Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qpaxXHw6CdsxQ2wzd3NCOLPGlGs.roa
File: qpaxXHw6CdsxQ2wzd3NCOLPGlGs.roa (raw, json)
Hash identifier: hJxFH9vZ+FKOP/6zKZOcfuqIjzXEfzETnfkGtTZDPOo=
Subject key identifier: AA:96:B1:5C:7C:3A:09:DB:31:43:6C:33:77:73:42:38:B3:C6:94:6B
Certificate issuer: /CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Certificate serial: 01941FFA28DDD12E1F3CDC1FB6FDA6F74786
Authority key identifier: D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qpaxXHw6CdsxQ2wzd3NCOLPGlGs.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51790
IP address blocks: 91.229.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:28:dd:d1:2e:1f:3c:dc:1f:b6:fd:a6:f7:47:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa96b15c7c3a09db31436c3377734238b3c6946b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6e:0e:6b:90:97:63:3e:d2:cb:39:3a:e1:a8:
d3:c3:21:8b:a0:c8:70:b7:2b:4f:fc:5d:93:e5:a4:
99:8d:b5:78:e4:07:83:ed:3b:b2:a0:78:5f:80:fd:
8a:9c:66:c1:47:12:cb:12:f1:69:2a:ad:3a:9a:52:
bd:1b:26:84:12:0a:89:1c:09:5d:1c:42:bb:a4:55:
2b:bb:3e:85:e0:64:5c:32:fc:49:12:f4:90:39:32:
22:de:81:d9:bd:78:8d:92:be:cf:10:55:2a:e1:c2:
9b:6d:2e:04:2a:5d:71:45:d2:6d:10:c9:62:c7:99:
fa:69:04:06:91:59:02:e8:a7:f3:4b:a1:dc:33:e4:
f2:d5:3e:5a:fd:2e:a8:2d:ae:3d:26:b3:4c:0a:e7:
c2:9b:c8:88:87:f3:ca:b5:10:62:0b:30:90:2a:fa:
af:70:74:c2:66:60:c5:5e:05:a5:3a:31:f0:10:11:
51:db:4a:ff:52:b3:b0:ef:2e:32:bc:4f:24:6c:c9:
49:5a:b0:e1:b5:42:3b:d1:ce:66:2c:25:8a:52:53:
97:97:89:ad:9b:22:53:90:6e:90:1f:63:90:7d:c6:
c8:5c:d4:ce:ec:5f:4c:30:9d:63:b3:6a:5c:ca:81:
f8:23:4b:97:73:27:6b:b9:00:a6:c0:b6:99:74:89:
37:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:96:B1:5C:7C:3A:09:DB:31:43:6C:33:77:73:42:38:B3:C6:94:6B
X509v3 Authority Key Identifier:
keyid:D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/qpaxXHw6CdsxQ2wzd3NCOLPGlGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/01Cgds5KjOb7afH9pKGUYUqUGvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.72.0/24
Signature Algorithm: sha256WithRSAEncryption
81:7d:27:64:db:82:22:de:a3:de:22:62:16:00:21:e5:92:5e:
22:96:3e:b6:40:84:7c:c9:26:d8:d2:8e:9b:78:0b:23:18:79:
f4:59:b7:fd:15:9a:34:37:1f:76:00:2d:c6:37:f5:e7:97:ee:
1b:7c:cf:76:c8:32:4a:de:94:ec:4b:9a:92:38:a3:dd:c9:41:
3c:81:d4:06:4a:2e:7a:16:d9:7d:b5:29:59:79:29:4c:65:b8:
4a:a9:62:2c:50:31:fb:19:60:d5:18:29:27:e1:4f:16:ba:74:
ae:a6:c4:94:3b:b1:1e:19:78:20:92:2f:21:9a:9d:c3:28:c6:
f7:21:7f:05:a3:23:10:0c:5d:5b:96:25:73:5e:99:3b:f2:72:
86:2b:0a:7d:0c:3e:f7:93:33:94:b2:b4:bd:89:4d:fc:88:e3:
89:1a:4b:5f:c9:7c:ef:d9:48:53:1c:8a:6f:95:40:ca:b5:74:
c9:0c:ad:4c:40:bb:47:32:53:7b:ff:44:fa:6a:45:89:96:f2:
ac:ef:cf:c6:1f:08:5a:1b:03:8f:fe:df:69:1d:61:3b:d7:ec:
06:74:fc:05:d1:4d:7d:8c:4c:a9:f7:b4:8b:4b:e6:ea:64:65:
8a:21:08:bc:26:75:24:00:d1:f4:36:6a:a3:ff:4d:41:a5:46:
4d:45:61:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ijd0S4fPNwftv2m90eGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTBhMDc2Y2U0YThjZTZmYjY5ZjFmZGE0YTE5NDYxNGE5
NDFhZmEwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTk2YjE1YzdjM2EwOWRiMzE0MzZjMzM3NzczNDIzOGIzYzY5NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq24Oa5CXYz7Syzk64ajTwyGLoMhw
tytP/F2T5aSZjbV45AeD7TuyoHhfgP2KnGbBRxLLEvFpKq06mlK9GyaEEgqJHAld
HEK7pFUruz6F4GRcMvxJEvSQOTIi3oHZvXiNkr7PEFUq4cKbbS4EKl1xRdJtEMli
x5n6aQQGkVkC6KfzS6HcM+Ty1T5a/S6oLa49JrNMCufCm8iIh/PKtRBiCzCQKvqv
cHTCZmDFXgWlOjHwEBFR20r/UrOw7y4yvE8kbMlJWrDhtUI70c5mLCWKUlOXl4mt
myJTkG6QH2OQfcbIXNTO7F9MMJ1js2pcyoH4I0uXcydruQCmwLaZdIk3bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqWsVx8OgnbMUNsM3dzQjizxpRrMB8GA1UdIwQY
MBaAFNNQoHbOSozm+2nx/aShlGFKlBr6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFDZ2RzNUtqT2I3YWZIOXBLR1VZVXFVR3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zY2FjNmItMmMyYS00YjY2LWFkZWUt
ZDUyMzI1ZGU2YjA4LzEvcXBheFhIdzZDZHN4UTJ3emQzTkNPTFBHbEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zY2FjNmItMmMyYS00YjY2LWFkZWUtZDUyMzI1ZGU2YjA4
LzEvMDFDZ2RzNUtqT2I3YWZIOXBLR1VZVXFVR3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+VIMA0G
CSqGSIb3DQEBCwUAA4IBAQCBfSdk24Ii3qPeImIWACHlkl4ilj62QIR8ySbY0o6b
eAsjGHn0Wbf9FZo0Nx92AC3GN/Xnl+4bfM92yDJK3pTsS5qSOKPdyUE8gdQGSi56
Ftl9tSlZeSlMZbhKqWIsUDH7GWDVGCkn4U8WunSupsSUO7EeGXggki8hmp3DKMb3
IX8FoyMQDF1bliVzXpk78nKGKwp9DD73kzOUsrS9iU38iOOJGktfyXzv2UhTHIpv
lUDKtXTJDK1MQLtHMlN7/0T6akWJlvKs78/GHwhaGwOP/t9pHWE71+wGdPwF0U19
jEyp97SLS+bqZGWKIQi8JnUkANH0Nmqj/01BpUZNRWEL
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:58:49 2025 by rpki-client