Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7d00d1-aa30-46c4-af57-39bf891c19be/1/GQ7xWQWg-iii5dZeoA2W-3J33_U.roa
File: GQ7xWQWg-iii5dZeoA2W-3J33_U.roa (raw, json)
Hash identifier: QTVHeqjuSnLJF9yV/oLL5hw8usUoFmoyNelm4gaE7Vk=
Subject key identifier: 19:0E:F1:59:05:A0:FA:28:A2:E5:D6:5E:A0:0D:96:FB:72:77:DF:F5
Certificate issuer: /CN=aaa5b6ec96e7cb62488ed512dafc547e3e333461
Certificate serial: 0188667467B94DC8AA6EE7347B4382D0D71B
Authority key identifier: AA:A5:B6:EC:96:E7:CB:62:48:8E:D5:12:DA:FC:54:7E:3E:33:34:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqW27Jbny2JIjtUS2vxUfj4zNGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7d00d1-aa30-46c4-af57-39bf891c19be/1/GQ7xWQWg-iii5dZeoA2W-3J33_U.roa
Signing time: Mon 29 May 2023 07:41:24 +0000
ROA not before: Mon 29 May 2023 07:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48083
IP address blocks: 94.127.96.0/21 maxlen: 24
193.53.99.0/24 maxlen: 24
193.53.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:74:67:b9:4d:c8:aa:6e:e7:34:7b:43:82:d0:d7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaa5b6ec96e7cb62488ed512dafc547e3e333461
Validity
Not Before: May 29 07:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=190ef15905a0fa28a2e5d65ea00d96fb7277dff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d3:0e:8d:cd:2a:34:2e:8a:26:0d:b5:fb:16:
39:da:0d:33:5e:06:9d:36:a8:21:ca:91:29:34:6f:
d7:8d:c1:cb:b3:53:a5:54:f7:a6:79:dc:35:b7:48:
3f:60:2f:00:df:64:72:ad:03:54:4c:79:a2:6d:4a:
53:d8:5e:73:ed:b8:b5:de:63:26:fa:5b:15:1d:33:
c5:0e:df:f0:99:77:93:c2:24:84:7f:20:73:6f:c3:
33:b8:99:42:ef:f7:9f:df:dd:ab:6c:38:81:71:3c:
48:90:75:e5:86:1a:c6:28:0b:58:ef:8a:b1:b3:2f:
02:04:33:2a:78:71:f7:71:de:a3:00:c4:53:22:58:
59:cf:ca:75:25:7e:8f:71:e7:15:c0:b5:ae:4a:96:
dd:9b:fa:f5:3d:1d:9f:5b:d0:e6:7a:9c:ac:55:04:
71:36:94:a5:0b:19:3f:60:00:dc:3e:ed:46:2e:bf:
a9:25:97:e2:a5:16:8b:c3:46:0e:5a:78:f1:84:c4:
4b:ee:7d:e5:e6:f2:ba:4a:0b:22:63:95:4a:39:d4:
df:c2:f5:1a:9f:02:f1:2a:c0:80:a8:43:23:35:7e:
b7:59:54:bf:84:9c:ee:0d:3d:0c:7f:f4:e2:22:ef:
c6:3d:41:1a:e2:5c:b1:74:72:f8:91:d9:11:3b:0b:
8a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0E:F1:59:05:A0:FA:28:A2:E5:D6:5E:A0:0D:96:FB:72:77:DF:F5
X509v3 Authority Key Identifier:
keyid:AA:A5:B6:EC:96:E7:CB:62:48:8E:D5:12:DA:FC:54:7E:3E:33:34:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqW27Jbny2JIjtUS2vxUfj4zNGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7d00d1-aa30-46c4-af57-39bf891c19be/1/GQ7xWQWg-iii5dZeoA2W-3J33_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7d00d1-aa30-46c4-af57-39bf891c19be/1/qqW27Jbny2JIjtUS2vxUfj4zNGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.96.0/21
