Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/603444-4a0d-4c52-bef7-d79b0ec78e97/1/RQNfhNpDtrXAYDIMR8vJALA1HXQ.roa
File: RQNfhNpDtrXAYDIMR8vJALA1HXQ.roa (raw, json)
Hash identifier: BQVDm+Vihmo0lXLWfB0xQkZscpfEAOjZgVYWa2N8wts=
Subject key identifier: 45:03:5F:84:DA:43:B6:B5:C0:60:32:0C:47:CB:C9:00:B0:35:1D:74
Certificate issuer: /CN=72aa02f45b97930c7a46d0ef18a91c0aaf8992f2
Certificate serial: 0194266B8C2C7886B688365CDE80BF1C2385
Authority key identifier: 72:AA:02:F4:5B:97:93:0C:7A:46:D0:EF:18:A9:1C:0A:AF:89:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cqoC9FuXkwx6RtDvGKkcCq-JkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/603444-4a0d-4c52-bef7-d79b0ec78e97/1/RQNfhNpDtrXAYDIMR8vJALA1HXQ.roa
Signing time: Thu 02 Jan 2025 09:49:29 +0000
ROA not before: Thu 02 Jan 2025 09:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 91.212.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8c:2c:78:86:b6:88:36:5c:de:80:bf:1c:23:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72aa02f45b97930c7a46d0ef18a91c0aaf8992f2
Validity
Not Before: Jan 2 09:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45035f84da43b6b5c060320c47cbc900b0351d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:fd:22:92:b2:26:bf:4f:1e:76:fa:4d:7e:
18:7b:2b:8e:94:45:83:b9:6f:2f:9b:8f:14:aa:24:
58:70:a0:ff:8c:37:5f:44:a1:9e:50:d3:27:67:3e:
d4:96:55:43:2b:77:e7:a1:f5:fe:29:98:40:58:a8:
0e:5f:93:3d:a9:d2:25:d7:11:e0:89:93:d3:cf:d9:
53:f6:c4:a9:51:aa:52:98:44:ae:c7:bd:66:37:3c:
5a:44:86:02:70:eb:5d:04:53:7e:a3:da:95:5f:16:
d7:04:1f:c6:5b:ff:ce:77:d6:e0:90:77:48:4d:4f:
60:dc:4b:1e:62:13:88:78:2e:f4:3d:54:2c:c9:f1:
bb:d3:7c:1b:86:80:86:06:ef:5a:d0:dd:a1:d5:32:
e4:2b:0f:72:cc:46:e9:ed:4a:0a:84:83:4b:0b:b5:
97:4c:2b:8d:19:70:79:1e:7f:13:c3:8d:9f:1c:00:
16:eb:02:91:0e:20:a9:ce:15:44:26:cb:cf:97:8a:
6e:d9:5f:a8:fb:20:23:bf:5d:6a:c1:98:2e:13:e4:
06:21:49:87:e4:79:20:96:d2:36:74:b4:53:7c:6c:
a8:f0:7f:73:5e:26:cc:99:73:13:96:5a:ef:78:40:
4c:aa:66:a6:59:0e:b4:a9:31:85:5e:91:3d:1d:14:
9c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:03:5F:84:DA:43:B6:B5:C0:60:32:0C:47:CB:C9:00:B0:35:1D:74
X509v3 Authority Key Identifier:
keyid:72:AA:02:F4:5B:97:93:0C:7A:46:D0:EF:18:A9:1C:0A:AF:89:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cqoC9FuXkwx6RtDvGKkcCq-JkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/603444-4a0d-4c52-bef7-d79b0ec78e97/1/RQNfhNpDtrXAYDIMR8vJALA1HXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/603444-4a0d-4c52-bef7-d79b0ec78e97/1/cqoC9FuXkwx6RtDvGKkcCq-JkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.10.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:5c:20:18:31:76:8e:3d:a3:bb:6e:cc:5a:7b:ee:bb:05:22:
