Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QFrcNBTEQJ1KnhfQh4ILxApc9EE.roa
File: QFrcNBTEQJ1KnhfQh4ILxApc9EE.roa (raw, json)
Hash identifier: sbahZGGYo1yTG3sfwLkmG7AbND6enNIOGgDOkxxtixw=
Subject key identifier: 40:5A:DC:34:14:C4:40:9D:4A:9E:17:D0:87:82:0B:C4:0A:5C:F4:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824FA627F3A0A2FD6A6C7275F76267E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QFrcNBTEQJ1KnhfQh4ILxApc9EE.roa
Signing time: Thu 02 Jan 2025 17:51:39 +0000
ROA not before: Thu 02 Jan 2025 17:51:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199654
IP address blocks: 194.87.87.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:fa:62:7f:3a:0a:2f:d6:a6:c7:27:5f:76:26:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=405adc3414c4409d4a9e17d087820bc40a5cf441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:29:f8:70:ca:c9:66:e1:1e:2b:0f:bc:a1:f0:
fe:7d:db:3c:33:25:9c:91:d5:c1:c5:fa:ef:e6:e9:
d0:e9:23:91:fc:67:a9:31:85:5b:3c:02:20:19:f3:
53:e5:4c:3b:75:33:e8:63:e6:3e:cd:0d:fa:1d:a5:
33:30:49:9c:23:5b:cc:b6:0e:5b:f6:16:26:b5:98:
f6:57:d5:b1:3c:2e:a7:b8:cd:bf:e4:48:af:07:82:
42:e9:a0:bc:41:c2:8a:e5:28:c5:ed:37:66:84:21:
71:92:d0:cd:19:e5:6f:b5:93:d4:3e:c6:7a:44:35:
2d:f8:31:45:68:01:d9:66:07:ae:b8:99:15:66:5d:
c0:8b:b2:2b:a6:bb:51:3e:b2:6f:78:fc:51:e2:69:
c8:c6:c4:a7:af:38:f6:50:f6:b8:8c:00:f0:3f:45:
1e:05:06:76:1b:cc:44:1b:21:a2:eb:a6:93:7b:56:
67:c7:71:bb:0f:ff:42:97:6f:dd:d4:e2:d5:83:f2:
db:6e:d3:d2:b7:ce:4f:ea:f7:30:78:b4:91:21:e5:
1c:cc:e9:44:ad:01:94:70:a4:ad:17:7e:d0:ba:f9:
69:a0:53:1a:fb:02:70:46:29:a0:8b:19:e6:55:1b:
35:e4:91:27:db:f5:60:7c:22:4f:b6:10:26:6b:6a:
a9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5A:DC:34:14:C4:40:9D:4A:9E:17:D0:87:82:0B:C4:0A:5C:F4:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QFrcNBTEQJ1KnhfQh4ILxApc9EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.87.0/24
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d0:65:a4:82:e2:9a:d6:b1:4d:50:c8:84:b6:05:52:7a:42:
8d:e6:24:f3:07:dc:e6:52:0b:ea:f5:07:e2:4f:a0:a2:5a:4f:
f1:15:50:7c:4a:a7:38:45:5a:fa:96:a2:4f:a0:fa:6e:37:df:
ba:4d:21:09:52:64:44:03:3a:31:61:29:e4:26:99:68:02:f6:
72:23:5a:27:b7:60:00:ad:48:eb:cd:8f:5d:72:84:e2:13:22:
73:93:f8:fe:a2:ee:30:0f:91:11:62:be:18:9d:c5:46:09:a8:
15:99:ef:0f:02:af:7a:34:51:1e:e1:7f:c4:d4:17:2f:45:d3:
e6:4d:ad:7a:db:79:45:f5:7f:eb:5c:29:d6:a4:a8:1f:a5:17:
39:d2:66:01:e8:10:ab:d4:ca:45:eb:b3:60:b9:36:a7:ac:f8:
ea:06:3b:f1:86:f7:2a:b8:74:a0:34:b0:70:1c:8f:6e:30:ac:
2d:b0:be:72:fe:4a:c9:c3:72:17:76:95:8c:be:bd:f0:ff:9d:
16:86:a4:14:d8:34:fa:24:94:20:9b:bb:be:81:04:1b:e2:12:
de:57:26:63:4b:ef:57:8b:e4:f6:60:62:52:96:d2:f3:ff:ad:
75:63:00:74:45:8c:25:b3:12:01:52:4f:a7:46:12:00:a6:6e:
5a:9b:ce:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJPpifzoKL9amxydfdiZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVhZGMzNDE0YzQ0MDlkNGE5ZTE3ZDA4NzgyMGJjNDBhNWNmNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCn4cMrJZuEeKw+8ofD+fds8MyWc
kdXBxfrv5unQ6SOR/GepMYVbPAIgGfNT5Uw7dTPoY+Y+zQ36HaUzMEmcI1vMtg5b
9hYmtZj2V9WxPC6nuM2/5EivB4JC6aC8QcKK5SjF7TdmhCFxktDNGeVvtZPUPsZ6
RDUt+DFFaAHZZgeuuJkVZl3Ai7IrprtRPrJvePxR4mnIxsSnrzj2UPa4jADwP0Ue
BQZ2G8xEGyGi66aTe1Znx3G7D/9Cl2/d1OLVg/LbbtPSt85P6vcweLSRIeUczOlE
rQGUcKStF37QuvlpoFMa+wJwRimgixnmVRs15JEn2/VgfCJPthAma2qp1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEBa3DQUxECdSp4X0IeCC8QKXPRBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUUZyY05CVEVRSjFLbmhmUWg0SUx4QXBjOUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldXAwQA
wzo6MA0GCSqGSIb3DQEBCwUAA4IBAQCY0GWkguKa1rFNUMiEtgVSekKN5iTzB9zm
Ugvq9QfiT6CiWk/xFVB8Sqc4RVr6lqJPoPpuN9+6TSEJUmREAzoxYSnkJploAvZy
I1ont2AArUjrzY9dcoTiEyJzk/j+ou4wD5ERYr4YncVGCagVme8PAq96NFEe4X/E
1BcvRdPmTa1623lF9X/rXCnWpKgfpRc50mYB6BCr1MpF67NguTanrPjqBjvxhvcq
uHSgNLBwHI9uMKwtsL5y/krJw3IXdpWMvr3w/50WhqQU2DT6JJQgm7u+gQQb4hLe
VyZjS+9Xi+T2YGJSltLz/611YwB0RYwlsxIBUk+nRhIApm5am86t
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:27 2025 by rpki-client