Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/QJQeMPlg9WGfXq72AZiCSewuDI8.roa
File: QJQeMPlg9WGfXq72AZiCSewuDI8.roa (raw, json)
Hash identifier: r0Rvs4MlW/m7D+4R19PKkzv3HipqfF3UT75d6mitfBY=
Subject key identifier: 40:94:1E:30:F9:60:F5:61:9F:5E:AE:F6:01:98:82:49:EC:2E:0C:8F
Certificate issuer: /CN=97f4674e8236bddc3d2327a02b0abfba79a5483c
Certificate serial: 0194221F9D534CB697186263CC76EBE7D186
Authority key identifier: 97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/QJQeMPlg9WGfXq72AZiCSewuDI8.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48618
IP address blocks: 91.209.29.0/24 maxlen: 24
185.55.176.0/22 maxlen: 22
2a04:d500::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9d:53:4c:b6:97:18:62:63:cc:76:eb:e7:d1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f4674e8236bddc3d2327a02b0abfba79a5483c
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40941e30f960f5619f5eaef601988249ec2e0c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:25:b2:e7:e7:2f:ae:7b:28:71:55:2e:ec:
37:56:01:7b:bf:29:54:f7:ea:9a:6d:22:bd:4a:62:
44:85:5a:b6:fd:74:34:f5:01:ac:18:82:e9:c7:69:
9f:e2:5a:ac:b2:9e:ba:e5:24:ab:e4:ef:81:70:47:
f0:aa:3f:6d:d7:5d:63:4e:ae:84:8c:64:98:7e:69:
ef:0d:6e:17:b7:c2:2d:ca:08:1c:98:8a:27:01:67:
75:55:a1:d5:ee:d7:4a:20:d2:60:76:0d:69:85:55:
0e:8f:06:90:b6:31:40:06:b3:f2:a0:99:bd:8d:ab:
86:57:32:d6:eb:f8:15:9a:a6:b3:08:5d:84:9f:64:
35:37:49:33:df:25:04:2c:ed:a9:d1:8c:83:3e:9e:
62:ff:7a:ce:bd:57:9f:03:20:4e:59:e3:3b:63:d1:
8b:e0:d0:0e:62:da:c2:91:64:2b:55:53:93:24:c3:
bf:80:ed:26:1d:fd:24:10:91:49:80:28:05:e9:b5:
57:4e:75:57:56:9c:13:f4:a2:42:bf:f5:68:f6:32:
77:cd:dd:ce:78:18:fd:74:ba:7c:d5:b1:bb:22:2e:
53:e3:5e:af:2f:2b:05:c1:69:3b:8d:16:8c:98:a6:
c8:2d:df:69:1c:91:37:34:14:1a:cb:5d:dc:b3:85:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:94:1E:30:F9:60:F5:61:9F:5E:AE:F6:01:98:82:49:EC:2E:0C:8F
X509v3 Authority Key Identifier:
keyid:97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/QJQeMPlg9WGfXq72AZiCSewuDI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/l_RnToI2vdw9IyegKwq_unmlSDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.29.0/24
185.55.176.0/22
IPv6:
2a04:d500::/29
Signature Algorithm: sha256WithRSAEncryption
09:58:c4:96:93:e8:64:ef:6f:33:b9:87:29:7a:af:37:f6:44:
0b:8d:c4:9c:50:6f:02:44:bf:1a:e2:48:16:5e:9b:db:5e:02:
89:3e:6f:37:e2:be:a9:30:9e:54:f5:0c:45:80:f0:2c:a1:37:
31:3d:36:2e:d1:5a:97:05:1b:f1:1c:e1:fc:3b:3d:0f:fc:b6:
ab:75:24:59:91:ed:f9:69:79:bd:c1:61:ae:93:3f:86:b3:ca:
3f:da:92:fb:94:64:97:c7:8e:1a:52:5a:22:40:7a:60:2f:ad:
a6:df:7d:f8:25:cf:eb:80:d2:b8:77:75:c4:12:42:ef:fe:3f:
26:a4:88:fc:65:79:a9:95:84:38:fd:e9:dd:5c:ee:77:85:1b:
53:1a:92:58:6e:34:18:c8:64:e6:da:16:f8:13:48:64:15:6b:
03:e2:39:61:9c:79:50:34:ed:4d:44:e4:b8:f4:16:38:7d:55:
f0:51:ce:46:60:70:63:76:c0:a9:83:0c:f7:11:1e:db:5d:fa:
c2:72:28:ae:d6:bb:de:df:ba:60:19:da:a9:16:a8:d7:a6:c4:
75:14:b1:d5:53:81:22:2f:13:4e:3a:4b:78:78:a4:e5:d6:8e:
b9:c8:cf:5a:ac:90:48:d9:7d:b8:58:87:e2:40:f2:5e:3b:52:
27:4c:3f:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH51TTLaXGGJjzHbr59GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjQ2NzRlODIzNmJkZGMzZDIzMjdhMDJiMGFiZmJhNzlh
NTQ4M2MwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk0MWUzMGY5NjBmNTYxOWY1ZWFlZjYwMTk4ODI0OWVjMmUwYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyawlsufnL657KHFVLuw3VgF7vylU
9+qabSK9SmJEhVq2/XQ09QGsGILpx2mf4lqssp665SSr5O+BcEfwqj9t111jTq6E
jGSYfmnvDW4Xt8ItyggcmIonAWd1VaHV7tdKINJgdg1phVUOjwaQtjFABrPyoJm9
jauGVzLW6/gVmqazCF2En2Q1N0kz3yUELO2p0YyDPp5i/3rOvVefAyBOWeM7Y9GL
4NAOYtrCkWQrVVOTJMO/gO0mHf0kEJFJgCgF6bVXTnVXVpwT9KJCv/Vo9jJ3zd3O
eBj9dLp81bG7Ii5T416vLysFwWk7jRaMmKbILd9pHJE3NBQay13cs4WMFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFECUHjD5YPVhn16u9gGYgknsLgyPMB8GA1UdIwQY
MBaAFJf0Z06CNr3cPSMnoCsKv7p5pUg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUt
YWYyZWM1ZDhkYzNjLzEvUUpRZU1QbGc5V0dmWHE3MkFaaUNTZXd1REk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUtYWYyZWM1ZDhkYzNj
LzEvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9EdAwQC
uTewMA0EAgACMAcDBQMqBNUAMA0GCSqGSIb3DQEBCwUAA4IBAQAJWMSWk+hk728z
uYcpeq839kQLjcScUG8CRL8a4kgWXpvbXgKJPm834r6pMJ5U9QxFgPAsoTcxPTYu
0VqXBRvxHOH8Oz0P/LardSRZke35aXm9wWGukz+Gs8o/2pL7lGSXx44aUloiQHpg
L62m3334Jc/rgNK4d3XEEkLv/j8mpIj8ZXmplYQ4/endXO53hRtTGpJYbjQYyGTm
2hb4E0hkFWsD4jlhnHlQNO1NROS49BY4fVXwUc5GYHBjdsCpgwz3ER7bXfrCciiu
1rve37pgGdqpFqjXpsR1FLHVU4EiLxNOOkt4eKTl1o65yM9arJBI2X24WIfiQPJe
O1InTD+S
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:09 2025 by rpki-client on console.sobornost.net