Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/QT0sQv3KOU05-HMU4KkW-NHTTNI.roa
File: QT0sQv3KOU05-HMU4KkW-NHTTNI.roa (raw, json)
Hash identifier: jywVIaE7EbLBJkWPsDWdJx4pV9xKl6kNaIqG8UrRYkA=
Subject key identifier: 41:3D:2C:42:FD:CA:39:4D:39:F8:73:14:E0:A9:16:F8:D1:D3:4C:D2
Certificate issuer: /CN=3883c95470a5ba4a87c505b683b816576371e3c8
Certificate serial: 01856DD41FE8CF04DCC97FAFD0E9BC51174F
Authority key identifier: 38:83:C9:54:70:A5:BA:4A:87:C5:05:B6:83:B8:16:57:63:71:E3:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIPJVHClukqHxQW2g7gWV2Nx48g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/QT0sQv3KOU05-HMU4KkW-NHTTNI.roa
Signing time: Sun 01 Jan 2023 14:54:56 +0000
ROA not before: Sun 01 Jan 2023 14:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 176.126.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1f:e8:cf:04:dc:c9:7f:af:d0:e9:bc:51:17:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3883c95470a5ba4a87c505b683b816576371e3c8
Validity
Not Before: Jan 1 14:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=413d2c42fdca394d39f87314e0a916f8d1d34cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8e:ad:a5:82:bf:6c:90:3e:21:55:7f:6b:e6:
80:37:85:4f:2d:3d:57:bb:52:17:e8:9f:9d:6b:52:
5b:d8:a9:2d:ef:ae:af:7b:78:c3:83:89:e6:fd:4c:
08:fc:e8:5b:6a:f4:e2:9e:d3:e7:40:5e:f1:33:ca:
45:b3:fd:6f:80:6c:fc:f2:79:f1:cd:4c:69:a6:f7:
36:d7:e8:87:f7:60:4e:fc:9c:cd:e5:ee:8b:ce:1c:
51:30:b0:d0:18:e6:b3:a0:e3:52:35:d9:a6:1b:68:
70:28:8b:bf:b7:ad:73:ea:0b:04:ef:00:b2:f9:ee:
b6:31:0c:ee:5b:7d:4e:99:c1:6d:bf:39:1d:34:d4:
ef:3f:61:4e:d1:f2:f3:c9:55:14:74:6e:db:a9:0d:
5b:e7:ca:71:a2:c5:26:3d:d0:18:7e:b2:b5:97:83:
ff:7f:e2:ae:98:7e:9a:63:56:c6:0b:51:d7:cc:5b:
a5:65:8e:64:37:31:72:07:12:84:30:09:50:df:15:
b7:b6:4f:12:62:47:b3:00:95:95:6e:d4:b8:2f:4c:
96:1e:23:b1:a8:02:8f:65:d0:4b:17:9d:a5:3a:17:
9e:79:66:1d:e7:4b:df:89:d3:60:e1:e9:8c:c7:5b:
af:35:cf:cf:c5:d0:6a:71:df:3f:30:a4:6d:90:5b:
2c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3D:2C:42:FD:CA:39:4D:39:F8:73:14:E0:A9:16:F8:D1:D3:4C:D2
X509v3 Authority Key Identifier:
keyid:38:83:C9:54:70:A5:BA:4A:87:C5:05:B6:83:B8:16:57:63:71:E3:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIPJVHClukqHxQW2g7gWV2Nx48g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/QT0sQv3KOU05-HMU4KkW-NHTTNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/OIPJVHClukqHxQW2g7gWV2Nx48g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.100.0/24
Signature Algorithm: sha256WithRSAEncryption
