Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/Qvc8RSbEXXaKTVJ-2F_YzL6RWqQ.roa
File: Qvc8RSbEXXaKTVJ-2F_YzL6RWqQ.roa (raw, json)
Hash identifier: a+7CPhduNeCdLfwErr+aJ4N+Kny/SpDPIbHNdyGUm+I=
Subject key identifier: 42:F7:3C:45:26:C4:5D:76:8A:4D:52:7E:D8:5F:D8:CC:BE:91:5A:A4
Certificate issuer: /CN=d223093ce150874016d793f439f43d2e6440c3f2
Certificate serial: 019420D608222529605310A9F3796C35381B
Authority key identifier: D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/Qvc8RSbEXXaKTVJ-2F_YzL6RWqQ.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 212.123.46.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:08:22:25:29:60:53:10:a9:f3:79:6c:35:38:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d223093ce150874016d793f439f43d2e6440c3f2
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42f73c4526c45d768a4d527ed85fd8ccbe915aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b4:02:e6:17:eb:8e:b8:8b:e7:9e:c7:26:7c:
6a:44:91:aa:70:f3:31:75:af:51:37:41:20:f3:86:
07:c5:09:f5:e1:fa:11:fb:ed:b6:6a:10:a2:6e:0c:
53:c5:9b:41:05:e4:cf:b4:a9:df:3f:8f:d3:b7:d1:
65:02:ad:86:b0:5d:08:67:5c:dd:73:31:16:ab:db:
9b:a7:4e:c4:3f:ce:26:3c:b7:67:8f:21:51:61:53:
e0:c5:17:b6:c1:a9:ca:0b:27:24:1d:65:75:03:a8:
50:29:62:9c:5b:d6:d7:44:7a:d6:4e:62:78:64:7f:
a2:1a:14:af:b2:61:8b:3e:3a:a0:9c:7d:73:8d:67:
79:c4:a9:ad:fb:7e:f6:1b:1b:12:e1:c4:4e:31:88:
fd:90:ac:d4:19:9b:d7:fe:8c:50:fd:62:ca:52:62:
30:2e:79:25:d9:4f:03:d1:77:0e:6f:44:b5:ae:e0:
ec:7a:9c:cf:6f:3d:59:45:9a:e3:1e:f8:43:00:52:
eb:a3:99:82:bd:be:7e:a0:a1:56:8b:48:24:72:0d:
59:04:00:a5:a7:cf:47:39:ad:af:b7:13:b9:37:e4:
68:69:48:c2:d3:3e:49:56:2a:3b:28:c1:74:3c:1e:
22:36:f6:66:8a:1c:1e:da:b2:97:59:72:d9:9b:2c:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F7:3C:45:26:C4:5D:76:8A:4D:52:7E:D8:5F:D8:CC:BE:91:5A:A4
X509v3 Authority Key Identifier:
keyid:D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/Qvc8RSbEXXaKTVJ-2F_YzL6RWqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/0iMJPOFQh0AW15P0OfQ9LmRAw_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.123.46.0/23
Signature Algorithm: sha256WithRSAEncryption
60:5f:b2:81:ef:39:e0:05:2f:ee:33:0a:5b:71:3b:eb:fc:1a:
ef:46:71:69:c5:1f:0a:51:71:16:a5:bb:bd:13:39:8f:4e:d6:
79:64:df:6b:8e:bb:c6:31:45:4d:d1:60:39:76:16:6b:eb:81:
8d:25:2c:c0:03:9a:cb:6c:6c:8f:fc:57:93:df:ee:42:f7:34:
28:55:78:c6:77:c6:9d:e0:15:af:7f:21:2d:01:67:b1:ce:79:
93:dc:81:fa:88:1d:14:57:53:49:1d:f7:87:52:e7:e4:fc:4a:
27:4b:97:26:b0:f3:c2:93:0c:5a:2a:c5:50:b3:54:bc:63:36:
c9:06:eb:ef:e8:d1:78:7a:f8:fb:a5:8d:14:d9:cf:d5:52:9c:
30:28:31:f5:49:f3:c4:d2:90:84:0e:72:b0:82:dc:20:3c:b4:
c9:a3:64:12:15:d8:9e:d2:b0:e2:00:1d:a5:e4:ec:e6:53:3e:
71:f2:da:b3:b6:86:f9:d9:d6:a7:5a:e2:28:d5:80:48:c0:98:
b2:30:71:2c:2b:a4:7c:03:15:48:06:a8:6f:ee:09:51:2c:b7:
a9:61:71:b3:9e:1d:74:00:32:fa:28:e5:a9:ac:dd:a5:00:0b:
6e:92:30:5f:a3:3d:c2:8b:15:f3:e0:59:45:d4:bc:71:03:4d:
01:64:9c:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1ggiJSlgUxCp83lsNTgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjMwOTNjZTE1MDg3NDAxNmQ3OTNmNDM5ZjQzZDJlNjQ0
MGMzZjIwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY3M2M0NTI2YzQ1ZDc2OGE0ZDUyN2VkODVmZDhjY2JlOTE1YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7QC5hfrjriL557HJnxqRJGqcPMx
da9RN0Eg84YHxQn14foR++22ahCibgxTxZtBBeTPtKnfP4/Tt9FlAq2GsF0IZ1zd
czEWq9ubp07EP84mPLdnjyFRYVPgxRe2wanKCyckHWV1A6hQKWKcW9bXRHrWTmJ4
ZH+iGhSvsmGLPjqgnH1zjWd5xKmt+372GxsS4cROMYj9kKzUGZvX/oxQ/WLKUmIw
Lnkl2U8D0XcOb0S1ruDsepzPbz1ZRZrjHvhDAFLro5mCvb5+oKFWi0gkcg1ZBACl
p89HOa2vtxO5N+RoaUjC0z5JVio7KMF0PB4iNvZmihwe2rKXWXLZmyzO4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEL3PEUmxF12ik1Sfthf2My+kVqkMB8GA1UdIwQY
MBaAFNIjCTzhUIdAFteT9Dn0PS5kQMPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMt
NWIwYjA1MDkzZTBjLzEvUXZjOFJTYkVYWGFLVFZKLTJGX1l6TDZSV3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMtNWIwYjA1MDkzZTBj
LzEvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HsuMA0G
CSqGSIb3DQEBCwUAA4IBAQBgX7KB7zngBS/uMwpbcTvr/BrvRnFpxR8KUXEWpbu9
EzmPTtZ5ZN9rjrvGMUVN0WA5dhZr64GNJSzAA5rLbGyP/FeT3+5C9zQoVXjGd8ad
4BWvfyEtAWexznmT3IH6iB0UV1NJHfeHUufk/EonS5cmsPPCkwxaKsVQs1S8YzbJ
Buvv6NF4evj7pY0U2c/VUpwwKDH1SfPE0pCEDnKwgtwgPLTJo2QSFdie0rDiAB2l
5OzmUz5x8tqztob52danWuIo1YBIwJiyMHEsK6R8AxVIBqhv7glRLLepYXGznh10
ADL6KOWprN2lAAtukjBfoz3CixXz4FlF1LxxA00BZJxP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:59 2025 by rpki-client