Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c820f-1a78-423b-8196-5bdf5932f4f0/1/QxYOgGPEmvCgh5H7Mvz-SoGkGX0.roa
File: QxYOgGPEmvCgh5H7Mvz-SoGkGX0.roa (raw, json)
Hash identifier: ebnq3iUpUDbuLxfaKYuKf8uhDusM5seqUtbNSLosv5E=
Subject key identifier: 43:16:0E:80:63:C4:9A:F0:A0:87:91:FB:32:FC:FE:4A:81:A4:19:7D
Certificate issuer: /CN=ee8470f640487378be9d77a6ede477435a06ca99
Certificate serial: 01857139BEEA6B4FC5DEDA26843490F717C3
Authority key identifier: EE:84:70:F6:40:48:73:78:BE:9D:77:A6:ED:E4:77:43:5A:06:CA:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7oRw9kBIc3i-nXem7eR3Q1oGypk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c820f-1a78-423b-8196-5bdf5932f4f0/1/QxYOgGPEmvCgh5H7Mvz-SoGkGX0.roa
Signing time: Mon 02 Jan 2023 06:44:47 +0000
ROA not before: Mon 02 Jan 2023 06:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41828
IP address blocks: 195.191.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:be:ea:6b:4f:c5:de:da:26:84:34:90:f7:17:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee8470f640487378be9d77a6ede477435a06ca99
Validity
Not Before: Jan 2 06:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43160e8063c49af0a08791fb32fcfe4a81a4197d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:51:34:29:78:bf:b2:44:cc:80:b6:40:68:d5:
62:1e:dc:dc:21:ee:96:28:4c:bc:84:8a:62:cf:0e:
94:18:09:d1:9b:17:41:8e:24:6c:70:c8:7d:f3:b0:
25:87:5d:62:26:ea:9f:1c:01:b4:71:52:b5:75:31:
6d:6d:06:ee:23:3c:98:cf:43:81:02:a1:01:85:ca:
99:d9:5a:32:fa:2a:f7:d3:ff:11:f7:10:4a:bb:b7:
aa:6c:22:f7:8e:ad:29:11:3f:c1:b9:1f:8b:01:4b:
71:9f:fa:55:0f:26:1d:3f:3e:e6:d7:5d:c5:4a:70:
25:1e:aa:39:70:b4:99:07:88:08:04:52:82:72:40:
54:a8:33:cd:95:40:f2:e3:72:29:70:d2:b3:dd:f6:
83:d0:73:fc:9d:cb:e4:2b:8f:a8:eb:b9:1b:c5:87:
6d:81:65:55:04:68:a8:ae:48:79:d1:43:f0:db:5c:
1f:06:05:3b:13:b3:4e:f5:51:35:2c:ff:7f:2a:0b:
88:2c:08:f7:f3:21:bd:48:fd:98:3d:5a:4b:a4:45:
aa:6a:1d:a8:bc:b5:77:40:46:26:45:6e:b0:2e:41:
6d:94:17:a5:27:4a:6d:51:60:7c:d8:fe:2f:b9:08:
cd:b4:74:0e:43:e3:81:ca:23:8a:90:00:d3:53:c5:
c7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:16:0E:80:63:C4:9A:F0:A0:87:91:FB:32:FC:FE:4A:81:A4:19:7D
X509v3 Authority Key Identifier:
keyid:EE:84:70:F6:40:48:73:78:BE:9D:77:A6:ED:E4:77:43:5A:06:CA:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7oRw9kBIc3i-nXem7eR3Q1oGypk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c820f-1a78-423b-8196-5bdf5932f4f0/1/QxYOgGPEmvCgh5H7Mvz-SoGkGX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c820f-1a78-423b-8196-5bdf5932f4f0/1/7oRw9kBIc3i-nXem7eR3Q1oGypk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.96.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:bc:4b:81:20:cb:89:b8:17:fe:72:d7:26:b9:67:ac:e5:a1:
