Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CHQMP4Dp9yGtTaqJq03k-z_Gpyk.roa
File: CHQMP4Dp9yGtTaqJq03k-z_Gpyk.roa (raw, json)
Hash identifier: RhspWka7hxFceVyUn4o/u6THlynwbv4DfUWzLHohbaw=
Subject key identifier: 08:74:0C:3F:80:E9:F7:21:AD:4D:AA:89:AB:4D:E4:FB:3F:C6:A7:29
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018906BB8410F5C2CC88839A1CF8239A8453
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CHQMP4Dp9yGtTaqJq03k-z_Gpyk.roa
Signing time: Thu 29 Jun 2023 10:38:19 +0000
ROA not before: Thu 29 Jun 2023 10:38:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5541
IP address blocks: 84.239.0.0/22 maxlen: 22
84.239.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:bb:84:10:f5:c2:cc:88:83:9a:1c:f8:23:9a:84:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jun 29 10:38:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08740c3f80e9f721ad4daa89ab4de4fb3fc6a729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:96:91:1b:d3:d7:c0:8b:22:ab:5d:df:9f:
10:17:a7:1b:a2:47:16:cf:04:66:ec:f6:8b:a1:f3:
82:94:36:a2:36:79:00:45:ea:a1:8d:80:7e:fb:ea:
17:83:ca:13:1f:e5:cf:8c:3e:47:75:79:55:ef:3f:
de:a7:aa:62:e0:0e:d2:2e:5f:c2:1d:86:9d:80:cc:
4e:91:a4:4a:60:e5:2d:f1:52:39:4f:cd:3f:fe:b1:
e5:23:c4:13:59:73:d3:3e:63:46:a5:6d:89:04:07:
cf:09:0e:c0:45:49:95:00:4b:e3:43:11:81:5d:e9:
d2:d3:be:02:5f:36:88:2f:c6:fa:61:04:b9:6a:40:
ee:2b:84:95:ad:c9:37:18:c9:13:be:3f:e7:5d:3e:
8e:91:21:c9:a3:0d:c6:8a:28:4a:38:62:71:69:f3:
41:f8:5a:b6:61:e2:e6:fb:11:dd:09:64:f8:b4:71:
24:c6:b0:19:bc:24:17:27:51:73:cb:b1:91:2c:0a:
75:b7:0d:77:33:20:70:37:5d:fa:7f:81:85:33:51:
de:c7:dd:2e:0b:62:48:50:fb:da:a0:21:cc:c4:75:
ca:98:04:c7:27:e7:10:86:2c:ce:fc:10:e3:47:8e:
33:86:0e:0e:22:3a:dc:b1:82:f9:c3:23:4d:77:9d:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:74:0C:3F:80:E9:F7:21:AD:4D:AA:89:AB:4D:E4:FB:3F:C6:A7:29
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CHQMP4Dp9yGtTaqJq03k-z_Gpyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.0.0/22
84.239.13.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ed:a5:aa:a3:96:3d:9a:68:7d:9a:b2:26:63:b9:6b:be:dd:
71:c3:34:81:0f:b9:ba:57:26:e5:06:f4:11:ed:50:34:e5:5b:
cb:ad:06:a5:69:55:fc:14:60:43:ba:bc:66:a7:ff:45:c3:83:
a3:a0:05:e7:c7:df:a4:fd:08:e8:07:3a:52:0c:fd:74:69:e4:
d7:39:76:b3:19:87:e3:24:5d:3a:99:84:28:5a:67:81:a3:41:
63:42:ef:81:82:30:93:7e:de:ed:6d:38:76:ea:81:29:e1:fe:
5f:c5:ee:ac:8a:ee:42:51:bf:30:f0:2b:0b:71:b0:9f:13:11:
dc:6f:de:7e:8c:4a:b1:83:96:76:62:03:65:88:b5:b0:15:cc:
ca:1f:c0:94:0a:e6:44:45:61:d4:fd:ab:55:c7:29:f7:e2:49:
8d:06:8f:ac:32:0c:a3:6d:9c:87:3f:00:8e:43:f1:db:4f:df:
3a:be:79:6e:f6:1e:db:eb:bb:53:58:8e:ea:7e:d0:7c:b8:fc:
03:36:d3:4e:bb:4e:ba:b5:9a:df:cc:19:92:55:9f:b5:c1:be:
d7:61:f4:4b:34:a2:bf:c4:95:21:6b:b6:7f:76:df:d9:e8:31:
c8:5e:72:71:fe:3c:2e:88:87:82:ee:61:98:d6:ce:84:15:0b:
7f:12:9f:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkGu4QQ9cLMiIOaHPgjmoRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwNjI5MTAzODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc0MGMzZjgwZTlmNzIxYWQ0ZGFhODlhYjRkZTRmYjNmYzZhNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGyWkRvT18CLIqtd358QF6cbokcW
zwRm7PaLofOClDaiNnkAReqhjYB+++oXg8oTH+XPjD5HdXlV7z/ep6pi4A7SLl/C
HYadgMxOkaRKYOUt8VI5T80//rHlI8QTWXPTPmNGpW2JBAfPCQ7ARUmVAEvjQxGB
XenS074CXzaIL8b6YQS5akDuK4SVrck3GMkTvj/nXT6OkSHJow3GiihKOGJxafNB
+Fq2YeLm+xHdCWT4tHEkxrAZvCQXJ1Fzy7GRLAp1tw13MyBwN136f4GFM1Hex90u
C2JIUPvaoCHMxHXKmATHJ+cQhizO/BDjR44zhg4OIjrcsYL5wyNNd51CYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAh0DD+A6fchrU2qiatN5Ps/xqcpMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvQ0hRTVA0RHA5eUd0VGFxSnEwM2stel9HcHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVO8AAwQA
VO8NMA0GCSqGSIb3DQEBCwUAA4IBAQAZ7aWqo5Y9mmh9mrImY7lrvt1xwzSBD7m6
VyblBvQR7VA05VvLrQalaVX8FGBDurxmp/9Fw4OjoAXnx9+k/QjoBzpSDP10aeTX
OXazGYfjJF06mYQoWmeBo0FjQu+BgjCTft7tbTh26oEp4f5fxe6siu5CUb8w8CsL
cbCfExHcb95+jEqxg5Z2YgNliLWwFczKH8CUCuZERWHU/atVxyn34kmNBo+sMgyj
bZyHPwCOQ/HbT986vnlu9h7b67tTWI7qftB8uPwDNtNOu066tZrfzBmSVZ+1wb7X
YfRLNKK/xJUha7Z/dt/Z6DHIXnJx/jwuiIeC7mGY1s6EFQt/Ep/n
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:16 2025 by rpki-client