Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/qmdW7QDQZDPCWqHqKcF3JA5rms0.roa
File: qmdW7QDQZDPCWqHqKcF3JA5rms0.roa (raw, json)
Hash identifier: ctHCP/FM4qoA2M0yYjlwR9ihsYeU5a4WMdFfP2zXVeY=
Subject key identifier: AA:67:56:ED:00:D0:64:33:C2:5A:A1:EA:29:C1:77:24:0E:6B:9A:CD
Certificate issuer: /CN=437d280cb4eae8156a77dfe7a3ffc5fd4b4dbfaa
Certificate serial: 01942445619E49F98C6B39862662141512CC
Authority key identifier: 43:7D:28:0C:B4:EA:E8:15:6A:77:DF:E7:A3:FF:C5:FD:4B:4D:BF:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q30oDLTq6BVqd9_no__F_UtNv6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/qmdW7QDQZDPCWqHqKcF3JA5rms0.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200645
IP address blocks: 193.104.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:61:9e:49:f9:8c:6b:39:86:26:62:14:15:12:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437d280cb4eae8156a77dfe7a3ffc5fd4b4dbfaa
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa6756ed00d06433c25aa1ea29c177240e6b9acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ca:53:a5:46:b1:e8:31:98:58:c5:37:c3:2a:
ad:86:6e:87:76:ef:95:82:fb:4b:01:b2:65:5c:3d:
24:db:a1:cf:2a:17:35:c7:e9:ac:ea:b4:e2:df:00:
65:d0:ce:90:93:7f:df:a1:64:cb:21:b8:68:82:d5:
f2:1d:92:18:59:56:e1:1e:f7:fd:86:9a:c9:f0:49:
0f:81:e3:21:2d:b4:3a:ce:50:52:66:69:0c:c2:ea:
03:09:54:ed:6c:90:8a:c6:ad:35:a5:cc:69:31:91:
f4:f9:74:5a:25:60:e7:2b:15:80:e8:18:46:42:15:
d3:c5:63:9c:fd:2a:e8:04:3b:60:06:ac:c4:4c:88:
47:23:0b:48:0c:67:2e:0a:d8:10:c8:0d:9f:ba:78:
b9:77:76:e0:7a:63:af:f5:90:f2:00:b4:12:19:2f:
02:78:60:aa:53:80:bd:38:e6:d5:74:94:e4:e5:f9:
13:d1:22:7b:e0:d4:d1:6e:70:50:4a:1f:84:50:c4:
a3:7f:cc:55:9a:eb:5c:49:fa:dd:5c:94:c7:4c:61:
e6:6f:59:e9:b0:12:56:b6:0a:d1:e4:e3:0f:35:a2:
6f:18:8d:74:bf:8f:48:72:fd:78:d1:cb:99:f0:fd:
13:8c:6f:90:b4:2e:11:1f:9f:8b:34:fe:60:ca:4d:
dc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:67:56:ED:00:D0:64:33:C2:5A:A1:EA:29:C1:77:24:0E:6B:9A:CD
X509v3 Authority Key Identifier:
keyid:43:7D:28:0C:B4:EA:E8:15:6A:77:DF:E7:A3:FF:C5:FD:4B:4D:BF:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q30oDLTq6BVqd9_no__F_UtNv6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/qmdW7QDQZDPCWqHqKcF3JA5rms0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/Q30oDLTq6BVqd9_no__F_UtNv6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.29.0/24
Signature Algorithm: sha256WithRSAEncryption
