Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1392f7-db60-425b-b5db-4460eb44dc39/1/Qert-TTJTglN59hCxdO_NAkf-Ig.roa
File: Qert-TTJTglN59hCxdO_NAkf-Ig.roa (raw, json)
Hash identifier: EaqHtia4X1Q2TWfmUbONvwAzXnsJ4VV2PaJSssw5Y/Y=
Subject key identifier: 41:EA:ED:F9:34:C9:4E:09:4D:E7:D8:42:C5:D3:BF:34:09:1F:F8:88
Certificate issuer: /CN=746fbabf2a255a9d78caa27efe8a5576995e5fc5
Certificate serial: 01856F94BC1A4DFD8B8F00621157790FAF7E
Authority key identifier: 74:6F:BA:BF:2A:25:5A:9D:78:CA:A2:7E:FE:8A:55:76:99:5E:5F:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dG-6vyolWp14yqJ-_opVdpleX8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1392f7-db60-425b-b5db-4460eb44dc39/1/Qert-TTJTglN59hCxdO_NAkf-Ig.roa
Signing time: Sun 01 Jan 2023 23:04:56 +0000
ROA not before: Sun 01 Jan 2023 23:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 37.140.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:bc:1a:4d:fd:8b:8f:00:62:11:57:79:0f:af:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746fbabf2a255a9d78caa27efe8a5576995e5fc5
Validity
Not Before: Jan 1 23:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41eaedf934c94e094de7d842c5d3bf34091ff888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:09:76:60:5e:cd:26:89:25:c9:e2:49:1a:cf:
38:92:1b:5d:30:3c:21:25:33:92:74:17:8d:c7:2d:
85:91:1c:50:91:ee:8b:51:2c:e6:81:d8:40:bb:35:
97:94:9e:62:28:1e:1b:d0:f6:d9:a4:ad:cd:db:29:
5f:62:5b:90:20:b4:4f:f9:09:09:58:5e:5a:db:5c:
ed:ef:82:f9:1c:2b:92:40:ee:86:15:f2:92:4b:56:
14:a0:d7:c8:1c:cd:dd:36:53:c6:42:9e:30:21:23:
57:c5:cc:79:8b:7a:88:3a:77:d5:5d:47:e3:fa:36:
1d:17:7d:36:b5:8b:1d:a9:84:98:52:43:87:5b:3c:
a8:5f:2f:23:7a:65:96:e9:d6:40:05:80:1d:bb:10:
0f:db:1d:d3:c2:6b:05:b8:c7:7e:8b:46:8a:50:e3:
8f:92:83:ca:c4:d7:4a:87:07:6e:11:04:bc:63:4e:
a9:d9:77:9f:55:42:5e:7a:b7:c6:06:f5:47:37:0e:
a5:f7:3a:32:09:a7:ec:eb:bf:3e:c3:55:d4:c5:ed:
be:3b:d6:e5:2b:88:5c:d5:7d:15:f4:5a:61:2f:4f:
ad:b5:2b:56:51:4c:e5:ee:b8:e4:39:5d:eb:3c:fb:
28:2b:d6:8a:65:7e:4d:06:02:9b:d0:bc:74:e4:49:
2e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:EA:ED:F9:34:C9:4E:09:4D:E7:D8:42:C5:D3:BF:34:09:1F:F8:88
X509v3 Authority Key Identifier:
keyid:74:6F:BA:BF:2A:25:5A:9D:78:CA:A2:7E:FE:8A:55:76:99:5E:5F:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dG-6vyolWp14yqJ-_opVdpleX8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1392f7-db60-425b-b5db-4460eb44dc39/1/Qert-TTJTglN59hCxdO_NAkf-Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1392f7-db60-425b-b5db-4460eb44dc39/1/dG-6vyolWp14yqJ-_opVdpleX8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.253.0/24
