E:84:AA:36:23:20:B9:5F
X509v3 Authority Key Identifier:
keyid:AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/Qhs38KYgmHnujEPLDoSqNiMguV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/qlY_UgCkkzAk57R9d4YZRYVorbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:d1:0c:00:76:ed:98:de:67:8b:da:b4:1c:f1:13:17:31:eb:
2c:58:1a:64:da:60:29:2b:00:ff:0f:30:ac:90:3c:51:70:c8:
f0:34:95:04:b8:67:2c:98:f7:bf:d1:ad:8b:62:75:04:7d:10:
35:3f:44:ff:d1:a6:af:ac:58:c6:bf:d0:5a:91:c5:72:0e:48:
ec:95:5d:c1:ec:31:1a:a7:26:31:84:c0:6c:74:42:96:3b:38:
90:63:d2:ac:37:49:98:19:a4:7a:45:24:ad:f0:00:0a:5c:00:
a4:4f:96:8c:dc:b6:3a:07:2f:fc:d7:1a:28:bf:83:2e:8d:39:
00:97:df:2e:9f:1f:c3:a3:29:f0:2c:0d:01:6a:73:25:a4:b7:
fa:c5:3c:fb:27:de:e2:0c:bb:89:9f:93:8a:bd:96:3a:0b:9e:
3d:fe:2c:4f:50:ed:4f:e3:cb:1d:be:b0:99:96:1a:00:fb:03:
a6:3b:f7:ee:ed:a1:77:0c:40:d2:07:d3:71:f9:01:2c:39:79:
e0:58:94:7f:95:8b:fe:a1:ac:e7:77:c5:c0:fe:f6:b6:a7:30:
28:70:75:4c:66:3d:1c:87:17:4e:e3:72:47:84:89:e5:48:dd:
cd:aa:29:0e:2b:c4:e9:2f:09:3a:5f:4f:60:df:73:a9:c1:ac:
68:44:8a:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrQOjJT/dan272kedl/w/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTYzZjUyMDBhNDkzMzAyNGU3YjQ3ZDc3ODYxOTQ1ODU2
OGFkYjAwHhcNMjMwMTAxMDI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjFiMzdmMGE2MjA5ODc5ZWU4YzQzY2IwZTg0YWEzNjIzMjBiOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslkUc7IiBrtt6J1F1njCvMh/ePdV
7JnUEYh0yXCcmUU4/uW9fyR2qtcWIZJ3IskD50nYhNzmjkUiFKQiuClUdoxpqXn4
ly9QUEI8hkLi4BFeBxPHQB5gVg5Xz1xmC6g2O+oyC/EHcbEaV88jwVGdHnSV5ARF
B155HaQ/eKYYzGjOiY5rj1VagFxVcByZ8KRSmCf66JdoAm8p3UGKe1RbIc9cEe1P
orpDmYa4gXukrPHPun8XobF4QgLaTLsvc39Dtrb3OvZV2ggO7OBMNXPz1vK/7+fB
cb59IxCOgzS5XrjFc2wOkDnobur8wx6VHgH0Kd3z+ntvIfdOQ4ZqAh3KhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIbN/CmIJh57oxDyw6EqjYjILlfMB8GA1UdIwQY
MBaAFKpWP1IApJMwJOe0fXeGGUWFaK2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxZX1VnQ2trekFrNTdSOWQ0WVpSWVZvcmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMWYzOTctNDMxNS00NGYwLWJhZDkt
MjY0OWUxZmRhMGY1LzEvUWhzMzhLWWdtSG51akVQTERvU3FOaU1ndVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMWYzOTctNDMxNS00NGYwLWJhZDktMjY0OWUxZmRhMGY1
LzEvcWxZX1VnQ2trekFrNTdSOWQ0WVpSWVZvcmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrfMA0G
CSqGSIb3DQEBCwUAA4IBAQCa0QwAdu2Y3meL2rQc8RMXMessWBpk2mApKwD/DzCs
kDxRcMjwNJUEuGcsmPe/0a2LYnUEfRA1P0T/0aavrFjGv9BakcVyDkjslV3B7DEa
pyYxhMBsdEKWOziQY9KsN0mYGaR6RSSt8AAKXACkT5aM3LY6By/81xoov4MujTkA
l98unx/DoynwLA0BanMlpLf6xTz7J97iDLuJn5OKvZY6C549/ixPUO1P48sdvrCZ
lhoA+wOmO/fu7aF3DEDSB9Nx+QEsOXngWJR/lYv+oaznd8XA/va2pzAocHVMZj0c
hxdO43JHhInlSN3NqikOK8TpLwk6X09g33OpwaxoRIqR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:03 2025 by rpki-client