Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/qmxFyvD5jjibZjJM1ZLLs4anyDg.roa
File: qmxFyvD5jjibZjJM1ZLLs4anyDg.roa (raw, json)
Hash identifier: y/C7QUn/kfSJX+tk2XBXNZQ/E3dp0hw1Ap5O7ikQtfw=
Subject key identifier: AA:6C:45:CA:F0:F9:8E:38:9B:66:32:4C:D5:92:CB:B3:86:A7:C8:38
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAF2DC3AF96AE189F9ECB451E2EA63
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/qmxFyvD5jjibZjJM1ZLLs4anyDg.roa
Signing time: Wed 01 Jan 2025 17:47:39 +0000
ROA not before: Wed 01 Jan 2025 17:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198350
IP address blocks: 109.236.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f2:dc:3a:f9:6a:e1:89:f9:ec:b4:51:e2:ea:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa6c45caf0f98e389b66324cd592cbb386a7c838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d0:43:42:fb:7e:59:f9:af:34:29:4c:09:f9:
eb:79:ad:ff:e6:b4:76:34:4e:87:e7:42:64:62:c8:
28:af:e3:ce:16:65:a1:fd:25:32:3b:ba:8c:2a:c1:
0d:24:f4:bc:9c:50:69:e8:32:4c:d1:8b:9a:7a:81:
78:55:6d:f9:08:7e:ef:47:7a:2b:16:76:c5:bd:5b:
30:b7:78:97:41:9f:43:01:98:4e:cf:e4:55:3f:48:
78:a0:21:8e:92:f0:9c:c7:8d:e9:ff:93:f2:d3:6a:
d0:23:e6:aa:6d:5d:3c:41:b3:9e:63:03:1e:a4:39:
40:c3:24:e2:dc:2a:0d:ec:12:d8:ee:93:f5:4d:5f:
0c:6c:64:fa:9b:f0:6d:71:89:b9:78:66:e5:44:ba:
5e:49:c7:5f:bd:4b:9c:16:06:c9:b0:d5:24:d8:4f:
54:4d:84:d8:cd:40:37:d5:01:44:df:50:7e:68:38:
3e:55:8e:90:c3:e5:7c:d1:4a:91:ee:47:32:0d:6c:
77:ba:2e:05:27:d1:b5:27:6d:b9:78:14:db:af:39:
0b:85:8f:7a:bd:8a:5f:99:a3:6a:5e:74:63:39:0a:
70:d2:06:f6:ee:22:b4:e2:7c:0d:39:2d:de:0a:b9:
a1:a3:ed:04:91:47:32:a0:08:de:2c:7e:65:c1:db:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6C:45:CA:F0:F9:8E:38:9B:66:32:4C:D5:92:CB:B3:86:A7:C8:38
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/qmxFyvD5jjibZjJM1ZLLs4anyDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.247.0/24
Signature Algorithm: sha256WithRSAEncryption
79:84:da:ac:fd:e8:b4:71:79:1b:4b:fa:aa:43:1b:6f:92:52:
b1:ef:6f:8e:ca:8d:51:d6:0c:bb:64:67:24:bf:77:21:48:71:
bd:12:17:b2:c4:1f:e4:0c:c3:40:eb:bb:36:c9:c9:eb:94:51:
00:8a:e9:3d:42:2f:5a:04:1a:48:ff:2c:90:39:7d:91:41:2b:
46:cf:67:d7:c0:ad:9a:4b:2a:95:f5:d8:eb:c0:00:e2:82:3f:
2b:ac:d7:f8:12:d4:dc:b7:74:10:16:10:ec:2d:8a:0f:3d:2b:
9f:de:7e:38:5a:fa:4a:2b:8d:ec:16:b2:4d:1e:b2:41:51:29:
e4:fb:cb:68:d1:fe:44:d3:2e:93:95:a3:43:db:11:79:b7:66:
88:0b:a6:61:7e:a3:bb:54:b1:02:07:36:40:32:df:56:e1:64:
de:f9:0f:75:c0:e4:93:01:29:77:91:32:58:77:ee:0c:c0:44:
9f:53:33:7d:03:d4:8e:1a:5a:9e:e2:c2:2a:7e:e7:0f:0f:9c:
45:23:d1:27:b2:fd:96:09:6c:b8:8e:2c:24:b6:a0:43:37:43:
bc:a7:9c:b3:b9:4c:d3:af:db:ba:f1:99:10:41:09:cb:d3:5b:
4f:33:b3:6f:6f:6d:e3:42:35:7a:1d:cc:37:00:e0:ec:da:7d:
33:73:09:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+vLcOvlq4Yn57LRR4upjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTZjNDVjYWYwZjk4ZTM4OWI2NjMyNGNkNTkyY2JiMzg2YTdjODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdBDQvt+WfmvNClMCfnrea3/5rR2
NE6H50JkYsgor+POFmWh/SUyO7qMKsENJPS8nFBp6DJM0YuaeoF4VW35CH7vR3or
FnbFvVswt3iXQZ9DAZhOz+RVP0h4oCGOkvCcx43p/5Py02rQI+aqbV08QbOeYwMe
pDlAwyTi3CoN7BLY7pP1TV8MbGT6m/BtcYm5eGblRLpeScdfvUucFgbJsNUk2E9U
TYTYzUA31QFE31B+aDg+VY6Qw+V80UqR7kcyDWx3ui4FJ9G1J225eBTbrzkLhY96
vYpfmaNqXnRjOQpw0gb27iK04nwNOS3eCrmho+0EkUcyoAjeLH5lwdsr8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpsRcrw+Y44m2YyTNWSy7OGp8g4MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvcW14Rnl2RDVqamliWmpKTTFaTExzNGFueURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbez3MA0G
CSqGSIb3DQEBCwUAA4IBAQB5hNqs/ei0cXkbS/qqQxtvklKx72+Oyo1R1gy7ZGck
v3chSHG9EheyxB/kDMNA67s2ycnrlFEAiuk9Qi9aBBpI/yyQOX2RQStGz2fXwK2a
SyqV9djrwADigj8rrNf4EtTct3QQFhDsLYoPPSuf3n44WvpKK43sFrJNHrJBUSnk
+8to0f5E0y6TlaND2xF5t2aIC6ZhfqO7VLECBzZAMt9W4WTe+Q91wOSTASl3kTJY
d+4MwESfUzN9A9SOGlqe4sIqfucPD5xFI9Ensv2WCWy4jiwktqBDN0O8p5yzuUzT
r9u68ZkQQQnL01tPM7Nvb23jQjV6Hcw3AODs2n0zcwkF
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:18:31 2025 by rpki-client