193.53.99.0-193.53.100.255
Signature Algorithm: sha256WithRSAEncryption
27:f8:fe:e5:7c:e5:57:1e:4e:97:73:58:93:c6:91:72:0b:c2:
ee:fc:78:38:b8:09:fb:73:01:4f:3a:60:06:44:74:47:37:5d:
62:8a:af:aa:f3:8f:9d:50:1a:48:0f:c7:4c:62:3a:aa:50:b7:
ad:75:28:9a:b4:d9:59:a4:a9:1c:30:45:4c:41:3c:31:9f:8a:
2b:de:03:2b:fb:e0:e8:92:16:33:f8:1c:17:35:50:cf:8e:ea:
9f:07:a2:8e:00:13:8b:35:2d:cc:3e:9e:60:a7:57:e2:99:63:
ed:ff:ce:60:73:a6:ed:f7:2f:b5:52:d4:95:c8:8e:6f:20:e1:
5d:45:6e:40:89:3b:fc:7e:46:16:6b:f0:ac:1c:b4:66:48:3f:
fd:85:25:7c:e2:86:cd:04:e7:67:f9:91:b3:14:73:11:2b:4d:
87:56:8e:38:84:53:21:fc:0b:1f:db:1c:a2:74:a5:c9:72:54:
7f:6f:6d:b5:bf:54:cc:65:e9:e7:dc:be:d6:3b:b4:7b:a5:49:
4a:71:09:17:5e:a1:40:fc:96:04:b5:e3:9b:51:4e:08:1d:48:
f0:72:6b:79:f0:c5:a4:96:69:b5:d7:b9:6c:ab:07:b2:83:fc:
fb:1a:54:0c:de:01:c5:72:7d:8d:cf:46:87:b9:28:4f:7d:d4:
39:36:65:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYhmdGe5Tciqbuc0e0OC0NcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYTViNmVjOTZlN2NiNjI0ODhlZDUxMmRhZmM1NDdlM2Uz
MzM0NjEwHhcNMjMwNTI5MDc0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBlZjE1OTA1YTBmYTI4YTJlNWQ2NWVhMDBkOTZmYjcyNzdkZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNMOjc0qNC6KJg21+xY52g0zXgad
NqghypEpNG/XjcHLs1OlVPemedw1t0g/YC8A32RyrQNUTHmibUpT2F5z7bi13mMm
+lsVHTPFDt/wmXeTwiSEfyBzb8MzuJlC7/ef392rbDiBcTxIkHXlhhrGKAtY74qx
sy8CBDMqeHH3cd6jAMRTIlhZz8p1JX6PcecVwLWuSpbdm/r1PR2fW9DmepysVQRx
NpSlCxk/YADcPu1GLr+pJZfipRaLw0YOWnjxhMRL7n3l5vK6SgsiY5VKOdTfwvUa
nwLxKsCAqEMjNX63WVS/hJzuDT0Mf/TiIu/GPUEa4lyxdHL4kdkROwuKKwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBkO8VkFoPooouXWXqANlvtyd9/1MB8GA1UdIwQY
MBaAFKqltuyW58tiSI7VEtr8VH4+MzRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXFXMjdKYm55MkpJanRVUzJ2eFVmajR6TkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZDAwZDEtYWEzMC00NmM0LWFmNTct
MzliZjg5MWMxOWJlLzEvR1E3eFdRV2ctaWlpNWRaZW9BMlctM0ozM19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZDAwZDEtYWEzMC00NmM0LWFmNTctMzliZjg5MWMxOWJl
LzEvcXFXMjdKYm55MkpJanRVUzJ2eFVmajR6TkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDXn9gMAwD
BADBNWMDBADBNWQwDQYJKoZIhvcNAQELBQADggEBACf4/uV85VceTpdzWJPGkXIL
wu78eDi4CftzAU86YAZEdEc3XWKKr6rzj51QGkgPx0xiOqpQt611KJq02VmkqRww
RUxBPDGfiiveAyv74OiSFjP4HBc1UM+O6p8Hoo4AE4s1Lcw+nmCnV+KZY+3/zmBz
pu33L7VS1JXIjm8g4V1FbkCJO/x+RhZr8KwctGZIP/2FJXzihs0E52f5kbMUcxEr
TYdWjjiEUyH8Cx/bHKJ0pclyVH9vbbW/VMxl6efcvtY7tHulSUpxCRdeoUD8lgS1
45tRTggdSPBya3nwxaSWabXXuWyrB7KD/PsaVAzeAcVyfY3PRoe5KE991Dk2ZUQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:30:31 2025 by rpki-client