Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/QB7BRHUFuZiz_JCklEdTGkiHDXA.roa
File: QB7BRHUFuZiz_JCklEdTGkiHDXA.roa (raw, json)
Hash identifier: T5whSTEBQz0KfK/+KqfcupXVgP1i6/CuX9EnL85Iy64=
Subject key identifier: 40:1E:C1:44:75:05:B9:98:B3:FC:90:A4:94:47:53:1A:48:87:0D:70
Certificate issuer: /CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006
Certificate serial: 01941FFA253548DEBA11EB1A21495A02AA31
Authority key identifier: 8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/QB7BRHUFuZiz_JCklEdTGkiHDXA.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51423
IP address blocks: 213.133.224.0/21 maxlen: 21
213.133.232.0/22 maxlen: 22
213.133.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:25:35:48:de:ba:11:eb:1a:21:49:5a:02:aa:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=401ec1447505b998b3fc90a49447531a48870d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:30:15:52:cf:44:75:a7:4f:2d:0a:54:06:6a:
fd:8d:e5:03:c4:cf:6d:44:05:8d:e5:66:af:22:db:
a5:7c:da:a1:da:95:d7:4f:93:3e:7e:3a:ee:4d:f8:
7b:2d:12:22:66:93:09:ac:d2:4e:d6:a8:c7:7e:60:
55:9c:a2:06:1e:0e:13:34:87:8f:95:4c:fd:9d:dd:
7c:5b:ce:15:4f:e9:42:23:b3:35:71:42:a9:76:d1:
83:cc:7f:f2:69:22:ad:cf:7a:6f:a8:28:31:14:b4:
de:9c:1c:5e:ad:5b:58:72:c2:ab:3d:d4:4f:f0:59:
da:bb:85:95:39:cd:f9:10:62:f2:05:72:cf:6d:bc:
7c:95:2c:3c:28:64:26:00:f6:3b:cf:1a:84:b1:71:
fc:c5:3a:19:79:6b:30:1d:16:0f:07:69:8a:cb:38:
50:9e:f2:8d:4b:82:aa:68:12:a9:7d:39:4d:3a:4b:
e7:2b:f9:de:30:1f:7d:79:1b:95:d2:d2:d8:f3:6c:
37:4b:c7:29:0e:25:a7:21:f3:d8:3e:db:00:fd:4f:
06:f2:28:79:3d:87:56:7e:0c:13:80:27:15:62:ee:
47:23:dc:ba:60:1e:a1:ed:da:6a:ca:99:1e:01:44:
07:db:02:e0:30:05:ab:7a:50:63:3f:af:43:9c:d4:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1E:C1:44:75:05:B9:98:B3:FC:90:A4:94:47:53:1A:48:87:0D:70
X509v3 Authority Key Identifier:
keyid:8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/QB7BRHUFuZiz_JCklEdTGkiHDXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/is0usvBhi3LGRtmX08ld2Da90AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.133.224.0/20
Signature Algorithm: sha256WithRSAEncryption
82:19:58:83:75:24:9e:8c:3a:2b:a8:df:b9:b3:dd:c3:9f:05:
c0:20:91:3d:46:85:b1:a0:87:37:4e:45:ff:f7:ab:c1:5a:e5:
de:de:c3:7a:30:70:0e:d5:b9:b9:e7:15:f7:95:ae:98:f6:63:
63:43:af:53:80:1e:7f:ea:fa:95:b5:e7:7f:b1:6e:93:bb:59:
e9:68:f2:83:8c:f0:ee:85:ef:ea:f4:9f:ec:b1:0d:3f:39:d1:
af:2e:bf:dc:4e:69:c3:24:6d:bf:ce:e8:f3:95:71:9f:b9:13:
05:dd:12:cd:ec:eb:ad:dc:80:ce:fc:da:f1:ed:58:e6:55:44:
0a:4b:a8:cc:b5:dd:48:54:8d:d5:d7:d4:04:0c:cc:40:34:48:
50:1c:9e:53:ed:26:3e:a9:39:fb:e8:53:ee:53:11:08:73:38:
a7:bc:0d:10:5f:38:5e:ae:d6:75:83:7b:f5:ff:a4:ce:fb:c7:
4c:5e:f3:96:65:b9:56:59:67:ba:93:07:34:88:d8:b2:cb:f5:
9e:1a:4d:99:75:63:88:3a:fe:e5:97:0c:f1:0c:cb:b3:c8:ce:
a4:13:63:55:31:9f:e7:4f:08:1f:6a:0a:68:f0:ad:81:8f:10:
56:cb:80:49:55:41:8b:f9:0b:a5:33:0b:8a:08:ca:2f:c7:5c:
bf:0c:22:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iU1SN66EesaIUlaAqoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2QyZWIyZjA2MThiNzJjNjQ2ZDk5N2QzYzk1ZGQ4MzZi
ZGQwMDYwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFlYzE0NDc1MDViOTk4YjNmYzkwYTQ5NDQ3NTMxYTQ4ODcwZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDAVUs9EdadPLQpUBmr9jeUDxM9t
RAWN5WavItulfNqh2pXXT5M+fjruTfh7LRIiZpMJrNJO1qjHfmBVnKIGHg4TNIeP
lUz9nd18W84VT+lCI7M1cUKpdtGDzH/yaSKtz3pvqCgxFLTenBxerVtYcsKrPdRP
8Fnau4WVOc35EGLyBXLPbbx8lSw8KGQmAPY7zxqEsXH8xToZeWswHRYPB2mKyzhQ
nvKNS4KqaBKpfTlNOkvnK/neMB99eRuV0tLY82w3S8cpDiWnIfPYPtsA/U8G8ih5
PYdWfgwTgCcVYu5HI9y6YB6h7dpqypkeAUQH2wLgMAWrelBjP69DnNTlsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAewUR1BbmYs/yQpJRHUxpIhw1wMB8GA1UdIwQY
MBaAFIrNLrLwYYtyxkbZl9PJXdg2vdAGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjkt
Nzk0YzlkOTI4Y2RjLzEvUUI3QlJIVUZ1Wml6X0pDa2xFZFRHa2lIRFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjktNzk0YzlkOTI4Y2Rj
LzEvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1YXgMA0G
CSqGSIb3DQEBCwUAA4IBAQCCGViDdSSejDorqN+5s93DnwXAIJE9RoWxoIc3TkX/
96vBWuXe3sN6MHAO1bm55xX3la6Y9mNjQ69TgB5/6vqVted/sW6Tu1npaPKDjPDu
he/q9J/ssQ0/OdGvLr/cTmnDJG2/zujzlXGfuRMF3RLN7Out3IDO/Nrx7VjmVUQK
S6jMtd1IVI3V19QEDMxANEhQHJ5T7SY+qTn76FPuUxEIczinvA0QXzhertZ1g3v1
/6TO+8dMXvOWZblWWWe6kwc0iNiyy/WeGk2ZdWOIOv7llwzxDMuzyM6kE2NVMZ/n
Twgfagpo8K2BjxBWy4BJVUGL+QulMwuKCMovx1y/DCLj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net