Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/a3rqfPfqZxHF_NahNNUvEq5fk5g.roa
File: a3rqfPfqZxHF_NahNNUvEq5fk5g.roa (raw, json)
Hash identifier: I+M1Q116pruNGKV2ARftKr/KQ/3izABmgVobB9drMwo=
Subject key identifier: 6B:7A:EA:7C:F7:EA:67:11:C5:FC:D6:A1:34:D5:2F:12:AE:5F:93:98
Certificate issuer: /CN=40d4e33be71d339f3bc0cc6dae65e8792ff4d5dc
Certificate serial: 019423D6EF7566B850258840D05AF75DA827
Authority key identifier: 40:D4:E3:3B:E7:1D:33:9F:3B:C0:CC:6D:AE:65:E8:79:2F:F4:D5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNTjO-cdM587wMxtrmXoeS_01dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/a3rqfPfqZxHF_NahNNUvEq5fk5g.roa
Signing time: Wed 01 Jan 2025 21:47:56 +0000
ROA not before: Wed 01 Jan 2025 21:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196621
IP address blocks: 193.5.68.0/23 maxlen: 23
2001:67c:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ef:75:66:b8:50:25:88:40:d0:5a:f7:5d:a8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d4e33be71d339f3bc0cc6dae65e8792ff4d5dc
Validity
Not Before: Jan 1 21:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b7aea7cf7ea6711c5fcd6a134d52f12ae5f9398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:75:76:a8:81:0a:d0:d4:96:93:14:3c:fd:03:
5e:17:c3:68:4e:e6:e1:45:75:1f:fd:17:24:2b:8b:
14:9a:05:1e:03:ce:43:2f:41:5a:97:be:3d:c1:c6:
f1:a1:d5:e6:5f:b2:07:5f:9b:9f:26:0a:ae:15:8f:
01:83:8c:61:ee:d3:cd:86:44:07:e1:52:fb:80:bb:
a1:fb:f6:6c:db:d3:b7:71:72:27:00:42:75:45:e7:
1e:67:53:15:00:82:91:3d:61:65:f5:6d:84:10:16:
fd:71:2e:53:45:5d:44:fb:e1:67:0b:e5:7c:fe:1e:
0a:79:c9:1a:14:3a:b4:51:2f:20:3c:83:f0:fb:3e:
76:80:0c:a0:e6:23:fd:b7:93:14:f7:7b:d2:85:e1:
44:07:e0:98:16:fd:35:f1:2b:4e:75:60:07:6a:5f:
90:ba:1b:33:3f:b0:c0:29:90:99:6f:12:52:1b:14:
71:84:b2:27:0a:6d:64:19:b6:80:0d:67:6a:9b:5e:
d6:bf:26:84:77:e6:37:49:61:7e:a2:1c:3f:58:51:
7f:b6:6b:3a:cf:7c:d2:22:02:1a:e7:12:b4:c6:f1:
e5:8f:ed:af:04:17:34:2c:6c:0c:40:56:2e:30:20:
a4:72:d2:1f:e1:d2:be:5a:cf:7c:93:b2:23:88:00:
18:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7A:EA:7C:F7:EA:67:11:C5:FC:D6:A1:34:D5:2F:12:AE:5F:93:98
X509v3 Authority Key Identifier:
keyid:40:D4:E3:3B:E7:1D:33:9F:3B:C0:CC:6D:AE:65:E8:79:2F:F4:D5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNTjO-cdM587wMxtrmXoeS_01dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/a3rqfPfqZxHF_NahNNUvEq5fk5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/QNTjO-cdM587wMxtrmXoeS_01dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.68.0/23
IPv6:
2001:67c:8::/48
