Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0a9b77-b05f-4eff-b934-530b12c437b6/1/QDsnH1lLWJSpbAxWQkreszG5vOg.roa
File: QDsnH1lLWJSpbAxWQkreszG5vOg.roa (raw, json)
Hash identifier: NAGwIXOpm3eneteP2Qolb35JxuaUF3j8qKUH6gJh3vQ=
Subject key identifier: 40:3B:27:1F:59:4B:58:94:A9:6C:0C:56:42:4A:DE:B3:31:B9:BC:E8
Certificate issuer: /CN=70343dff00b2ae85a1de4cdb655d591cad70f5c6
Certificate serial: AD08
Authority key identifier: 70:34:3D:FF:00:B2:AE:85:A1:DE:4C:DB:65:5D:59:1C:AD:70:F5:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cDQ9_wCyroWh3kzbZV1ZHK1w9cY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0a9b77-b05f-4eff-b934-530b12c437b6/1/QDsnH1lLWJSpbAxWQkreszG5vOg.roa
Signing time: Wed 18 May 2022 13:11:00 +0000
ROA not before: Wed 18 May 2022 13:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13075
IP address blocks: 91.213.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44296 (0xad08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70343dff00b2ae85a1de4cdb655d591cad70f5c6
Validity
Not Before: May 18 13:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=403b271f594b5894a96c0c56424adeb331b9bce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:48:96:77:b5:62:c7:ab:6c:48:7f:c4:86:2e:
b2:39:f5:34:91:45:b5:1d:79:68:43:b0:52:51:95:
3b:8f:29:b0:fa:ba:e7:a1:36:e5:45:f4:a8:26:a7:
eb:2e:77:a2:82:a1:4c:80:06:39:8f:86:a1:d4:8f:
26:3f:48:e4:8d:09:5d:f5:08:54:a3:21:7f:8d:f1:
38:42:0c:57:f7:bc:f1:11:38:fc:2a:4b:c8:82:20:
47:7a:75:c2:29:d3:71:04:db:4f:ce:26:49:54:e9:
12:b7:58:a9:0e:75:a5:ec:d5:02:89:15:59:a6:2a:
05:c0:82:dd:7f:a6:a6:00:e1:b7:8c:00:bf:07:bb:
d8:0e:57:7f:06:ee:5e:ab:84:c0:4c:82:f7:26:b3:
44:68:70:35:31:89:59:c7:bf:12:23:3d:72:be:7a:
2a:4d:ec:64:29:07:e5:3b:7d:02:8e:3f:b8:72:b6:
5b:e4:12:00:2e:20:46:2a:60:17:90:f0:d9:73:bb:
a5:ac:38:3b:75:24:53:19:4a:71:e2:b7:b4:b2:bf:
db:0b:8e:a7:90:c6:4c:bf:87:02:6a:4d:f8:66:9f:
7d:ea:99:b2:be:d5:e2:49:f9:fd:2b:bf:dc:43:90:
3b:3d:25:2c:f6:4c:ef:e9:c5:22:2b:b9:66:90:3b:
3b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3B:27:1F:59:4B:58:94:A9:6C:0C:56:42:4A:DE:B3:31:B9:BC:E8
X509v3 Authority Key Identifier:
keyid:70:34:3D:FF:00:B2:AE:85:A1:DE:4C:DB:65:5D:59:1C:AD:70:F5:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cDQ9_wCyroWh3kzbZV1ZHK1w9cY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0a9b77-b05f-4eff-b934-530b12c437b6/1/QDsnH1lLWJSpbAxWQkreszG5vOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0a9b77-b05f-4eff-b934-530b12c437b6/1/cDQ9_wCyroWh3kzbZV1ZHK1w9cY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.104.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:28:73:d2:e6:46:71:a1:56:ba:7a:17:0a:62:fb:8d:bc:9a:
