Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QJvPeNzFvPANqEbfkIc8-3zDQLs.roa
File: QJvPeNzFvPANqEbfkIc8-3zDQLs.roa (raw, json)
Hash identifier: felyBGjLHZhYiBLtOS5vAZwi9iqRNucwfxHrWgkMpWA=
Subject key identifier: 40:9B:CF:78:DC:C5:BC:F0:0D:A8:46:DF:90:87:3C:FB:7C:C3:40:BB
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01955E00B79BFD4A0682D08B8A9AAD4610FC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QJvPeNzFvPANqEbfkIc8-3zDQLs.roa
Signing time: Mon 03 Mar 2025 21:54:20 +0000
ROA not before: Mon 03 Mar 2025 21:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396856
IP address blocks: 89.185.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5e:00:b7:9b:fd:4a:06:82:d0:8b:8a:9a:ad:46:10:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Mar 3 21:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=409bcf78dcc5bcf00da846df90873cfb7cc340bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3b:f7:7c:93:d8:9a:18:e6:97:6d:56:fd:2a:
fc:7b:61:50:e7:29:d4:5b:60:c1:96:ff:2d:83:38:
01:7f:5f:7b:4b:bc:29:0e:1c:a4:11:a2:72:8f:a9:
37:73:c3:23:9e:fc:5d:21:5c:54:f5:06:de:51:81:
02:c4:c8:bb:6d:fd:51:18:91:f6:67:bb:a5:52:cf:
07:fb:cd:e9:f4:1b:53:30:06:aa:8b:e5:b3:e0:bc:
74:0c:56:72:57:3f:9d:ba:a6:54:f5:b7:24:ce:c6:
95:61:5e:eb:7c:95:4e:8a:5f:85:de:38:8a:3f:de:
7b:bd:65:8b:19:d9:25:6c:58:04:f8:fd:c0:d5:eb:
77:3b:64:24:5e:c2:9f:5a:31:0d:b1:98:e9:5a:cd:
2f:57:d3:4e:fe:00:c3:3a:42:fa:45:59:a1:ff:fa:
0d:b0:a5:ca:76:fb:09:d6:28:e8:06:8c:e4:b4:cf:
bf:08:ac:8c:10:42:03:cd:1a:af:2a:0a:0b:59:59:
32:9f:03:60:6e:8b:5f:ae:a1:af:c3:3b:31:5a:d8:
94:8e:a3:53:a3:59:9d:49:bc:15:75:b2:73:73:aa:
5e:79:87:f0:20:39:f0:a7:7d:0f:d6:85:a1:4e:bd:
94:d9:1c:d9:e1:70:eb:69:7b:d2:28:d8:f5:d9:56:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9B:CF:78:DC:C5:BC:F0:0D:A8:46:DF:90:87:3C:FB:7C:C3:40:BB
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QJvPeNzFvPANqEbfkIc8-3zDQLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:ac:4e:ff:da:ce:86:e9:ef:c4:c9:03:54:a8:75:ae:42:02:
1d:7a:49:f5:be:ff:11:7e:70:cb:bc:c3:87:d7:d6:bb:3a:6c:
ee:ff:7a:07:9f:98:d1:52:f7:64:63:90:06:82:48:f6:57:90:
b5:5d:4c:b0:19:d1:13:94:92:ad:69:e2:a5:1a:f3:8c:59:80:
5a:27:84:85:aa:43:ac:67:81:02:f9:74:7e:3e:2b:6e:bb:2a:
30:b1:cb:2c:8a:c3:c3:20:d4:0b:05:5c:0c:1d:99:4a:5c:df:
af:15:21:79:9b:2d:01:73:ac:73:8e:50:43:82:a9:46:81:8f:
54:ea:4e:61:8b:e1:d4:5c:b5:ce:7a:3f:6d:bf:d5:82:bc:a6:
0c:1e:3b:d0:3c:e5:e3:9c:6a:75:2c:2a:0c:e1:18:d1:08:43:
69:9f:12:5c:b2:24:c4:4e:0a:c5:ef:8f:a8:7a:08:f4:e0:d4:
10:3f:ad:fe:01:ba:d8:57:b0:bf:70:18:ae:d8:5a:f8:7c:e1:
b4:07:50:20:2b:e8:50:41:2c:42:cb:cb:26:70:ef:ee:d5:0a:
a7:08:36:ef:cc:9f:a0:70:a0:29:8d:49:d4:cc:e5:9d:45:ca:
74:87:00:ae:51:c3:58:70:ce:78:6c:af:23:51:d8:de:47:31:
ef:2c:ff:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVeALeb/UoGgtCLipqtRhD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMzAzMjE1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDliY2Y3OGRjYzViY2YwMGRhODQ2ZGY5MDg3M2NmYjdjYzM0MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zv3fJPYmhjml21W/Sr8e2FQ5ynU
W2DBlv8tgzgBf197S7wpDhykEaJyj6k3c8MjnvxdIVxU9QbeUYECxMi7bf1RGJH2
Z7ulUs8H+83p9BtTMAaqi+Wz4Lx0DFZyVz+duqZU9bckzsaVYV7rfJVOil+F3jiK
P957vWWLGdklbFgE+P3A1et3O2QkXsKfWjENsZjpWs0vV9NO/gDDOkL6RVmh//oN
sKXKdvsJ1ijoBozktM+/CKyMEEIDzRqvKgoLWVkynwNgbotfrqGvwzsxWtiUjqNT
o1mdSbwVdbJzc6peeYfwIDnwp30P1oWhTr2U2RzZ4XDraXvSKNj12VY80wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECbz3jcxbzwDahG35CHPPt8w0C7MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUUp2UGVOekZ2UEFOcUViZmtJYzgtM3pEUUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCdrE7/2s6G6e/EyQNUqHWuQgIdekn1vv8RfnDLvMOH
19a7Omzu/3oHn5jRUvdkY5AGgkj2V5C1XUywGdETlJKtaeKlGvOMWYBaJ4SFqkOs
Z4EC+XR+PituuyowscssisPDINQLBVwMHZlKXN+vFSF5my0Bc6xzjlBDgqlGgY9U
6k5hi+HUXLXOej9tv9WCvKYMHjvQPOXjnGp1LCoM4RjRCENpnxJcsiTETgrF74+o
egj04NQQP63+AbrYV7C/cBiu2Fr4fOG0B1AgK+hQQSxCy8smcO/u1QqnCDbvzJ+g
cKApjUnUzOWdRcp0hwCuUcNYcM54bK8jUdjeRzHvLP+V
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:17:35 2025 by rpki-client