Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/f10a59-1938-4e46-8d0c-7981f550b094/1/qlQiHFDc36RekOODagSihLEupbg.roa
File: qlQiHFDc36RekOODagSihLEupbg.roa (raw, json)
Hash identifier: 6bgtf3YfU8HJWqdo2+vAL0hzIA+RTmvW+4Ebvl4giCw=
Subject key identifier: AA:54:22:1C:50:DC:DF:A4:5E:90:E3:83:6A:04:A2:84:B1:2E:A5:B8
Certificate issuer: /CN=875a4d852d6f2e59e937adbf1128fc24b0d40900
Certificate serial: 0188E7EDBE6400525018556A9F20D68CBAA0
Authority key identifier: 87:5A:4D:85:2D:6F:2E:59:E9:37:AD:BF:11:28:FC:24:B0:D4:09:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1pNhS1vLlnpN62_ESj8JLDUCQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/f10a59-1938-4e46-8d0c-7981f550b094/1/qlQiHFDc36RekOODagSihLEupbg.roa
Signing time: Fri 23 Jun 2023 11:04:57 +0000
ROA not before: Fri 23 Jun 2023 11:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.72.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:ed:be:64:00:52:50:18:55:6a:9f:20:d6:8c:ba:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=875a4d852d6f2e59e937adbf1128fc24b0d40900
Validity
Not Before: Jun 23 11:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa54221c50dcdfa45e90e3836a04a284b12ea5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:83:c1:97:95:a1:2f:e2:7e:45:8e:59:ac:ae:
df:37:95:a7:62:a7:5e:96:c2:63:74:40:61:ee:8d:
d9:fa:b8:d1:a4:31:c1:9f:71:dc:74:72:27:c0:0c:
1e:37:58:4a:95:14:fd:54:82:30:8d:52:c3:79:a7:
a1:ac:a3:21:99:b1:a1:4e:58:39:b8:63:5a:40:2e:
ed:5f:02:6a:2c:e0:99:06:f8:99:30:db:7f:80:79:
10:97:ce:49:77:c4:a8:7f:74:8a:65:c6:72:b0:6e:
8e:66:4d:6b:89:67:9b:3a:a7:c5:6d:2e:4e:62:56:
6c:d4:78:1d:b0:91:33:33:24:3d:9d:e1:77:b5:63:
8c:83:90:98:02:1f:a2:c2:58:e0:39:c0:b3:f6:23:
b7:5e:2e:f7:94:4d:0a:4e:a3:c1:af:cc:f1:b8:28:
db:25:6b:99:b5:3c:49:6a:3e:65:32:0f:af:b1:cd:
4b:b8:3e:1e:80:3d:55:ec:19:73:65:f7:13:06:01:
76:dd:94:7c:84:cd:08:69:76:ed:2f:01:dd:8c:94:
88:a1:21:5f:cf:5c:42:11:af:83:6b:89:8b:3b:06:
41:f7:1c:64:f1:26:66:f2:2a:5e:97:65:4e:68:ad:
78:61:61:c9:53:13:97:f9:8a:26:1b:ed:42:b2:cf:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:54:22:1C:50:DC:DF:A4:5E:90:E3:83:6A:04:A2:84:B1:2E:A5:B8
X509v3 Authority Key Identifier:
keyid:87:5A:4D:85:2D:6F:2E:59:E9:37:AD:BF:11:28:FC:24:B0:D4:09:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1pNhS1vLlnpN62_ESj8JLDUCQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f10a59-1938-4e46-8d0c-7981f550b094/1/qlQiHFDc36RekOODagSihLEupbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f10a59-1938-4e46-8d0c-7981f550b094/1/h1pNhS1vLlnpN62_ESj8JLDUCQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.81.0/24
