Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qhqAQR22JaN9sFDstmAnfgH6jD4.roa
File: qhqAQR22JaN9sFDstmAnfgH6jD4.roa (raw, json)
Hash identifier: DYrIqHwNjcGZSEbGFvg0f1ZcKdSDEK96zCtPjprY0u8=
Subject key identifier: AA:1A:80:41:1D:B6:25:A3:7D:B0:50:EC:B6:60:27:7E:01:FA:8C:3E
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 019420D5D9547C991A566E097FC49D0A7933
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qhqAQR22JaN9sFDstmAnfgH6jD4.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 88.151.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d9:54:7c:99:1a:56:6e:09:7f:c4:9d:0a:79:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa1a80411db625a37db050ecb660277e01fa8c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:6f:46:8c:29:73:3b:7a:f3:2d:3f:11:1e:
88:28:16:0a:ca:f9:c7:e7:59:28:c5:4b:8e:33:20:
eb:fa:02:49:5e:6a:3c:13:87:77:27:4b:e3:02:c0:
e5:ff:2a:a2:9e:1e:d0:55:af:0d:fd:95:3d:66:ee:
d6:9c:4d:76:4f:de:b9:6e:0f:4d:f1:c0:58:df:16:
a9:22:1b:57:66:78:b0:3d:d2:15:cd:ae:29:ff:3f:
38:dd:49:12:e9:af:a0:01:ad:90:08:7a:9e:36:9d:
64:b7:07:9b:5c:6a:62:93:d2:ae:69:1e:4a:ae:7c:
9d:9c:dc:46:27:c7:34:53:b1:41:58:13:aa:c6:81:
96:29:f8:82:ea:63:62:d9:c7:a0:d3:a8:f9:2a:9d:
bc:94:e4:af:4f:60:dc:ae:d2:e0:41:4e:79:14:d2:
5a:a0:bb:f9:53:67:6d:40:6a:9a:46:51:cf:65:f2:
94:b0:09:5c:1b:1f:a6:72:70:b0:1f:59:a8:d9:0c:
7a:a7:32:eb:76:21:0f:7d:4f:0b:df:a6:0c:fe:74:
e8:35:42:ea:cb:cc:77:8a:9d:e0:9e:45:99:68:f3:
c1:e8:a5:4a:52:74:88:65:8c:2b:43:7d:35:72:a5:
2b:54:25:02:e5:c6:ea:7a:28:d0:05:8b:4b:b0:bb:
f2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1A:80:41:1D:B6:25:A3:7D:B0:50:EC:B6:60:27:7E:01:FA:8C:3E
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/qhqAQR22JaN9sFDstmAnfgH6jD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.195.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:7f:94:3c:df:19:77:9a:9e:8a:c9:57:19:a6:92:43:50:d8:
4c:eb:ec:59:bd:a3:6d:96:47:c0:ea:c6:45:f4:9b:d7:67:b5:
ab:01:15:10:35:5a:bb:6a:73:bb:9c:e7:57:26:29:72:83:55:
7c:d1:57:76:19:df:c4:8d:f6:05:15:bf:0f:95:98:a2:51:03:
ba:46:ab:5a:66:d4:0c:a3:0b:8c:38:9b:5d:59:7a:eb:5d:e6:
cb:86:2e:70:a4:5a:36:6b:fc:f9:80:c9:0b:53:3a:22:37:87:
8a:aa:f2:3d:d4:86:d6:c1:fb:5d:bd:dd:9f:30:4d:dd:8b:3b:
4e:72:1c:89:52:79:ce:f2:a6:71:ff:16:e5:f0:fb:14:e4:f2:
36:fa:02:12:e0:89:f7:c0:61:27:31:2f:a4:a3:28:c1:68:27:
4c:16:8a:12:af:75:25:6c:7a:82:54:e9:ab:27:2d:d9:81:da:
d0:bb:ee:5f:c4:1d:8e:3d:be:a0:0c:53:5d:9b:fd:06:58:a3:
92:5a:07:e6:09:86:64:4d:ad:03:fb:e1:b9:c2:fc:41:52:22:
6d:7b:83:91:86:f9:84:e0:e0:76:bc:f2:e2:25:62:a8:8d:a9:
be:63:b0:20:73:29:36:e4:63:00:3f:de:13:2c:de:7b:52:c2:
f0:ea:8e:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dlUfJkaVm4Jf8SdCnkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFhODA0MTFkYjYyNWEzN2RiMDUwZWNiNjYwMjc3ZTAxZmE4YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEZvRowpczt68y0/ER6IKBYKyvnH
51koxUuOMyDr+gJJXmo8E4d3J0vjAsDl/yqinh7QVa8N/ZU9Zu7WnE12T965bg9N
8cBY3xapIhtXZniwPdIVza4p/z843UkS6a+gAa2QCHqeNp1ktwebXGpik9KuaR5K
rnydnNxGJ8c0U7FBWBOqxoGWKfiC6mNi2ceg06j5Kp28lOSvT2DcrtLgQU55FNJa
oLv5U2dtQGqaRlHPZfKUsAlcGx+mcnCwH1mo2Qx6pzLrdiEPfU8L36YM/nToNULq
y8x3ip3gnkWZaPPB6KVKUnSIZYwrQ301cqUrVCUC5cbqeijQBYtLsLvyEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoagEEdtiWjfbBQ7LZgJ34B+ow+MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcWhxQVFSMjJKYU45c0ZEc3RtQW5mZ0g2akQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJfDMA0G
CSqGSIb3DQEBCwUAA4IBAQDAf5Q83xl3mp6KyVcZppJDUNhM6+xZvaNtlkfA6sZF
9JvXZ7WrARUQNVq7anO7nOdXJilyg1V80Vd2Gd/EjfYFFb8PlZiiUQO6RqtaZtQM
owuMOJtdWXrrXebLhi5wpFo2a/z5gMkLUzoiN4eKqvI91IbWwftdvd2fME3diztO
chyJUnnO8qZx/xbl8PsU5PI2+gIS4In3wGEnMS+koyjBaCdMFooSr3UlbHqCVOmr
Jy3ZgdrQu+5fxB2OPb6gDFNdm/0GWKOSWgfmCYZkTa0D++G5wvxBUiJte4ORhvmE
4OB2vPLiJWKojam+Y7Agcyk25GMAP94TLN57UsLw6o7z
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:18 2025 by rpki-client