Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/KQJWQNZZhN5fJ7Q5oCVgh_VAhjU.roa
File: KQJWQNZZhN5fJ7Q5oCVgh_VAhjU.roa (raw, json)
Hash identifier: mRpx0bB3khjj82sXTsxVr+jlKn5E5ho7kq4lYObPEBI=
Subject key identifier: 29:02:56:40:D6:59:84:DE:5F:27:B4:39:A0:25:60:87:F5:40:86:35
Certificate issuer: /CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Certificate serial: 019421B1FA53F853CC628964F64F6001379E
Authority key identifier: E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/KQJWQNZZhN5fJ7Q5oCVgh_VAhjU.roa
Signing time: Wed 01 Jan 2025 11:48:19 +0000
ROA not before: Wed 01 Jan 2025 11:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3292
IP address blocks: 91.142.112.0/20 maxlen: 20
185.143.148.0/22 maxlen: 22
2a00:17b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fa:53:f8:53:cc:62:89:64:f6:4f:60:01:37:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Validity
Not Before: Jan 1 11:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29025640d65984de5f27b439a0256087f5408635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:3d:07:85:d4:9d:d9:66:ad:7e:9d:71:32:
98:58:e1:91:40:dc:14:98:4a:1d:4f:2b:38:ad:55:
f3:d3:c9:c5:02:f6:96:0c:59:97:22:cb:be:de:ef:
5d:31:83:e9:f1:61:44:e9:af:42:26:f2:13:04:bb:
cf:0a:c8:57:8f:27:e1:55:43:30:9c:97:ef:36:88:
e3:32:48:95:64:f5:99:29:5f:fc:21:5b:4c:5a:bf:
f9:4b:a5:ca:dd:db:c8:e4:38:8d:c6:ae:c9:67:71:
61:2d:cc:22:05:5b:d2:21:ac:99:68:a8:44:09:90:
06:55:06:31:46:b8:98:28:e5:46:33:d4:b3:58:01:
f6:63:e3:b0:55:b4:6f:c5:70:61:f3:2d:c6:c7:a4:
84:52:1d:0e:0e:f8:6d:11:e4:68:60:15:a8:df:98:
a4:4e:50:4b:ed:7c:d6:37:63:26:d2:f1:03:42:b6:
59:0a:1d:8c:e8:36:15:d5:59:fc:f6:77:b3:51:4a:
7e:ba:bc:2a:66:87:44:25:7d:77:67:c4:93:6d:ce:
dc:7f:99:16:48:a8:51:82:f6:0b:05:f4:66:77:87:
07:0b:68:8c:f6:4c:6f:68:5e:74:90:4e:6e:9d:41:
78:3d:96:d5:f2:19:34:f2:6e:70:8e:3f:8b:0a:08:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:02:56:40:D6:59:84:DE:5F:27:B4:39:A0:25:60:87:F5:40:86:35
X509v3 Authority Key Identifier:
keyid:E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/KQJWQNZZhN5fJ7Q5oCVgh_VAhjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.112.0/20
185.143.148.0/22
IPv6:
2a00:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
89:c0:e9:c0:5c:e8:f2:92:bd:c4:72:a6:48:68:d3:31:3a:61:
68:39:f8:d3:f7:06:39:72:c0:d7:db:48:d7:6b:17:2b:1c:6e:
69:e5:20:5c:e7:4d:e1:e0:5f:b8:b0:48:52:d3:f1:b5:3b:8c:
4d:2d:b7:de:31:ea:8c:b6:cb:79:96:70:42:c9:d4:e3:6e:7b:
6a:86:dc:6e:e7:f0:02:a4:06:13:68:48:3e:85:e9:7c:86:00:
6c:dd:aa:cf:18:15:12:03:ac:c2:e1:4c:6b:17:f9:7a:0f:76:
72:47:75:a8:9f:ac:01:3a:a9:4c:a9:a2:8f:db:28:d6:19:8a:
96:07:db:af:02:4a:b6:14:66:5f:b6:7b:a5:e6:d5:0e:8b:be:
36:93:cc:8e:da:32:94:b1:15:0f:77:fd:4a:51:36:ff:49:71:
c3:e0:7a:f3:f8:28:3c:3a:02:c8:20:77:63:5e:e0:19:12:ec:
24:4f:e6:fd:0b:20:0a:2c:bd:5b:8d:51:7b:57:bc:dc:52:24:
5a:18:93:66:a7:9c:9b:fc:43:34:5e:ba:fe:01:f8:c5:0f:40:
d8:a1:a2:73:64:64:15:86:22:38:54:eb:b9:29:3f:ed:7c:66:
aa:99:fc:10:b2:b9:2f:e4:92:cb:5c:16:35:d1:11:51:d1:61:
ec:9c:4d:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsfpT+FPMYolk9k9gATeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTMyZThhNmFjNmY2ZWMzNzg2MGVlN2MwN2ViOGRmOTMx
NDc3NzkwHhcNMjUwMTAxMTE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAyNTY0MGQ2NTk4NGRlNWYyN2I0MzlhMDI1NjA4N2Y1NDA4NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsM9B4XUndlmrX6dcTKYWOGRQNwU
mEodTys4rVXz08nFAvaWDFmXIsu+3u9dMYPp8WFE6a9CJvITBLvPCshXjyfhVUMw
nJfvNojjMkiVZPWZKV/8IVtMWr/5S6XK3dvI5DiNxq7JZ3FhLcwiBVvSIayZaKhE
CZAGVQYxRriYKOVGM9SzWAH2Y+OwVbRvxXBh8y3Gx6SEUh0ODvhtEeRoYBWo35ik
TlBL7XzWN2Mm0vEDQrZZCh2M6DYV1Vn89nezUUp+urwqZodEJX13Z8STbc7cf5kW
SKhRgvYLBfRmd4cHC2iM9kxvaF50kE5unUF4PZbV8hk08m5wjj+LCgibPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCkCVkDWWYTeXye0OaAlYIf1QIY1MB8GA1UdIwQY
MBaAFOijLopqxvbsN4YO58B+uN+TFHd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEt
NGZhNTM3ZGJlMmU5LzEvS1FKV1FOWlpoTjVmSjdRNW9DVmdoX1ZBaGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEtNGZhNTM3ZGJlMmU5
LzEvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW45wAwQC
uY+UMA0EAgACMAcDBQAqABewMA0GCSqGSIb3DQEBCwUAA4IBAQCJwOnAXOjykr3E
cqZIaNMxOmFoOfjT9wY5csDX20jXaxcrHG5p5SBc503h4F+4sEhS0/G1O4xNLbfe
MeqMtst5lnBCydTjbntqhtxu5/ACpAYTaEg+hel8hgBs3arPGBUSA6zC4UxrF/l6
D3ZyR3Won6wBOqlMqaKP2yjWGYqWB9uvAkq2FGZftnul5tUOi742k8yO2jKUsRUP
d/1KUTb/SXHD4Hrz+Cg8OgLIIHdjXuAZEuwkT+b9CyAKLL1bjVF7V7zcUiRaGJNm
p5yb/EM0Xrr+AfjFD0DYoaJzZGQVhiI4VOu5KT/tfGaqmfwQsrkv5JLLXBY10RFR
0WHsnE3x
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:53 2025 by rpki-client