Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/qVZvmvoLKS31NPSfpMQJyaGRrqk.roa
File: qVZvmvoLKS31NPSfpMQJyaGRrqk.roa (raw, json)
Hash identifier: SULs7/ySz/dcjuHf4saElB1X8gAKzCb6LN3XcIMxsQM=
Subject key identifier: A9:56:6F:9A:FA:0B:29:2D:F5:34:F4:9F:A4:C4:09:C9:A1:91:AE:A9
Certificate issuer: /CN=2829eb664506b86bfa1f702f6b1ffb484cc2cb12
Certificate serial: 019424B3D53588516D7F329CECC9485B644B
Authority key identifier: 28:29:EB:66:45:06:B8:6B:FA:1F:70:2F:6B:1F:FB:48:4C:C2:CB:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCnrZkUGuGv6H3Avax_7SEzCyxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/qVZvmvoLKS31NPSfpMQJyaGRrqk.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42065
IP address blocks: 194.110.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d5:35:88:51:6d:7f:32:9c:ec:c9:48:5b:64:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2829eb664506b86bfa1f702f6b1ffb484cc2cb12
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9566f9afa0b292df534f49fa4c409c9a191aea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:87:05:4b:de:37:ab:33:17:ce:9a:78:42:8d:
dc:ce:0b:2d:6d:81:a4:3b:d0:9b:80:f2:ac:6b:6c:
22:1a:77:e3:89:53:1f:dd:e3:52:00:dd:ba:aa:f5:
12:6d:c7:ab:a4:cb:2c:ef:59:0f:45:2b:b1:4d:c1:
2c:cb:3a:90:9b:48:c2:87:f3:b0:d8:32:dc:70:f2:
8d:8b:02:9b:98:ef:24:ce:1e:c7:64:ac:74:52:ad:
10:24:a2:9c:e7:5b:a1:74:50:2a:72:f2:70:c1:87:
1e:06:52:81:2d:c1:35:3c:d9:7b:96:3c:27:7c:f6:
c6:33:07:65:e1:79:90:8e:85:15:2b:b5:ee:0b:98:
15:6d:fe:f2:d9:3d:1f:02:14:28:27:07:ce:38:c7:
d3:38:d4:11:a0:04:65:61:d9:ba:c3:35:d1:58:6f:
4b:97:4e:11:ab:89:ff:4b:95:88:ac:d9:69:55:dc:
04:4f:d8:8f:2a:30:17:5c:75:1d:3b:fb:c4:d8:6f:
41:25:87:9e:ee:a4:8f:0f:2c:2a:29:eb:61:88:b3:
33:11:8d:5c:ea:02:56:f2:67:31:3a:d6:c3:f9:ae:
ce:c1:99:43:d5:11:49:a7:f6:88:65:9a:07:1b:61:
ca:b8:36:9f:2e:de:e8:bb:6a:68:4c:b8:cd:27:58:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:56:6F:9A:FA:0B:29:2D:F5:34:F4:9F:A4:C4:09:C9:A1:91:AE:A9
X509v3 Authority Key Identifier:
keyid:28:29:EB:66:45:06:B8:6B:FA:1F:70:2F:6B:1F:FB:48:4C:C2:CB:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCnrZkUGuGv6H3Avax_7SEzCyxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/qVZvmvoLKS31NPSfpMQJyaGRrqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/KCnrZkUGuGv6H3Avax_7SEzCyxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.66.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:63:0b:43:e5:56:b4:bc:f7:d9:c9:e0:82:fd:ef:47:86:5c:
fc:a3:45:2b:63:84:9a:02:b5:09:2e:78:63:73:18:17:1b:ec:
89:f4:d3:f8:97:c3:03:c5:9d:c8:e4:ee:f6:d0:39:70:9b:3b:
12:9d:f6:53:fb:30:b4:dd:a1:f4:24:a9:5d:8d:06:2a:b7:47:
cc:55:6f:6f:a8:2e:55:05:6a:be:28:0f:90:66:39:3f:ec:41:
13:70:18:f4:08:6c:9d:31:2a:c2:b4:1d:9a:7a:86:73:03:d7:
cb:44:ed:94:17:ee:ff:33:7b:ec:50:e3:92:4c:79:cd:ff:bd:
19:4d:ea:bf:48:4e:b2:fe:7c:44:40:c9:52:f4:0b:11:e2:e8:
93:f8:4f:82:7e:b2:bb:71:be:d8:a9:3d:e0:9c:1e:72:bc:ea:
9d:ab:18:f4:bd:93:1a:8c:70:2c:5d:d6:f4:12:eb:f1:a0:ae:
02:f3:cb:a2:5d:c5:75:81:43:fb:d9:af:ab:64:27:48:73:eb:
55:a0:b4:c8:96:26:e1:a8:75:eb:d2:5c:b1:87:dd:dd:06:bf:
a4:38:aa:56:f2:52:09:77:5b:38:f1:35:8a:3f:ad:c6:6d:21:
61:c7:0d:c7:92:47:1b:c9:07:1a:2d:1a:11:4f:12:15:46:c1:
ca:f7:06:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9U1iFFtfzKc7MlIW2RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjllYjY2NDUwNmI4NmJmYTFmNzAyZjZiMWZmYjQ4NGNj
MmNiMTIwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTU2NmY5YWZhMGIyOTJkZjUzNGY0OWZhNGM0MDljOWExOTFhZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4cFS943qzMXzpp4Qo3czgstbYGk
O9CbgPKsa2wiGnfjiVMf3eNSAN26qvUSbcerpMss71kPRSuxTcEsyzqQm0jCh/Ow
2DLccPKNiwKbmO8kzh7HZKx0Uq0QJKKc51uhdFAqcvJwwYceBlKBLcE1PNl7ljwn
fPbGMwdl4XmQjoUVK7XuC5gVbf7y2T0fAhQoJwfOOMfTONQRoARlYdm6wzXRWG9L
l04Rq4n/S5WIrNlpVdwET9iPKjAXXHUdO/vE2G9BJYee7qSPDywqKethiLMzEY1c
6gJW8mcxOtbD+a7OwZlD1RFJp/aIZZoHG2HKuDafLt7ou2poTLjNJ1ikfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlWb5r6Cykt9TT0n6TECcmhka6pMB8GA1UdIwQY
MBaAFCgp62ZFBrhr+h9wL2sf+0hMwssSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NuclprVUd1R3Y2SDNBdmF4XzdTRXpDeXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lMDliMjQtOGFhOC00MGU2LTg0MmMt
MmY5ZWM1MzhjYzFkLzEvcVZadm12b0xLUzMxTlBTZnBNUUp5YUdScnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lMDliMjQtOGFhOC00MGU2LTg0MmMtMmY5ZWM1MzhjYzFk
LzEvS0NuclprVUd1R3Y2SDNBdmF4XzdTRXpDeXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm5CMA0G
CSqGSIb3DQEBCwUAA4IBAQBNYwtD5Va0vPfZyeCC/e9Hhlz8o0UrY4SaArUJLnhj
cxgXG+yJ9NP4l8MDxZ3I5O720DlwmzsSnfZT+zC03aH0JKldjQYqt0fMVW9vqC5V
BWq+KA+QZjk/7EETcBj0CGydMSrCtB2aeoZzA9fLRO2UF+7/M3vsUOOSTHnN/70Z
Teq/SE6y/nxEQMlS9AsR4uiT+E+CfrK7cb7YqT3gnB5yvOqdqxj0vZMajHAsXdb0
EuvxoK4C88uiXcV1gUP72a+rZCdIc+tVoLTIlibhqHXr0lyxh93dBr+kOKpW8lIJ
d1s48TWKP63GbSFhxw3HkkcbyQcaLRoRTxIVRsHK9wZQ
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:32:57 2025 by rpki-client