ce:ab:6e:74:82:f1:76:a8:2f:f4:d0:cf:f7:02:13:c8:bd:78:
87:ef:78:fd:d6:d0:24:40:82:da:90:21:66:d2:ca:d7:9f:1d:
b7:16:30:b7:b6:88:0a:61:fb:b8:bf:0b:32:70:19:8b:31:a6:
4c:63:2e:94:e2:4a:71:e2:75:bf:21:23:4b:82:0d:0e:84:85:
42:bb:6a:bd:f2:b3:3a:cd:d7:6f:bb:ae:4f:11:0f:c9:60:5e:
5c:72:35:f1:48:c8:3d:7c:a8:3b:76:5a:d2:55:7d:a0:e5:28:
4e:b2:12:bd:7c:81:a0:98:96:e2:47:c5:19:63:58:d7:54:fc:
4d:98:bf:e5:2f:09:67:af:be:cd:d5:59:94:bf:cb:d9:19:93:
42:0b:34:3d:c3:84:fa:2b:23:a0:88:11:dd:d1:85:7e:42:8c:
b7:69:ac:71:0b:d1:97:11:15:5b:5b:4e:b4:46:ad:50:c8:69:
2e:3b:c1:0c:0f:10:9a:d5:a0:6c:b1:ea:30:ac:c8:ef:ca:f0:
58:08:49:81:8d:dc:34:5a:48:52:89:c5:89:4c:92:5c:23:fd:
a2:14:cf:d0:16:ec:7a:a1:f6:10:58:92:1c:14:3e:c7:c4:7a:
dd:15:a8:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOb7qa0/F3tomhDSQ9xfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlODQ3MGY2NDA0ODczNzhiZTlkNzdhNmVkZTQ3NzQzNWEw
NmNhOTkwHhcNMjMwMTAyMDY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE2MGU4MDYzYzQ5YWYwYTA4NzkxZmIzMmZjZmU0YTgxYTQxOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1E0KXi/skTMgLZAaNViHtzcIe6W
KEy8hIpizw6UGAnRmxdBjiRscMh987Alh11iJuqfHAG0cVK1dTFtbQbuIzyYz0OB
AqEBhcqZ2Voy+ir30/8R9xBKu7eqbCL3jq0pET/BuR+LAUtxn/pVDyYdPz7m113F
SnAlHqo5cLSZB4gIBFKCckBUqDPNlUDy43IpcNKz3faD0HP8ncvkK4+o67kbxYdt
gWVVBGiorkh50UPw21wfBgU7E7NO9VE1LP9/KguILAj38yG9SP2YPVpLpEWqah2o
vLV3QEYmRW6wLkFtlBelJ0ptUWB82P4vuQjNtHQOQ+OByiOKkADTU8XHwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMWDoBjxJrwoIeR+zL8/kqBpBl9MB8GA1UdIwQY
MBaAFO6EcPZASHN4vp13pu3kd0NaBsqZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN29SdzlrQkljM2ktblhlbTdlUjNRMW9HeXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzgyMGYtMWE3OC00MjNiLTgxOTYt
NWJkZjU5MzJmNGYwLzEvUXhZT2dHUEVtdkNnaDVIN012ei1Tb0drR1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzgyMGYtMWE3OC00MjNiLTgxOTYtNWJkZjU5MzJmNGYw
LzEvN29SdzlrQkljM2ktblhlbTdlUjNRMW9HeXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw79gMA0G
CSqGSIb3DQEBCwUAA4IBAQDhvEuBIMuJuBf+ctcmuWes5aHOq250gvF2qC/00M/3
AhPIvXiH73j91tAkQILakCFm0srXnx23FjC3togKYfu4vwsycBmLMaZMYy6U4kpx
4nW/ISNLgg0OhIVCu2q98rM6zddvu65PEQ/JYF5ccjXxSMg9fKg7dlrSVX2g5ShO
shK9fIGgmJbiR8UZY1jXVPxNmL/lLwlnr77N1VmUv8vZGZNCCzQ9w4T6KyOgiBHd
0YV+Qoy3aaxxC9GXERVbW060Rq1QyGkuO8EMDxCa1aBsseowrMjvyvBYCEmBjdw0
WkhSicWJTJJcI/2iFM/QFux6ofYQWJIcFD7HxHrdFajT
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:49:03 2025 by rpki-client