Signature Algorithm: sha256WithRSAEncryption
90:99:f6:cb:ff:ea:dd:0b:6d:41:3f:7d:52:4c:e9:70:b2:97:
b3:fe:3e:87:1d:42:24:b5:80:99:de:fc:67:8c:2d:17:a3:b0:
ab:6c:2d:88:b3:59:eb:ab:4c:d6:a4:5f:05:a6:5f:56:f0:7c:
60:6a:f8:52:66:3f:8f:83:f1:99:1f:0f:b1:ac:c3:9d:a1:92:
f0:ce:62:35:ce:7d:e0:e9:6d:2a:cd:96:3a:68:e2:e4:b0:41:
2b:6c:15:fd:a0:8b:08:29:a6:f5:eb:bf:56:05:48:32:97:b9:
b8:20:4b:20:8e:2e:01:fa:b9:92:40:ed:f2:0a:37:78:7a:9b:
74:f3:76:87:1e:21:e0:44:32:0d:72:12:54:2a:24:fa:36:51:
a7:ec:74:89:2a:2a:e9:65:09:ce:aa:c1:dc:ca:9d:dc:b1:41:
18:b3:65:80:09:4b:56:8b:e6:9a:6a:c4:f2:35:cd:ca:99:8e:
3e:b6:32:13:3c:49:76:84:8a:76:f6:21:ce:3a:0e:72:18:6e:
fd:d5:dd:71:31:cf:3f:f1:d9:18:e6:c7:fa:6a:97:c8:4a:dc:
d6:9a:bd:4f:ba:06:38:8c:c7:5b:fc:4b:75:a4:8e:71:6e:8e:
e4:a9:83:4c:59:3e:a6:1f:9f:d8:11:43:16:28:f4:88:06:ca:
40:28:7c:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjn7b5kAFJQGFVqnyDWjLqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWE0ZDg1MmQ2ZjJlNTllOTM3YWRiZjExMjhmYzI0YjBk
NDA5MDAwHhcNMjMwNjIzMTEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTU0MjIxYzUwZGNkZmE0NWU5MGUzODM2YTA0YTI4NGIxMmVhNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoPBl5WhL+J+RY5ZrK7fN5WnYqde
lsJjdEBh7o3Z+rjRpDHBn3HcdHInwAweN1hKlRT9VIIwjVLDeaehrKMhmbGhTlg5
uGNaQC7tXwJqLOCZBviZMNt/gHkQl85Jd8Sof3SKZcZysG6OZk1riWebOqfFbS5O
YlZs1HgdsJEzMyQ9neF3tWOMg5CYAh+iwljgOcCz9iO3Xi73lE0KTqPBr8zxuCjb
JWuZtTxJaj5lMg+vsc1LuD4egD1V7BlzZfcTBgF23ZR8hM0IaXbtLwHdjJSIoSFf
z1xCEa+Da4mLOwZB9xxk8SZm8ipel2VOaK14YWHJUxOX+YomG+1Css9mPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpUIhxQ3N+kXpDjg2oEooSxLqW4MB8GA1UdIwQY
MBaAFIdaTYUtby5Z6TetvxEo/CSw1AkAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFwTmhTMXZMbG5wTjYyX0VTajhKTERVQ1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mMTBhNTktMTkzOC00ZTQ2LThkMGMt
Nzk4MWY1NTBiMDk0LzEvcWxRaUhGRGMzNlJla09PRGFnU2loTEV1cGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mMTBhNTktMTkzOC00ZTQ2LThkMGMtNzk4MWY1NTBiMDk0
LzEvaDFwTmhTMXZMbG5wTjYyX0VTajhKTERVQ1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUhRMA0G
CSqGSIb3DQEBCwUAA4IBAQCQmfbL/+rdC21BP31STOlwspez/j6HHUIktYCZ3vxn
jC0Xo7CrbC2Is1nrq0zWpF8Fpl9W8HxgavhSZj+Pg/GZHw+xrMOdoZLwzmI1zn3g
6W0qzZY6aOLksEErbBX9oIsIKab1679WBUgyl7m4IEsgji4B+rmSQO3yCjd4ept0
83aHHiHgRDINchJUKiT6NlGn7HSJKirpZQnOqsHcyp3csUEYs2WACUtWi+aaasTy
Nc3KmY4+tjITPEl2hIp29iHOOg5yGG791d1xMc8/8dkY5sf6apfIStzWmr1PugY4
jMdb/Et1pI5xbo7kqYNMWT6mH5/YEUMWKPSIBspAKHyo
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:15 2025 by rpki-client