Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4c6d88-f828-43f9-9641-b1a9bd28651e/1/qsZrdnkoO0E25hqGWNb8Z9dNerM.roa
File: qsZrdnkoO0E25hqGWNb8Z9dNerM.roa (raw, json)
Hash identifier: hAyilmx8AWlJmwYPt85XuLAx4M2nXqrLORTF4xGEO6s=
Subject key identifier: AA:C6:6B:76:79:28:3B:41:36:E6:1A:86:58:D6:FC:67:D7:4D:7A:B3
Certificate issuer: /CN=ef9a52e37d7cacc69f8efefc7533bc0b18cb5e67
Certificate serial: 01941F8C842C8E6938F27E2B99EA5E6C70E1
Authority key identifier: EF:9A:52:E3:7D:7C:AC:C6:9F:8E:FE:FC:75:33:BC:0B:18:CB:5E:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/75pS4318rMafjv78dTO8CxjLXmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/4c6d88-f828-43f9-9641-b1a9bd28651e/1/qsZrdnkoO0E25hqGWNb8Z9dNerM.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204203
IP address blocks: 194.48.198.0/24 maxlen: 24
2a13:9540::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:84:2c:8e:69:38:f2:7e:2b:99:ea:5e:6c:70:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9a52e37d7cacc69f8efefc7533bc0b18cb5e67
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aac66b7679283b4136e61a8658d6fc67d74d7ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8b:95:6e:1b:aa:85:83:5a:ce:b5:4a:3a:4f:
12:e7:a7:19:d5:d4:34:6a:1f:ba:b4:af:a0:c0:0d:
a7:4f:14:8a:25:36:4b:6a:6f:fd:15:a6:85:ce:db:
0b:99:02:37:be:f7:0a:b1:ec:66:30:7c:92:00:52:
4e:3c:00:07:b0:f0:0c:65:7b:75:02:72:66:e4:d2:
0f:a8:26:27:bb:7d:8c:31:01:d3:3d:c3:d1:19:33:
57:bf:8c:1c:8d:18:21:cb:4d:52:f7:e0:48:69:67:
69:d3:43:b3:60:e9:1a:0c:23:ca:1e:a4:7d:d1:57:
2e:5a:82:26:3a:b1:f4:a1:a5:19:e5:eb:5f:02:9b:
9a:01:90:7a:bf:71:58:c4:7a:0f:38:bc:f7:2f:df:
21:6b:cf:ae:85:0b:9d:72:f8:2a:03:a4:6e:3e:9b:
6a:c4:5b:11:14:09:a1:ed:db:15:82:f2:30:13:0b:
86:89:73:5d:e4:73:58:56:17:ac:ec:de:77:d6:3b:
2a:b7:22:54:8f:3c:2f:59:59:c6:17:a5:d5:f3:b7:
90:7a:f4:78:b5:7e:cd:12:31:a5:fc:c8:e4:de:af:
6d:f3:4f:78:09:c9:3b:d2:76:1e:18:ea:61:37:c0:
d9:33:6a:ad:aa:13:87:00:d1:1a:a8:0d:a9:4d:ad:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C6:6B:76:79:28:3B:41:36:E6:1A:86:58:D6:FC:67:D7:4D:7A:B3
X509v3 Authority Key Identifier:
keyid:EF:9A:52:E3:7D:7C:AC:C6:9F:8E:FE:FC:75:33:BC:0B:18:CB:5E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/75pS4318rMafjv78dTO8CxjLXmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4c6d88-f828-43f9-9641-b1a9bd28651e/1/qsZrdnkoO0E25hqGWNb8Z9dNerM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4c6d88-f828-43f9-9641-b1a9bd28651e/1/75pS4318rMafjv78dTO8CxjLXmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.198.0/24
IPv6:
