Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/qOLNGNRyGrNXwDtUb1Nnss6ejZA.roa
File: qOLNGNRyGrNXwDtUb1Nnss6ejZA.roa (raw, json)
Hash identifier: QTajoDC346WYrSbnlkADnzaxaVDnFT9Xm/bmwQZTFeI=
Subject key identifier: A8:E2:CD:18:D4:72:1A:B3:57:C0:3B:54:6F:53:67:B2:CE:9E:8D:90
Certificate issuer: /CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Certificate serial: 0194244493407B987D2E2EB819DAA795F7A0
Authority key identifier: B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/qOLNGNRyGrNXwDtUb1Nnss6ejZA.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34516
IP address blocks: 193.239.214.0/23 maxlen: 23
2001:678:3c8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:93:40:7b:98:7d:2e:2e:b8:19:da:a7:95:f7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8e2cd18d4721ab357c03b546f5367b2ce9e8d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b8:5b:cb:b5:71:93:ce:ab:f9:1e:2e:62:e1:
ad:4c:b6:ac:1b:72:a0:cf:69:98:4a:fc:3d:23:79:
83:b1:a7:6d:10:b5:ee:05:36:a9:d4:08:f1:a7:3b:
04:d9:5e:20:3c:c4:45:8e:d0:ab:1a:8d:2d:1e:d3:
85:cc:37:09:a5:0b:f2:f9:93:aa:d5:e5:4a:32:13:
d5:08:0f:84:cd:df:7c:67:22:19:35:01:ef:cf:4f:
28:ab:83:89:e0:28:e1:c4:15:25:71:53:56:a3:54:
18:ad:d6:6b:68:60:f5:37:c7:54:52:ea:c8:63:4c:
3d:30:e5:8a:31:fa:91:02:be:10:83:d5:b5:9a:d6:
fc:6c:a6:85:78:81:32:c9:d6:bf:05:19:f1:a0:d7:
37:a7:48:84:63:96:79:20:ac:67:ba:d3:b3:ff:81:
ed:ec:e8:17:f6:3c:fb:a1:58:4a:9e:36:cf:c0:70:
d8:be:26:a9:3d:5a:2c:bc:40:eb:17:00:c2:e0:cc:
24:0b:9c:3f:93:6e:70:cb:72:29:53:48:53:39:e1:
ca:7a:32:31:8b:3b:d3:75:1e:54:16:b4:c2:62:bd:
b9:85:46:e4:83:ee:a3:8a:04:62:41:2a:ab:e0:b5:
cd:5b:d6:c1:69:64:a4:d4:ca:51:2d:de:f3:6d:d7:
74:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E2:CD:18:D4:72:1A:B3:57:C0:3B:54:6F:53:67:B2:CE:9E:8D:90
X509v3 Authority Key Identifier:
keyid:B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/qOLNGNRyGrNXwDtUb1Nnss6ejZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/uTp0QF6_eyUcz7unwrIOwV-djkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.214.0/23
IPv6:
2001:678:3c8::/48
Signature Algorithm: sha256WithRSAEncryption
1d:71:e7:5c:b5:56:0d:bd:26:28:83:48:6b:f1:6b:c3:2b:64:
58:7f:64:62:60:1a:d1:f1:eb:04:79:61:a5:51:64:02:c2:ac:
71:16:14:1b:91:21:08:f5:46:77:dc:45:19:68:f0:3e:4d:74:
37:3b:fb:6e:ec:47:82:76:5d:d0:f9:51:61:1f:40:db:0f:d2:
66:0e:dc:30:12:12:e8:4b:f9:56:1d:08:76:77:ed:05:8c:5d:
3d:97:03:4d:0f:65:3e:a6:83:99:4e:f1:f1:c8:69:af:22:4a:
50:cf:b5:f9:b6:52:d6:19:9c:4a:37:41:72:b1:0e:9e:86:8a:
c1:2b:67:12:5e:ce:1e:e3:55:57:8b:e4:a9:0b:e3:00:fa:1c:
f5:e8:ef:9c:53:30:a7:f2:03:3f:cb:52:34:56:e6:8f:82:49:
3e:c6:0c:64:67:13:b1:30:7c:af:8e:3a:37:73:be:71:18:c5:
62:a4:eb:03:b1:2f:cc:d9:a8:f4:c2:d0:ee:5a:d8:f5:21:ac:
d3:ae:3e:21:55:27:5b:86:1d:47:8e:dc:6a:fc:b4:33:54:eb:
46:32:8b:05:91:d4:a9:45:1c:77:19:a9:2f:bd:de:71:1e:93:
a8:5e:ba:b3:1b:60:d2:fe:5a:75:79:76:66:c5:64:ab:e6:e1:
19:51:b1:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRJNAe5h9Li64GdqnlfegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2E3NDQwNWViZjdiMjUxY2NmYmJhN2MyYjIwZWMxNWY5
ZDhlNDgwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGUyY2QxOGQ0NzIxYWIzNTdjMDNiNTQ2ZjUzNjdiMmNlOWU4ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Lhby7Vxk86r+R4uYuGtTLasG3Kg
z2mYSvw9I3mDsadtELXuBTap1AjxpzsE2V4gPMRFjtCrGo0tHtOFzDcJpQvy+ZOq
1eVKMhPVCA+Ezd98ZyIZNQHvz08oq4OJ4CjhxBUlcVNWo1QYrdZraGD1N8dUUurI
Y0w9MOWKMfqRAr4Qg9W1mtb8bKaFeIEyyda/BRnxoNc3p0iEY5Z5IKxnutOz/4Ht
7OgX9jz7oVhKnjbPwHDYviapPVosvEDrFwDC4MwkC5w/k25wy3IpU0hTOeHKejIx
izvTdR5UFrTCYr25hUbkg+6jigRiQSqr4LXNW9bBaWSk1MpRLd7zbdd0nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjizRjUchqzV8A7VG9TZ7LOno2QMB8GA1UdIwQY
MBaAFLk6dEBev3slHM+7p8KyDsFfnY5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQt
MGExMzRiNjUzNWM0LzEvcU9MTkdOUnlHck5Yd0R0VWIxTm5zczZlalpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQtMGExMzRiNjUzNWM0
LzEvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwe/WMA8E
AgACMAkDBwAgAQZ4A8gwDQYJKoZIhvcNAQELBQADggEBAB1x51y1Vg29JiiDSGvx
a8MrZFh/ZGJgGtHx6wR5YaVRZALCrHEWFBuRIQj1RnfcRRlo8D5NdDc7+27sR4J2
XdD5UWEfQNsP0mYO3DASEuhL+VYdCHZ37QWMXT2XA00PZT6mg5lO8fHIaa8iSlDP
tfm2UtYZnEo3QXKxDp6GisErZxJezh7jVVeL5KkL4wD6HPXo75xTMKfyAz/LUjRW
5o+CST7GDGRnE7EwfK+OOjdzvnEYxWKk6wOxL8zZqPTC0O5a2PUhrNOuPiFVJ1uG
HUeO3Gr8tDNU60YyiwWR1KlFHHcZqS+93nEek6heurMbYNL+WnV5dmbFZKvm4RlR
sVk=
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:53:11 2025 by rpki-client