69:55:9d:23:ad:d5:6b:df:a4:90:15:01:ee:6d:2a:54:15:80:
73:ed:a0:84:10:56:30:17:a9:c2:f9:86:c9:c0:95:a3:54:2e:
38:23:41:46:05:c4:eb:86:04:77:51:69:47:c8:bd:48:bb:43:
b0:2c:98:ff:03:98:cb:be:e4:35:f0:44:39:c9:26:ad:3f:09:
26:a2:19:72:43:ac:9a:af:b6:e5:16:45:cf:e7:82:d9:ce:91:
52:44:cc:20:32:fe:55:69:c7:8c:6a:42:7c:7a:7d:a0:1d:97:
b1:ac:63:78:b9:76:c1:c0:19:3a:f2:bd:6c:e4:ab:9f:22:59:
5d:b5:5c:5a:7a:55:30:a0:2c:90:59:b1:f7:cc:7a:22:f9:1c:
dd:83:d9:cb:bb:5a:51:bc:27:90:80:34:9a:15:85:ac:90:6f:
16:eb:bf:c8:f3:fc:51:16:3c:ac:0d:24:38:ef:80:10:d0:0a:
2b:88:ff:dd:fc:6f:05:cc:95:fc:08:ed:ae:5a:d7:68:87:1f:
c5:4b:a0:a8:11:32:70:dc:49:bc:9c:85:c2:ad:f6:33:6e:8a:
5b:fe:9f:df:8b:83:13:b7:59:9b:52:6d:ec:6b:6b:71:d5:97:
a5:b4:93:01:be:7a:89:b4:46:d1:82:19:c2:b2:72:4e:df:44:
f8:71:ee:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWGeSfmMazmGJmIUFRLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2QyODBjYjRlYWU4MTU2YTc3ZGZlN2EzZmZjNWZkNGI0
ZGJmYWEwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY3NTZlZDAwZDA2NDMzYzI1YWExZWEyOWMxNzcyNDBlNmI5YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcpTpUax6DGYWMU3wyqthm6Hdu+V
gvtLAbJlXD0k26HPKhc1x+ms6rTi3wBl0M6Qk3/foWTLIbhogtXyHZIYWVbhHvf9
hprJ8EkPgeMhLbQ6zlBSZmkMwuoDCVTtbJCKxq01pcxpMZH0+XRaJWDnKxWA6BhG
QhXTxWOc/SroBDtgBqzETIhHIwtIDGcuCtgQyA2funi5d3bgemOv9ZDyALQSGS8C
eGCqU4C9OObVdJTk5fkT0SJ74NTRbnBQSh+EUMSjf8xVmutcSfrdXJTHTGHmb1np
sBJWtgrR5OMPNaJvGI10v49Icv140cuZ8P0TjG+QtC4RH5+LNP5gyk3c+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpnVu0A0GQzwlqh6inBdyQOa5rNMB8GA1UdIwQY
MBaAFEN9KAy06ugVanff56P/xf1LTb+qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTMwb0RMVHE2QlZxZDlfbm9fX0ZfVXROdjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80YjkzNTMtYjcwZC00MDhiLWE4Yjct
ZWM1MGRhYWQ4MmY3LzEvcW1kVzdRRFFaRFBDV3FIcUtjRjNKQTVybXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80YjkzNTMtYjcwZC00MDhiLWE4YjctZWM1MGRhYWQ4MmY3
LzEvUTMwb0RMVHE2QlZxZDlfbm9fX0ZfVXROdjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWgdMA0G
CSqGSIb3DQEBCwUAA4IBAQBpVZ0jrdVr36SQFQHubSpUFYBz7aCEEFYwF6nC+YbJ
wJWjVC44I0FGBcTrhgR3UWlHyL1Iu0OwLJj/A5jLvuQ18EQ5ySatPwkmohlyQ6ya
r7blFkXP54LZzpFSRMwgMv5VaceMakJ8en2gHZexrGN4uXbBwBk68r1s5KufIlld
tVxaelUwoCyQWbH3zHoi+Rzdg9nLu1pRvCeQgDSaFYWskG8W67/I8/xRFjysDSQ4
74AQ0AoriP/d/G8FzJX8CO2uWtdohx/FS6CoETJw3Em8nIXCrfYzbopb/p/fi4MT
t1mbUm3sa2tx1ZeltJMBvnqJtEbRghnCsnJO30T4ce7y
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:14 2025 by rpki-client