0b:c5:99:ed:42:a1:48:3d:2a:d0:06:53:1e:c2:d4:f1:df:57:
2c:6a:7a:59:a5:23:af:8e:4e:ef:1a:0a:35:b1:19:4a:08:68:
26:49:5d:bb:da:ce:e3:53:2c:ba:6f:a3:d8:1d:fc:1b:7f:b4:
4e:58:bd:ab:e7:e9:a1:c2:a0:05:24:99:fd:58:90:53:f9:7d:
0e:6e:fe:08:71:1b:c8:4f:64:41:91:59:4f:ef:26:b1:ca:27:
48:42:77:b0:91:d4:7b:3a:08:c3:39:57:21:2a:b4:f8:c0:01:
05:c5:9e:f6:a6:98:48:8a:f4:6f:c4:05:54:f7:57:b1:9f:7d:
7e:5a:42:fb:1f:2e:0f:80:1d:29:c6:d0:98:7a:a9:41:67:66:
f7:b6:e6:eb:bc:86:2a:94:c7:be:47:75:01:ff:e5:e1:9c:3d:
34:f0:a7:ac:2a:07:63:ca:66:4b:7a:07:63:08:94:10:4f:c3:
d2:6e:75:18:01:9f:22:3c:9f:74:4f:7f:22:9b:7d:81:8d:41:
05:7c:d7:c5:e0:26:02:70:20:5a:a2:4b:d1:fa:5b:0c:b8:f4:
66:63:2f:21:f7:f3:37:9a:c3:94:10:11:53:c7:a1:db:a1:26:
0b:3e:ae:d1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAK0IMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcw
MzQzZGZmMDBiMmFlODVhMWRlNGNkYjY1NWQ1OTFjYWQ3MGY1YzYwHhcNMjIwNTE4
MTMxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MDNiMjcxZjU5NGI1
ODk0YTk2YzBjNTY0MjRhZGViMzMxYjliY2U4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApEiWd7Vix6tsSH/Ehi6yOfU0kUW1HXloQ7BSUZU7jymw+rrn
oTblRfSoJqfrLneigqFMgAY5j4ah1I8mP0jkjQld9QhUoyF/jfE4QgxX97zxETj8
KkvIgiBHenXCKdNxBNtPziZJVOkSt1ipDnWl7NUCiRVZpioFwILdf6amAOG3jAC/
B7vYDld/Bu5eq4TATIL3JrNEaHA1MYlZx78SIz1yvnoqTexkKQflO30Cjj+4crZb
5BIALiBGKmAXkPDZc7ulrDg7dSRTGUpx4re0sr/bC46nkMZMv4cCak34Zp996pmy
vtXiSfn9K7/cQ5A7PSUs9kzv6cUiK7lmkDs7bQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEA7Jx9ZS1iUqWwMVkJK3rMxubzoMB8GA1UdIwQYMBaAFHA0Pf8Asq6Fod5M
22VdWRytcPXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Y0RROV93Q3lyb1doM2t6YlpWMVpISzF3OWNZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mOC8wYTliNzctYjA1Zi00ZWZmLWI5MzQtNTMwYjEyYzQzN2I2LzEv
UURzbkgxbExXSlNwYkF4V1FrcmVzekc1dk9nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8w
YTliNzctYjA1Zi00ZWZmLWI5MzQtNTMwYjEyYzQzN2I2LzEvY0RROV93Q3lyb1do
M2t6YlpWMVpISzF3OWNZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VoMA0GCSqGSIb3DQEBCwUAA4IB
AQAuKHPS5kZxoVa6ehcKYvuNvJoLxZntQqFIPSrQBlMewtTx31csanpZpSOvjk7v
Ggo1sRlKCGgmSV272s7jUyy6b6PYHfwbf7ROWL2r5+mhwqAFJJn9WJBT+X0Obv4I
cRvIT2RBkVlP7yaxyidIQnewkdR7OgjDOVchKrT4wAEFxZ72pphIivRvxAVU91ex
n31+WkL7Hy4PgB0pxtCYeqlBZ2b3tubrvIYqlMe+R3UB/+XhnD008KesKgdjymZL
egdjCJQQT8PSbnUYAZ8iPJ90T38im32BjUEFfNfF4CYCcCBaokvR+lsMuPRmYy8h
9/M3msOUEBFTx6HboSYLPq7R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:19 2025 by rpki-client