Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Qa0r2W8a8KN_jICPIQOvZSrBu3Y.roa
File: Qa0r2W8a8KN_jICPIQOvZSrBu3Y.roa (raw, json)
Hash identifier: FSgc+CrmfovMmcwGeQdNFFiw8rAE/8jUW+m6h1v9abA=
Subject key identifier: 41:AD:2B:D9:6F:1A:F0:A3:7F:8C:80:8F:21:03:AF:65:2A:C1:BB:76
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018DBDB91CB4F053E1E95475F1E4B1E2FDC1
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Qa0r2W8a8KN_jICPIQOvZSrBu3Y.roa
Signing time: Sun 18 Feb 2024 19:37:21 +0000
ROA not before: Sun 18 Feb 2024 19:37:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 194.135.26.0/23 maxlen: 24
213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bd:b9:1c:b4:f0:53:e1:e9:54:75:f1:e4:b1:e2:fd:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 18 19:37:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41ad2bd96f1af0a37f8c808f2103af652ac1bb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:52:08:4b:ab:68:91:88:62:a6:c1:86:83:
ad:f5:7b:83:19:b9:2c:c3:17:56:d8:10:72:16:98:
a8:ac:a5:08:2d:24:40:31:80:7d:f1:38:a7:af:a6:
9e:70:27:39:72:e4:74:61:aa:17:ec:e5:3d:03:c1:
54:10:a5:99:61:69:91:5c:34:4e:f4:32:69:60:7f:
92:02:16:73:37:ec:37:38:8a:f6:2e:0c:82:1f:7f:
22:75:b7:54:c5:6e:24:bd:22:b0:18:8a:ca:85:8e:
2d:18:4e:f1:47:15:8b:06:f4:e8:53:93:cd:1f:23:
cd:8b:02:7d:f7:cb:7a:d9:d4:f2:4b:c7:92:06:00:
cc:ba:e3:61:fa:34:54:1d:96:48:cf:0f:ef:d3:9d:
0f:8e:37:d1:31:18:6d:5f:9e:a9:b6:7e:82:84:1e:
ce:5e:0d:bb:48:09:f4:d2:3d:9a:63:55:21:68:93:
d2:82:89:18:eb:49:42:ad:78:a7:c0:ca:fb:96:2a:
56:26:c7:3c:1b:e2:7d:93:26:c1:6f:2b:e8:84:f7:
38:49:68:da:4d:2c:22:15:23:c2:33:76:52:91:21:
4f:a0:00:ad:0f:8a:72:a7:22:57:8a:2e:e4:a1:54:
76:5e:81:fa:27:8a:d5:99:25:3b:02:04:e4:0a:ef:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AD:2B:D9:6F:1A:F0:A3:7F:8C:80:8F:21:03:AF:65:2A:C1:BB:76
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Qa0r2W8a8KN_jICPIQOvZSrBu3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.26.0/23
213.159.10.0-213.159.13.255
Signature Algorithm: sha256WithRSAEncryption
77:fc:4f:3e:0b:0d:89:45:7e:d5:ff:74:2e:0a:f0:20:9e:bd:
23:ac:b6:3c:3f:9e:19:6a:9b:10:af:8a:60:d1:23:c2:79:71:
72:23:8f:5c:cd:da:ee:05:36:32:45:00:38:b6:b3:99:b6:43:
c2:94:27:61:ef:65:8c:5c:54:d1:58:f6:89:5f:89:36:23:23:
45:b6:5a:f1:d7:cc:43:71:17:6f:b0:ec:29:1b:25:5b:de:9f:
c4:28:af:5d:a3:b5:2e:08:56:20:05:5e:a8:c9:5b:d5:a4:f7:
d4:57:b7:8f:3c:48:ba:09:cd:c9:f0:18:5f:2f:5e:4b:ca:41:
42:66:80:3d:9e:15:5f:51:69:70:3f:66:4e:72:2a:c5:c3:d2:
83:74:a0:93:8d:09:b0:ad:f9:66:0f:ab:a2:e9:28:0d:8d:3d:
57:90:50:20:4b:cf:b6:d0:a6:de:6c:b4:6e:9d:fd:39:37:6c:
b3:28:4d:20:f4:61:15:bc:6e:c5:a3:d4:60:d7:9d:40:81:89:
c1:b1:5e:2f:b6:24:90:ae:d8:7d:e1:f1:93:b3:ac:a1:57:b2:
bb:95:47:bb:5a:90:4f:70:41:8b:e8:4f:f9:dd:8a:a2:9b:a8:
5b:89:eb:f1:e3:99:47:d6:cc:d8:9c:dc:c8:cf:3d:bc:f8:66:
74:89:ea:3a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY29uRy08FPh6VR18eSx4v3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjE4MTkzNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFkMmJkOTZmMWFmMGEzN2Y4YzgwOGYyMTAzYWY2NTJhYzFiYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxtSCEuraJGIYqbBhoOt9XuDGbks
wxdW2BByFpiorKUILSRAMYB98Tinr6aecCc5cuR0YaoX7OU9A8FUEKWZYWmRXDRO
9DJpYH+SAhZzN+w3OIr2LgyCH38idbdUxW4kvSKwGIrKhY4tGE7xRxWLBvToU5PN
HyPNiwJ998t62dTyS8eSBgDMuuNh+jRUHZZIzw/v050PjjfRMRhtX56ptn6ChB7O
Xg27SAn00j2aY1UhaJPSgokY60lCrXinwMr7lipWJsc8G+J9kybBbyvohPc4SWja
TSwiFSPCM3ZSkSFPoACtD4pypyJXii7koVR2XoH6J4rVmSU7AgTkCu+9cwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEGtK9lvGvCjf4yAjyEDr2Uqwbt2MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUWEwcjJXOGE4S05faklDUElRT3ZaU3JCdTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwocaMAwD
BAHVnwoDBAHVnwwwDQYJKoZIhvcNAQELBQADggEBAHf8Tz4LDYlFftX/dC4K8CCe
vSOstjw/nhlqmxCvimDRI8J5cXIjj1zN2u4FNjJFADi2s5m2Q8KUJ2HvZYxcVNFY
9olfiTYjI0W2WvHXzENxF2+w7CkbJVven8Qor12jtS4IViAFXqjJW9Wk99RXt488
SLoJzcnwGF8vXkvKQUJmgD2eFV9RaXA/Zk5yKsXD0oN0oJONCbCt+WYPq6LpKA2N
PVeQUCBLz7bQpt5stG6d/Tk3bLMoTSD0YRW8bsWj1GDXnUCBicGxXi+2JJCu2H3h
8ZOzrKFXsruVR7takE9wQYvoT/ndiqKbqFuJ6/HjmUfWzNic3MjPPbz4ZnSJ6jo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:36 2025 by rpki-client