66:2b:db:b5:58:9e:7c:0a:54:ec:f0:10:24:10:d5:fe:57:d5:
01:7d:fa:18:b8:c6:c7:d4:25:01:0d:59:fc:03:4e:3d:7a:b3:
5d:39:c4:f0:fa:70:7e:fa:61:42:ec:f6:8b:25:09:11:ff:51:
de:54:0b:f9:af:24:6f:7b:16:d8:93:ed:a9:f0:d1:23:a5:a2:
32:dd:f5:e8:88:7b:07:83:19:07:26:e0:e2:74:d3:88:fe:39:
32:12:14:28:51:5d:f7:ea:e5:c4:9c:c5:cd:3e:b7:f5:83:ea:
36:4a:97:de:af:c3:a0:39:7a:fb:80:a8:ef:58:37:0e:df:7b:
78:f0:48:c4:ee:b0:6f:c3:62:6c:b4:68:59:7a:34:1f:d2:1c:
48:06:fd:a9:12:4b:fa:fe:98:0e:3b:37:d4:67:f9:bb:ed:16:
46:a9:2b:3f:de:56:42:c1:42:11:1a:7f:d3:04:76:fd:3e:2c:
a1:f2:99:f2:d2:99:76:70:6b:81:1e:cb:ef:94:22:07:11:a7:
d2:08:f9:26:0c:d4:07:57:1e:46:03:e7:7c:94:a3:62:00:aa:
32:4f:f6:2b:f9:c0:f8:ff:65:56:04:20:0e:05:3f:e9:6c:7e:
4f:cf:63:a0:58:8e:63:9b:17:2b:6b:e1:5e:ad:66:47:a8:89:
c4:5e:33:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1B/ozwTcyX+v0Om8URdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ODNjOTU0NzBhNWJhNGE4N2M1MDViNjgzYjgxNjU3NjM3
MWUzYzgwHhcNMjMwMTAxMTQ1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNkMmM0MmZkY2EzOTRkMzlmODczMTRlMGE5MTZmOGQxZDM0Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY6tpYK/bJA+IVV/a+aAN4VPLT1X
u1IX6J+da1Jb2Kkt766ve3jDg4nm/UwI/OhbavTintPnQF7xM8pFs/1vgGz88nnx
zUxppvc21+iH92BO/JzN5e6LzhxRMLDQGOazoONSNdmmG2hwKIu/t61z6gsE7wCy
+e62MQzuW31OmcFtvzkdNNTvP2FO0fLzyVUUdG7bqQ1b58pxosUmPdAYfrK1l4P/
f+KumH6aY1bGC1HXzFulZY5kNzFyBxKEMAlQ3xW3tk8SYkezAJWVbtS4L0yWHiOx
qAKPZdBLF52lOheeeWYd50vfidNg4emMx1uvNc/PxdBqcd8/MKRtkFssewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEE9LEL9yjlNOfhzFOCpFvjR00zSMB8GA1UdIwQY
MBaAFDiDyVRwpbpKh8UFtoO4FldjcePIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0lQSlZIQ2x1a3FIeFFXMmc3Z1dWMk54NDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85MDhiN2UtODFiOS00NzhmLTk1NDMt
YjFmM2VhYTE1MjEyLzEvUVQwc1F2M0tPVTA1LUhNVTRLa1ctTkhUVE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85MDhiN2UtODFiOS00NzhmLTk1NDMtYjFmM2VhYTE1MjEy
LzEvT0lQSlZIQ2x1a3FIeFFXMmc3Z1dWMk54NDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsH5kMA0G
CSqGSIb3DQEBCwUAA4IBAQBmK9u1WJ58ClTs8BAkENX+V9UBffoYuMbH1CUBDVn8
A049erNdOcTw+nB++mFC7PaLJQkR/1HeVAv5ryRvexbYk+2p8NEjpaIy3fXoiHsH
gxkHJuDidNOI/jkyEhQoUV336uXEnMXNPrf1g+o2Spfer8OgOXr7gKjvWDcO33t4
8EjE7rBvw2JstGhZejQf0hxIBv2pEkv6/pgOOzfUZ/m77RZGqSs/3lZCwUIRGn/T
BHb9Piyh8pny0pl2cGuBHsvvlCIHEafSCPkmDNQHVx5GA+d8lKNiAKoyT/Yr+cD4
/2VWBCAOBT/pbH5Pz2OgWI5jmxcra+FerWZHqInEXjME
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:55 2023 by rpki-client on console.sobornost.net