Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Qk7djH0oEs-hionv0XZIVgsdV88.roa
File: Qk7djH0oEs-hionv0XZIVgsdV88.roa (raw, json)
Hash identifier: R8CUDICLm0omO2C+w6hqTW9Xder5dYef/Q1/0KibGf4=
Subject key identifier: 42:4E:DD:8C:7D:28:12:CF:A1:8A:89:EF:D1:76:48:56:0B:1D:57:CF
Certificate issuer: /CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Certificate serial: 01823B853AE11C611DCEE83213C63DC8AE23
Authority key identifier: 34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Qk7djH0oEs-hionv0XZIVgsdV88.roa
Signing time: Tue 26 Jul 2022 17:19:23 +0000
ROA not before: Tue 26 Jul 2022 17:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.138.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3b:85:3a:e1:1c:61:1d:ce:e8:32:13:c6:3d:c8:ae:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Validity
Not Before: Jul 26 17:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=424edd8c7d2812cfa18a89efd17648560b1d57cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:97:9f:9c:b3:c6:3f:9e:1c:a7:31:ab:21:
c7:54:74:af:8c:e8:73:97:ba:5f:2a:49:d6:7e:67:
ef:3f:69:14:2b:f4:5b:97:92:0e:71:4b:91:ed:04:
1b:26:30:bc:d8:33:c8:26:5a:ae:67:bd:3e:56:b9:
2e:df:e6:b5:41:86:84:5a:d2:6f:4c:db:55:e6:b1:
24:ab:07:89:6b:4b:1c:6a:4e:3d:33:ad:fc:80:03:
de:19:32:a3:a8:e1:99:31:77:22:29:5b:42:dc:49:
51:9c:cb:6f:0c:29:26:3e:3c:65:80:4c:d0:d2:d1:
d4:94:51:79:e7:97:f0:fd:67:2d:08:f2:14:2b:df:
c5:0c:d0:27:82:41:21:54:a0:96:61:53:0a:da:3d:
87:45:64:b3:c8:85:8f:8b:31:34:31:a9:e0:e2:a7:
30:3a:ab:09:1a:4e:f6:b8:fa:1e:1c:a2:1d:65:b4:
b6:f0:bc:15:bc:b2:8a:dd:93:59:a4:45:c6:a3:26:
93:ff:d0:97:4b:e7:8a:23:e4:f8:cd:16:16:6e:7c:
66:02:93:31:d3:f4:ae:9b:df:e3:86:f3:eb:d0:ad:
63:bf:ec:57:b5:36:9b:59:92:7c:80:6b:41:58:01:
63:31:1e:bb:ae:3b:44:3e:33:49:5e:45:80:07:0a:
15:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4E:DD:8C:7D:28:12:CF:A1:8A:89:EF:D1:76:48:56:0B:1D:57:CF
X509v3 Authority Key Identifier:
keyid:34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Qk7djH0oEs-hionv0XZIVgsdV88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/NKnrbE06V8mlZFbdvwASuBdQsdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.164.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:3e:8d:3d:3b:c1:a6:fa:e8:3c:8b:05:82:80:05:d5:71:bb:
c6:5a:20:e2:d5:49:2f:29:29:80:f3:38:1e:6c:3f:01:03:52:
91:a8:bf:c4:2b:01:c7:48:90:b3:8b:98:27:18:8a:0f:26:71:
59:4b:85:13:d9:8c:d5:29:9a:59:c4:e5:10:58:73:0f:ba:2c:
ae:24:5f:42:31:de:59:fb:96:3b:a8:c3:90:b0:8e:01:0a:24:
64:a9:11:a0:7b:7e:9d:fc:74:e9:e1:fc:dd:4c:31:4b:35:b0:
3d:41:b2:76:d7:5d:0f:09:96:a7:91:14:93:32:82:4c:cb:62:
60:8a:75:05:2f:3f:0b:29:29:4a:31:86:89:9a:15:91:2c:f5:
c1:50:94:76:b5:04:3d:80:d6:7a:17:31:38:99:f6:b1:09:dd:
4f:cd:96:c4:f6:f6:2d:4a:e2:c0:a5:f2:cd:7b:9d:6f:9c:9b:
81:c6:b0:52:a0:59:dc:18:bc:f0:25:c4:46:96:8b:a2:11:ab:
a8:18:9e:1a:21:1c:4a:b9:96:f9:f6:6b:99:b8:88:bb:cc:c8:
2c:40:22:0d:14:46:9b:62:cf:2f:1d:a4:32:d9:9d:23:fc:d6:
58:01:f6:a7:d9:06:c4:d9:ce:0d:96:91:dd:a5:a9:ff:e9:fb:
a0:e6:d1:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI7hTrhHGEdzugyE8Y9yK4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTllYjZjNGQzYTU3YzlhNTY0NTZkZGJmMDAxMmI4MTc1
MGIxZDMwHhcNMjIwNzI2MTcxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRlZGQ4YzdkMjgxMmNmYTE4YTg5ZWZkMTc2NDg1NjBiMWQ1N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2CXn5yzxj+eHKcxqyHHVHSvjOhz
l7pfKknWfmfvP2kUK/Rbl5IOcUuR7QQbJjC82DPIJlquZ70+Vrku3+a1QYaEWtJv
TNtV5rEkqweJa0scak49M638gAPeGTKjqOGZMXciKVtC3ElRnMtvDCkmPjxlgEzQ
0tHUlFF555fw/WctCPIUK9/FDNAngkEhVKCWYVMK2j2HRWSzyIWPizE0Mang4qcw
OqsJGk72uPoeHKIdZbS28LwVvLKK3ZNZpEXGoyaT/9CXS+eKI+T4zRYWbnxmApMx
0/Sum9/jhvPr0K1jv+xXtTabWZJ8gGtBWAFjMR67rjtEPjNJXkWABwoVUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJO3Yx9KBLPoYqJ79F2SFYLHVfPMB8GA1UdIwQY
MBaAFDSp62xNOlfJpWRW3b8AErgXULHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMt
MzQ1ZDA2NGRhN2JmLzEvUWs3ZGpIMG9Fcy1oaW9udjBYWklWZ3NkVjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMtMzQ1ZDA2NGRhN2Jm
LzEvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYqkMA0G
CSqGSIb3DQEBCwUAA4IBAQA7Po09O8Gm+ug8iwWCgAXVcbvGWiDi1UkvKSmA8zge
bD8BA1KRqL/EKwHHSJCzi5gnGIoPJnFZS4UT2YzVKZpZxOUQWHMPuiyuJF9CMd5Z
+5Y7qMOQsI4BCiRkqRGge36d/HTp4fzdTDFLNbA9QbJ2110PCZankRSTMoJMy2Jg
inUFLz8LKSlKMYaJmhWRLPXBUJR2tQQ9gNZ6FzE4mfaxCd1PzZbE9vYtSuLApfLN
e51vnJuBxrBSoFncGLzwJcRGlouiEauoGJ4aIRxKuZb59muZuIi7zMgsQCINFEab
Ys8vHaQy2Z0j/NZYAfan2QbE2c4NlpHdpan/6fug5tFD
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:05:14 2025 by rpki-client