Signature Algorithm: sha256WithRSAEncryption
42:1c:3e:63:c7:48:73:ee:11:85:23:e2:6e:51:36:60:09:1d:
f8:fa:45:14:64:b5:0f:ec:21:36:9a:bb:49:4f:05:d6:0d:ac:
14:ad:42:5a:3b:f7:9a:07:83:29:9e:24:c0:d2:6d:44:50:ef:
47:8f:93:5a:38:12:cd:6d:04:9b:03:51:fe:94:44:4f:9e:a2:
f8:7b:89:1b:6f:3e:2b:ea:bb:b2:43:70:4f:28:27:95:70:10:
dc:a0:7c:cf:60:59:8b:ee:7a:7c:11:2e:da:4c:da:80:0a:6e:
ef:b2:5b:83:57:9d:03:09:12:70:a1:12:68:65:31:e6:82:a5:
e3:9c:8b:5e:74:cc:19:57:a4:5c:92:95:30:7a:9b:6a:86:1b:
72:ee:85:5c:ee:47:fb:94:f0:aa:4c:bb:58:fc:ae:98:6e:19:
67:85:7d:7f:21:20:96:74:69:f3:81:7b:9c:54:38:50:49:39:
1d:e8:63:3f:3b:57:80:5e:79:c1:74:43:0e:53:63:a7:6d:e3:
0a:f8:9d:d2:90:d8:e1:56:66:0a:68:0b:8f:72:d7:a0:23:d9:
bf:2f:36:84:90:07:99:b6:3a:04:ae:26:a4:34:03:10:e0:a2:
4f:2c:54:2e:4a:46:a6:0c:16:46:18:e9:83:be:88:bb:75:b2:
18:20:26:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlLwaTf2LjwBiEVd5D69+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NmZiYWJmMmEyNTVhOWQ3OGNhYTI3ZWZlOGE1NTc2OTk1
ZTVmYzUwHhcNMjMwMTAxMjMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWVhZWRmOTM0Yzk0ZTA5NGRlN2Q4NDJjNWQzYmYzNDA5MWZmODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ql2YF7NJoklyeJJGs84khtdMDwh
JTOSdBeNxy2FkRxQke6LUSzmgdhAuzWXlJ5iKB4b0PbZpK3N2ylfYluQILRP+QkJ
WF5a21zt74L5HCuSQO6GFfKSS1YUoNfIHM3dNlPGQp4wISNXxcx5i3qIOnfVXUfj
+jYdF302tYsdqYSYUkOHWzyoXy8jemWW6dZABYAduxAP2x3TwmsFuMd+i0aKUOOP
koPKxNdKhwduEQS8Y06p2XefVUJeerfGBvVHNw6l9zoyCafs678+w1XUxe2+O9bl
K4hc1X0V9FphL0+ttStWUUzl7rjkOV3rPPsoK9aKZX5NBgKb0Lx05EkulQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHq7fk0yU4JTefYQsXTvzQJH/iIMB8GA1UdIwQY
MBaAFHRvur8qJVqdeMqifv6KVXaZXl/FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEctNnZ5b2xXcDE0eXFKLV9vcFZkcGxlWDhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xMzkyZjctZGI2MC00MjViLWI1ZGIt
NDQ2MGViNDRkYzM5LzEvUWVydC1UVEpUZ2xONTloQ3hkT19OQWtmLUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xMzkyZjctZGI2MC00MjViLWI1ZGItNDQ2MGViNDRkYzM5
LzEvZEctNnZ5b2xXcDE0eXFKLV9vcFZkcGxlWDhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz9MA0G
CSqGSIb3DQEBCwUAA4IBAQBCHD5jx0hz7hGFI+JuUTZgCR34+kUUZLUP7CE2mrtJ
TwXWDawUrUJaO/eaB4MpniTA0m1EUO9Hj5NaOBLNbQSbA1H+lERPnqL4e4kbbz4r
6ruyQ3BPKCeVcBDcoHzPYFmL7np8ES7aTNqACm7vsluDV50DCRJwoRJoZTHmgqXj
nItedMwZV6RckpUweptqhhty7oVc7kf7lPCqTLtY/K6YbhlnhX1/ISCWdGnzgXuc
VDhQSTkd6GM/O1eAXnnBdEMOU2OnbeMK+J3SkNjhVmYKaAuPctegI9m/LzaEkAeZ
tjoEriakNAMQ4KJPLFQuSkamDBZGGOmDvoi7dbIYICZr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:10 2025 by rpki-client