Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QrATBb84WsEZXq8LPHRHQJSTJgQ.roa
File: QrATBb84WsEZXq8LPHRHQJSTJgQ.roa (raw, json)
Hash identifier: QdST3lncdAyhmKQYKlYCOFU9izfSncbCEUZYGd5DE3k=
Subject key identifier: 42:B0:13:05:BF:38:5A:C1:19:5E:AF:0B:3C:74:47:40:94:93:26:04
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6BC3E67C47C921E138DADBD76D89C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QrATBb84WsEZXq8LPHRHQJSTJgQ.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39600
IP address blocks: 89.34.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bc:3e:67:c4:7c:92:1e:13:8d:ad:bd:76:d8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b01305bf385ac1195eaf0b3c74474094932604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:61:88:9d:f7:6b:f1:ed:9f:25:1e:96:a2:63:
f6:33:62:4f:41:70:10:c7:10:5a:72:4f:30:05:5e:
58:56:fc:bb:ce:c5:59:98:1e:53:48:c9:db:f4:19:
2a:5a:21:c6:22:d3:ef:2f:e2:1b:c2:ea:f9:3d:d6:
a8:39:96:3c:bb:89:44:94:27:f2:8d:1b:ff:3a:7a:
54:53:13:9b:cf:39:c9:8f:92:0c:32:6c:ff:f2:52:
04:d1:ac:11:cc:02:5f:ae:53:ef:d9:37:8c:7a:43:
0c:1e:61:71:ac:b7:0b:3b:ac:fb:5b:1c:cb:ae:fb:
1e:4d:7d:ab:37:2f:ce:9c:31:43:4a:20:49:3d:35:
ce:06:ca:8d:23:11:b5:41:ff:2f:25:2d:38:d4:bb:
27:d9:b4:31:8d:ed:28:94:28:ca:ef:8a:d6:48:a0:
6c:ed:f8:ae:6b:28:fd:37:b2:1d:7b:ba:f8:ab:83:
3a:19:e9:07:16:ac:51:cc:c2:5c:a7:b9:65:7f:df:
15:32:2b:d0:60:67:dc:30:49:8d:f7:b5:16:f3:d0:
a9:35:51:10:8e:45:de:6f:34:bd:37:84:98:28:f4:
45:25:fd:18:ec:00:1c:17:df:5e:87:4e:96:cc:80:
25:71:7a:db:65:92:aa:cc:94:fa:83:c8:1a:1c:cf:
ec:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B0:13:05:BF:38:5A:C1:19:5E:AF:0B:3C:74:47:40:94:93:26:04
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QrATBb84WsEZXq8LPHRHQJSTJgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.226.0/24
Signature Algorithm: sha256WithRSAEncryption
32:17:e7:04:21:81:2a:56:ed:db:bb:48:c3:4c:cf:09:62:c7:
b4:29:cd:d8:1a:16:16:41:d6:4d:95:02:17:6d:38:b9:2b:c2:
26:d2:dd:19:de:8b:da:cf:7b:ff:c9:8e:11:1d:8b:1c:70:4e:
e6:ba:a1:4a:a2:76:d7:76:8c:d5:1f:fb:97:ab:ff:56:c1:da:
c3:fb:b7:80:98:fe:05:3d:db:9a:71:41:7d:60:1f:d2:ec:3e:
bc:48:30:dc:09:ec:ff:64:42:8f:09:c5:fc:28:c6:8d:32:b4:
8e:36:0e:20:c9:69:1c:b3:13:af:75:32:18:48:9c:6d:8f:40:
bc:7e:5b:44:23:a9:3d:c7:37:ae:09:39:15:b1:b5:1d:e7:cf:
ad:0b:c3:73:f1:e5:39:1d:36:17:08:87:70:b6:6b:88:04:aa:
33:43:75:f9:10:3c:3e:2c:02:5d:cf:f6:8b:e1:4b:4d:bf:f0:
48:1d:64:88:0b:26:29:6b:f2:2b:74:af:b7:aa:c1:ac:a0:b2:
77:e3:98:d2:1d:49:15:2e:b1:27:ff:d8:ff:14:60:db:9e:3f:
27:5c:06:b2:39:43:1e:09:8d:28:38:bb:98:de:a4:40:24:25:
5c:62:0d:15:31:b4:dd:26:d3:bc:b7:f1:ae:34:3b:71:8d:bf:
2e:d3:9f:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1rw+Z8R8kh4Tja29dticMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmIwMTMwNWJmMzg1YWMxMTk1ZWFmMGIzYzc0NDc0MDk0OTMyNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52GInfdr8e2fJR6WomP2M2JPQXAQ
xxBack8wBV5YVvy7zsVZmB5TSMnb9BkqWiHGItPvL+Ibwur5PdaoOZY8u4lElCfy
jRv/OnpUUxObzznJj5IMMmz/8lIE0awRzAJfrlPv2TeMekMMHmFxrLcLO6z7WxzL
rvseTX2rNy/OnDFDSiBJPTXOBsqNIxG1Qf8vJS041Lsn2bQxje0olCjK74rWSKBs
7fiuayj9N7Ide7r4q4M6GekHFqxRzMJcp7llf98VMivQYGfcMEmN97UW89CpNVEQ
jkXebzS9N4SYKPRFJf0Y7AAcF99eh06WzIAlcXrbZZKqzJT6g8gaHM/sxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKwEwW/OFrBGV6vCzx0R0CUkyYEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUXJBVEJiODRXc0VaWHE4TFBIUkhRSlNUSmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSLiMA0G
CSqGSIb3DQEBCwUAA4IBAQAyF+cEIYEqVu3bu0jDTM8JYse0Kc3YGhYWQdZNlQIX
bTi5K8Im0t0Z3ovaz3v/yY4RHYsccE7muqFKonbXdozVH/uXq/9WwdrD+7eAmP4F
PduacUF9YB/S7D68SDDcCez/ZEKPCcX8KMaNMrSONg4gyWkcsxOvdTIYSJxtj0C8
fltEI6k9xzeuCTkVsbUd58+tC8Nz8eU5HTYXCIdwtmuIBKozQ3X5EDw+LAJdz/aL
4UtNv/BIHWSICyYpa/IrdK+3qsGsoLJ345jSHUkVLrEn/9j/FGDbnj8nXAayOUMe
CY0oOLuY3qRAJCVcYg0VMbTdJtO8t/GuNDtxjb8u058G
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:55 2025 by rpki-client