2a13:9540::/29
Signature Algorithm: sha256WithRSAEncryption
31:60:df:0f:11:0e:68:ba:12:e8:fd:08:7b:5a:9e:0b:1d:a4:
2a:d8:63:1f:0f:a3:b6:48:25:52:18:ad:eb:4f:ea:67:0c:2b:
cc:69:30:37:d2:96:33:f5:9e:9f:4a:15:88:61:ce:19:a4:66:
58:a0:bd:33:23:a8:15:80:db:a6:f4:29:e5:16:ed:7a:c8:e2:
e0:1f:18:1f:8c:bc:79:65:df:97:f2:98:93:ac:65:51:5c:c1:
9c:26:47:f3:d9:48:98:91:e4:12:97:dd:ad:52:a9:5b:af:3c:
b0:5d:d5:e5:c7:4b:aa:dd:6d:28:e6:58:d2:93:69:5e:c1:b9:
00:77:86:a1:5d:65:17:df:44:5e:bf:f9:01:4b:74:22:b7:b0:
98:80:d7:58:ea:33:1e:a3:00:1d:2b:4b:46:94:b1:ea:6e:eb:
8a:3c:26:9f:3f:20:00:b9:26:10:8b:6d:f3:28:13:25:2c:df:
5e:93:fc:88:19:54:10:42:42:4e:49:1d:e6:5e:f1:fa:73:af:
e8:67:94:14:ae:42:f1:ca:75:84:cd:cd:09:c2:da:00:2a:95:
18:9a:e9:16:4a:1a:df:47:38:d4:cb:39:64:f8:fd:9d:af:a6:
e2:bb:f9:05:67:6f:df:e3:4f:cb:ea:df:4f:93:99:8c:54:8f:
50:59:62:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjIQsjmk48n4rmepebHDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWE1MmUzN2Q3Y2FjYzY5ZjhlZmVmYzc1MzNiYzBiMThj
YjVlNjcwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM2NmI3Njc5MjgzYjQxMzZlNjFhODY1OGQ2ZmM2N2Q3NGQ3YWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34uVbhuqhYNazrVKOk8S56cZ1dQ0
ah+6tK+gwA2nTxSKJTZLam/9FaaFztsLmQI3vvcKsexmMHySAFJOPAAHsPAMZXt1
AnJm5NIPqCYnu32MMQHTPcPRGTNXv4wcjRghy01S9+BIaWdp00OzYOkaDCPKHqR9
0VcuWoImOrH0oaUZ5etfApuaAZB6v3FYxHoPOLz3L98ha8+uhQudcvgqA6RuPptq
xFsRFAmh7dsVgvIwEwuGiXNd5HNYVhes7N531jsqtyJUjzwvWVnGF6XV87eQevR4
tX7NEjGl/Mjk3q9t8094Cck70nYeGOphN8DZM2qtqhOHANEaqA2pTa1wXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKrGa3Z5KDtBNuYahljW/GfXTXqzMB8GA1UdIwQY
MBaAFO+aUuN9fKzGn47+/HUzvAsYy15nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzVwUzQzMThyTWFmanY3OGRUTzhDeGpMWG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80YzZkODgtZjgyOC00M2Y5LTk2NDEt
YjFhOWJkMjg2NTFlLzEvcXNacmRua29PMEUyNWhxR1dOYjhaOWROZXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80YzZkODgtZjgyOC00M2Y5LTk2NDEtYjFhOWJkMjg2NTFl
LzEvNzVwUzQzMThyTWFmanY3OGRUTzhDeGpMWG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjDGMA0E
AgACMAcDBQMqE5VAMA0GCSqGSIb3DQEBCwUAA4IBAQAxYN8PEQ5ouhLo/Qh7Wp4L
HaQq2GMfD6O2SCVSGK3rT+pnDCvMaTA30pYz9Z6fShWIYc4ZpGZYoL0zI6gVgNum
9CnlFu16yOLgHxgfjLx5Zd+X8piTrGVRXMGcJkfz2UiYkeQSl92tUqlbrzywXdXl
x0uq3W0o5ljSk2lewbkAd4ahXWUX30Rev/kBS3Qit7CYgNdY6jMeowAdK0tGlLHq
buuKPCafPyAAuSYQi23zKBMlLN9ek/yIGVQQQkJOSR3mXvH6c6/oZ5QUrkLxynWE
zc0JwtoAKpUYmukWShrfRzjUyzlk+P2dr6biu/kFZ2/f40/L6t9Pk5mMVI9QWWKL
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:34 2025 by rpki-client