e4:19:02:7e:7e:f2:3e:5f:2b:da:e1:8c:b9:c3:fe:c5:db:90:
41:03:49:49:12:e7:da:19:81:59:41:8a:24:16:33:39:1b:73:
eb:75:25:b5:e4:99:61:ec:42:6b:65:aa:c8:9c:83:23:22:18:
97:4b:19:29:16:85:78:f1:82:85:3c:cb:04:20:52:82:05:3c:
10:e4:77:7b:4d:33:9a:bb:59:bb:ea:48:44:42:9b:e5:8a:2c:
65:33:cf:a5:56:60:4b:14:da:c7:27:a4:eb:80:c3:77:57:47:
9f:36:90:c8:5f:d2:59:32:25:85:ba:ba:25:77:51:77:d1:36:
1a:e3:9f:d2:e5:bb:41:b5:92:22:80:32:40:5a:37:ab:1e:69:
14:ac:dc:d3:8d:b1:b4:ea:37:f3:78:ad:22:82:a4:6b:7e:0a:
39:a0:a9:db:db:e6:91:9f:57:31:90:60:5b:87:1b:1e:bc:19:
27:49:e8:a1:4b:b9:30:4f:e2:1e:44:6c:a9:59:1f:94:e7:f6:
d5:9a:8d:16:39:86:5d:4d:08:0f:c5:6f:22:93:6a:fc:3e:46:
3a:8d:58:5b:dd:48:18:c0:c4:3b:f7:16:fa:f3:b6:e4:c2:c8:
8d:ce:f5:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma4wseIa2iDZc3oC/HCOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYWEwMmY0NWI5NzkzMGM3YTQ2ZDBlZjE4YTkxYzBhYWY4
OTkyZjIwHhcNMjUwMTAyMDk0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAzNWY4NGRhNDNiNmI1YzA2MDMyMGM0N2NiYzkwMGIwMzUxZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hr9IpKyJr9PHnb6TX4YeyuOlEWD
uW8vm48UqiRYcKD/jDdfRKGeUNMnZz7UllVDK3fnofX+KZhAWKgOX5M9qdIl1xHg
iZPTz9lT9sSpUapSmESux71mNzxaRIYCcOtdBFN+o9qVXxbXBB/GW//Od9bgkHdI
TU9g3EseYhOIeC70PVQsyfG703wbhoCGBu9a0N2h1TLkKw9yzEbp7UoKhINLC7WX
TCuNGXB5Hn8Tw42fHAAW6wKRDiCpzhVEJsvPl4pu2V+o+yAjv11qwZguE+QGIUmH
5HkgltI2dLRTfGyo8H9zXibMmXMTllrveEBMqmamWQ60qTGFXpE9HRSc4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUDX4TaQ7a1wGAyDEfLyQCwNR10MB8GA1UdIwQY
MBaAFHKqAvRbl5MMekbQ7xipHAqviZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3FvQzlGdVhrd3g2UnREdkdLa2NDcS1Ka3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MDM0NDQtNGEwZC00YzUyLWJlZjct
ZDc5YjBlYzc4ZTk3LzEvUlFOZmhOcER0clhBWURJTVI4dkpBTEExSFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MDM0NDQtNGEwZC00YzUyLWJlZjctZDc5YjBlYzc4ZTk3
LzEvY3FvQzlGdVhrd3g2UnREdkdLa2NDcS1Ka3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QKMA0G
CSqGSIb3DQEBCwUAA4IBAQAOXCAYMXaOPaO7bsxae+67BSLkGQJ+fvI+Xyva4Yy5
w/7F25BBA0lJEufaGYFZQYokFjM5G3PrdSW15Jlh7EJrZarInIMjIhiXSxkpFoV4
8YKFPMsEIFKCBTwQ5Hd7TTOau1m76khEQpvliixlM8+lVmBLFNrHJ6TrgMN3V0ef
NpDIX9JZMiWFurold1F30TYa45/S5btBtZIigDJAWjerHmkUrNzTjbG06jfzeK0i
gqRrfgo5oKnb2+aRn1cxkGBbhxsevBknSeihS7kwT+IeRGypWR+U5/bVmo0WOYZd
TQgPxW8ik2r8PkY6jVhb3UgYwMQ79xb687bkwsiNzvXb
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:47:41 2025 by rpki-client