Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/qd_aojRPaOqKMiZNW3iZSWq-Zug.roa
File: qd_aojRPaOqKMiZNW3iZSWq-Zug.roa (raw, json)
Hash identifier: Iydb2z6A8hY+GEZIdNxcnror4vRoJJD+unhFZp9Fwjw=
Subject key identifier: A9:DF:DA:A2:34:4F:68:EA:8A:32:26:4D:5B:78:99:49:6A:BE:66:E8
Certificate issuer: /CN=34832317d2544434b659e5692071d8e4c4938b06
Certificate serial: 0194266B40B9CD400E4B2B1212F0EE686703
Authority key identifier: 34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/qd_aojRPaOqKMiZNW3iZSWq-Zug.roa
Signing time: Thu 02 Jan 2025 09:49:10 +0000
ROA not before: Thu 02 Jan 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197893
IP address blocks: 176.28.73.0/24 maxlen: 24
176.28.74.0/24 maxlen: 24
176.28.75.0/24 maxlen: 24
176.28.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:40:b9:cd:40:0e:4b:2b:12:12:f0:ee:68:67:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34832317d2544434b659e5692071d8e4c4938b06
Validity
Not Before: Jan 2 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9dfdaa2344f68ea8a32264d5b7899496abe66e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:24:88:8a:b4:61:7d:87:f1:18:27:88:29:
aa:49:da:91:f4:3f:8b:86:07:d7:fe:1f:06:f8:9f:
03:3f:f1:e8:08:19:36:5b:39:cc:03:41:27:ac:e4:
4b:57:11:5c:e7:4f:f2:ed:1b:29:74:f1:00:55:fe:
2f:2c:b1:e1:f5:33:49:ad:d4:be:16:69:36:3b:d9:
3c:9f:86:09:69:ba:61:ff:b3:db:91:00:88:49:36:
9e:66:ee:e3:78:fd:c1:30:ad:46:f8:5c:c8:7c:de:
5c:f9:de:91:dd:7d:53:ec:dc:28:13:58:f6:76:6e:
d5:c5:57:1c:05:1c:c1:bb:49:7a:90:af:62:de:38:
de:a9:e8:72:39:25:4b:f3:12:56:49:a0:53:73:37:
38:28:fe:05:f0:8b:af:85:65:a9:e5:6f:63:2b:72:
49:55:47:26:c6:36:a3:e4:ac:c3:52:5f:ab:a7:e7:
01:4f:d8:4d:fa:a3:19:b0:64:79:bd:ba:b3:41:7b:
bd:38:55:32:62:b9:68:71:36:50:9c:1a:85:69:48:
b3:e3:f3:7c:2a:9c:99:bb:9b:32:46:d6:f9:8f:54:
9d:4b:f1:0c:36:a1:5b:ba:b7:42:6d:f4:bf:78:a2:
f0:73:3d:ac:83:51:d0:34:3e:fb:0b:2b:bb:d1:94:
fb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DF:DA:A2:34:4F:68:EA:8A:32:26:4D:5B:78:99:49:6A:BE:66:E8
X509v3 Authority Key Identifier:
keyid:34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/qd_aojRPaOqKMiZNW3iZSWq-Zug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.28.73.0-176.28.75.255
176.28.79.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:d1:6e:a0:38:ac:be:2d:b8:e7:d5:d0:64:e3:94:78:37:e9:
c8:8c:1a:ce:d5:5c:cf:7c:f6:e8:2c:6d:88:19:4b:b3:c3:60:
17:44:c1:26:21:54:62:c6:d4:a5:83:a3:7f:5b:e8:8e:81:93:
5b:44:f2:98:a8:e4:8f:5d:27:f9:89:8a:67:de:a8:fd:71:99:
f8:99:5b:9d:93:63:bf:75:99:84:ba:4c:81:d0:e5:ab:a8:aa:
02:05:00:ad:1a:ae:e9:18:97:1d:75:75:2b:a2:08:63:08:5f:
e8:86:3f:d1:80:41:cd:c8:7d:91:85:0d:c9:88:de:dd:df:85:
7c:09:13:b8:26:e5:93:f5:5e:f9:42:fe:df:23:7a:14:2d:a0:
a8:0f:09:e7:63:ef:ef:50:8c:ce:a0:a6:bc:52:bb:51:ac:7b:
db:01:c7:9c:7a:9b:aa:02:81:f2:06:db:42:c3:10:16:1d:31:
af:d8:83:b6:5c:cd:84:de:35:72:bd:00:54:c2:c1:ea:9c:a7:
22:41:38:de:4e:08:0f:be:85:90:ae:e2:dc:4e:b9:33:aa:90:
7f:21:65:4f:e3:b3:ca:a7:7a:02:09:0c:0c:09:9f:19:9d:ca:
65:a0:be:c9:8d:ba:22:64:58:04:69:4e:f6:9d:2a:e2:87:7d:
1a:72:fe:3c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQma0C5zUAOSysSEvDuaGcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODMyMzE3ZDI1NDQ0MzRiNjU5ZTU2OTIwNzFkOGU0YzQ5
MzhiMDYwHhcNMjUwMTAyMDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRmZGFhMjM0NGY2OGVhOGEzMjI2NGQ1Yjc4OTk0OTZhYmU2NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG0kiIq0YX2H8RgniCmqSdqR9D+L
hgfX/h8G+J8DP/HoCBk2WznMA0EnrORLVxFc50/y7RspdPEAVf4vLLHh9TNJrdS+
Fmk2O9k8n4YJabph/7PbkQCISTaeZu7jeP3BMK1G+FzIfN5c+d6R3X1T7NwoE1j2
dm7VxVccBRzBu0l6kK9i3jjeqehyOSVL8xJWSaBTczc4KP4F8IuvhWWp5W9jK3JJ
VUcmxjaj5KzDUl+rp+cBT9hN+qMZsGR5vbqzQXu9OFUyYrlocTZQnBqFaUiz4/N8
KpyZu5syRtb5j1SdS/EMNqFburdCbfS/eKLwcz2sg1HQND77Cyu70ZT7TQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKnf2qI0T2jqijImTVt4mUlqvmboMB8GA1UdIwQY
MBaAFDSDIxfSVEQ0tlnlaSBx2OTEk4sGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMt
MzBjNjVhZDgzMjkxLzEvcWRfYW9qUlBhT3FLTWlaTlczaVpTV3EtWnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMtMzBjNjVhZDgzMjkx
LzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACwHEkD
BAKwHEgDBACwHE8wDQYJKoZIhvcNAQELBQADggEBAN3RbqA4rL4tuOfV0GTjlHg3
6ciMGs7VXM989ugsbYgZS7PDYBdEwSYhVGLG1KWDo39b6I6Bk1tE8pio5I9dJ/mJ
imfeqP1xmfiZW52TY791mYS6TIHQ5auoqgIFAK0arukYlx11dSuiCGMIX+iGP9GA
Qc3IfZGFDcmI3t3fhXwJE7gm5ZP1XvlC/t8jehQtoKgPCedj7+9QjM6gprxSu1Gs
e9sBx5x6m6oCgfIG20LDEBYdMa/Yg7ZczYTeNXK9AFTCweqcpyJBON5OCA++hZCu
4txOuTOqkH8hZU/js8qnegIJDAwJnxmdymWgvsmNuiJkWARpTvadKuKHfRpy/jw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:31 2025 by rpki-client