Signature Algorithm: sha256WithRSAEncryption
3c:dd:5f:de:30:f8:cd:8e:7d:99:b3:28:1a:4b:00:20:c0:af:
59:14:1d:43:67:88:0a:3d:c2:02:d9:f8:8c:fe:3e:57:79:61:
b5:4b:28:61:4e:0d:37:8e:ba:57:22:e1:7c:07:1c:59:4c:b9:
95:85:03:55:76:52:51:ca:90:6e:7a:c2:49:f3:c2:26:31:37:
c0:da:e8:8b:38:57:d4:37:5d:65:f8:c2:32:6c:a2:5b:e2:99:
a5:c3:5a:02:ee:8b:da:6d:2d:c1:ac:e9:ab:1e:03:19:50:77:
9c:27:85:66:12:a6:f6:e1:6e:bd:fa:6b:27:5b:1a:c4:58:57:
34:47:29:35:e9:45:9a:c8:04:db:e4:bd:57:50:e8:5e:80:fc:
87:00:86:dd:2c:d0:3c:d3:95:62:ef:e4:a0:b2:14:eb:11:a4:
7d:08:31:4f:8f:08:66:49:1d:96:7b:7f:0a:ff:6c:87:47:52:
00:53:37:fa:cd:79:6f:99:7a:0e:55:2e:9c:b4:e1:9a:ad:b8:
35:81:08:60:8d:42:9e:2e:51:97:97:92:c2:6d:67:6a:f0:30:
c2:57:a7:f9:5f:25:24:14:a9:77:ea:41:03:83:11:15:5c:19:
ff:52:5f:8a:f6:34:a3:36:7a:b9:4d:6c:c9:83:ab:ee:bc:fb:
d0:b6:8e:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1u91ZrhQJYhA0Fr3XagnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDRlMzNiZTcxZDMzOWYzYmMwY2M2ZGFlNjVlODc5MmZm
NGQ1ZGMwHhcNMjUwMTAxMjE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdhZWE3Y2Y3ZWE2NzExYzVmY2Q2YTEzNGQ1MmYxMmFlNWY5Mzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXV2qIEK0NSWkxQ8/QNeF8NoTubh
RXUf/RckK4sUmgUeA85DL0Fal749wcbxodXmX7IHX5ufJgquFY8Bg4xh7tPNhkQH
4VL7gLuh+/Zs29O3cXInAEJ1ReceZ1MVAIKRPWFl9W2EEBb9cS5TRV1E++FnC+V8
/h4KeckaFDq0US8gPIPw+z52gAyg5iP9t5MU93vSheFEB+CYFv018StOdWAHal+Q
uhszP7DAKZCZbxJSGxRxhLInCm1kGbaADWdqm17WvyaEd+Y3SWF+ohw/WFF/tms6
z3zSIgIa5xK0xvHlj+2vBBc0LGwMQFYuMCCkctIf4dK+Ws98k7IjiAAY9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGt66nz36mcRxfzWoTTVLxKuX5OYMB8GA1UdIwQY
MBaAFEDU4zvnHTOfO8DMba5l6Hkv9NXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5Uak8tY2RNNTg3d014dHJtWG9lU18wMWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hYzY5ZDItOTI5OS00OWIwLTkxYzgt
MDIzM2I3YjI2ZDVkLzEvYTNycWZQZnFaeEhGX05haE5OVXZFcTVmazVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hYzY5ZDItOTI5OS00OWIwLTkxYzgtMDIzM2I3YjI2ZDVk
LzEvUU5Uak8tY2RNNTg3d014dHJtWG9lU18wMWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwQVEMA8E
AgACMAkDBwAgAQZ8AAgwDQYJKoZIhvcNAQELBQADggEBADzdX94w+M2OfZmzKBpL
ACDAr1kUHUNniAo9wgLZ+Iz+Pld5YbVLKGFODTeOulci4XwHHFlMuZWFA1V2UlHK
kG56wknzwiYxN8Da6Is4V9Q3XWX4wjJsolvimaXDWgLui9ptLcGs6aseAxlQd5wn
hWYSpvbhbr36aydbGsRYVzRHKTXpRZrIBNvkvVdQ6F6A/IcAht0s0DzTlWLv5KCy
FOsRpH0IMU+PCGZJHZZ7fwr/bIdHUgBTN/rNeW+Zeg5VLpy04ZqtuDWBCGCNQp4u
UZeXksJtZ2rwMMJXp/lfJSQUqXfqQQODERVcGf9SX4r2NKM2erlNbMmDq+68+9C2
jhw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:01:34 2025 by rpki-client