Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/QihQnZn98BmKrErTL4Cg9ysW71w.roa
File: QihQnZn98BmKrErTL4Cg9ysW71w.roa (raw, json)
Hash identifier: ZsBWyqewhp8sXqDct7GOBopTdB03c/Z9X+5+la3t4rA=
Subject key identifier: 42:28:50:9D:99:FD:F0:19:8A:AC:4A:D3:2F:80:A0:F7:2B:16:EF:5C
Certificate issuer: /CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Certificate serial: 0193B57BFEBC221DE3E9D81AB72366C9CBEC
Authority key identifier: AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/QihQnZn98BmKrErTL4Cg9ysW71w.roa
Signing time: Wed 11 Dec 2024 11:30:22 +0000
ROA not before: Wed 11 Dec 2024 11:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50772
IP address blocks: 195.78.100.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:7b:fe:bc:22:1d:e3:e9:d8:1a:b7:23:66:c9:cb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Validity
Not Before: Dec 11 11:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4228509d99fdf0198aac4ad32f80a0f72b16ef5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:32:37:e4:07:f3:f0:19:37:d1:2e:a7:1f:ce:
d2:df:94:04:2f:ec:bd:71:fa:d9:f2:d7:36:7e:92:
86:36:93:92:5c:cb:d1:fc:5d:8f:a8:d7:5c:f8:1c:
7e:94:28:23:49:04:4b:b1:81:9e:3b:b5:50:ee:01:
6f:5a:c0:f9:35:04:de:dd:d8:e7:f0:ea:6f:7e:4e:
b6:ec:dc:23:f1:a2:9c:06:e3:08:24:cf:7d:6f:f5:
0e:c1:df:15:51:9f:fe:7b:b8:f3:cf:60:b6:06:b5:
6e:28:7e:8d:f1:18:89:5a:2b:78:f0:9b:5a:95:46:
ec:c9:f5:01:ba:aa:21:88:a7:e7:1d:52:c8:77:0b:
8e:60:27:ce:56:05:45:33:f0:59:46:4e:eb:a9:f2:
76:bd:b3:34:28:b6:16:da:6b:3d:4e:3a:59:e2:5f:
5b:0e:1e:12:65:2b:7d:7b:36:ad:e8:db:ec:6d:90:
f8:8f:75:3b:a5:a2:e2:c3:6f:1e:e4:94:8b:f5:88:
29:c7:ea:31:ce:85:20:ef:09:a4:5b:4f:b9:97:63:
0d:b2:f5:3a:60:89:80:4f:8d:45:d4:24:e6:9f:59:
a0:66:70:ca:6c:08:d2:68:68:75:d4:1d:ca:60:f5:
08:9d:58:33:69:d4:87:01:09:76:d7:83:05:10:5a:
f9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:28:50:9D:99:FD:F0:19:8A:AC:4A:D3:2F:80:A0:F7:2B:16:EF:5C
X509v3 Authority Key Identifier:
keyid:AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/QihQnZn98BmKrErTL4Cg9ysW71w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.100.0/23
Signature Algorithm: sha256WithRSAEncryption
17:cc:b7:69:88:47:42:30:b2:25:34:78:f1:a7:71:39:26:1b:
67:10:3c:dd:53:db:c8:78:de:09:8d:b3:84:c3:43:f6:7e:ea:
ab:81:1b:ea:da:ea:41:1e:c8:11:84:61:8b:99:28:84:15:c4:
87:8b:63:9a:06:da:a5:69:33:f7:64:a9:b0:59:8b:fd:42:b3:
39:cc:95:85:76:30:53:74:98:da:1a:f6:99:32:13:cf:8e:7a:
f4:29:2b:f0:6e:bf:84:6e:5e:9f:c7:e6:4e:31:38:20:eb:b7:
0d:cb:32:04:ce:9c:ab:1e:0d:65:16:7f:d3:03:7a:45:e4:f1:
1c:fd:93:02:c4:5d:e7:07:19:ce:ea:b9:35:c1:5e:7c:40:20:
01:95:07:62:79:1a:b0:12:30:3f:a3:8b:2d:27:c1:84:04:72:
25:f6:11:7b:f6:63:78:1b:99:61:5b:ed:2a:7c:0e:ee:23:ad:
55:8a:0a:c3:c9:f9:8d:be:c1:e9:46:0d:ad:af:73:85:f4:e4:
c7:1a:48:cf:2b:d1:2d:04:96:b1:bf:86:b5:fe:78:6c:0f:86:
f5:06:91:5c:ad:c9:5a:e3:16:93:cd:a6:9b:f4:06:31:d8:aa:
02:5f:71:56:1a:c3:1e:77:38:33:f1:92:18:96:a1:75:4f:61:
a6:04:d5:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO1e/68Ih3j6dgatyNmycvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWE1MWJlYTFiNTcwZmZhNzJkOWM1MmQxYTUxOGMyNGJj
NzhjMDIwHhcNMjQxMjExMTEzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI4NTA5ZDk5ZmRmMDE5OGFhYzRhZDMyZjgwYTBmNzJiMTZlZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTI35Afz8Bk30S6nH87S35QEL+y9
cfrZ8tc2fpKGNpOSXMvR/F2PqNdc+Bx+lCgjSQRLsYGeO7VQ7gFvWsD5NQTe3djn
8Opvfk627Nwj8aKcBuMIJM99b/UOwd8VUZ/+e7jzz2C2BrVuKH6N8RiJWit48Jta
lUbsyfUBuqohiKfnHVLIdwuOYCfOVgVFM/BZRk7rqfJ2vbM0KLYW2ms9TjpZ4l9b
Dh4SZSt9ezat6NvsbZD4j3U7paLiw28e5JSL9Ygpx+oxzoUg7wmkW0+5l2MNsvU6
YImAT41F1CTmn1mgZnDKbAjSaGh11B3KYPUInVgzadSHAQl214MFEFr5PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIoUJ2Z/fAZiqxK0y+AoPcrFu9cMB8GA1UdIwQY
MBaAFKyaUb6htXD/py2cUtGlGMJLx4wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpwUnZxRzFjUC1uTFp4UzBhVVl3a3ZIakFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yZGU4N2EtMDE3Ni00ZjE5LWIwZTgt
YWI1NjMwMjExZjdhLzEvUWloUW5abjk4Qm1LckVyVEw0Q2c5eXNXNzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yZGU4N2EtMDE3Ni00ZjE5LWIwZTgtYWI1NjMwMjExZjdh
LzEvckpwUnZxRzFjUC1uTFp4UzBhVVl3a3ZIakFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw05kMA0G
CSqGSIb3DQEBCwUAA4IBAQAXzLdpiEdCMLIlNHjxp3E5JhtnEDzdU9vIeN4JjbOE
w0P2fuqrgRvq2upBHsgRhGGLmSiEFcSHi2OaBtqlaTP3ZKmwWYv9QrM5zJWFdjBT
dJjaGvaZMhPPjnr0KSvwbr+Ebl6fx+ZOMTgg67cNyzIEzpyrHg1lFn/TA3pF5PEc
/ZMCxF3nBxnO6rk1wV58QCABlQdieRqwEjA/o4stJ8GEBHIl9hF79mN4G5lhW+0q
fA7uI61VigrDyfmNvsHpRg2tr3OF9OTHGkjPK9EtBJaxv4a1/nhsD4b1BpFcrcla
4xaTzaab9AYx2KoCX3FWGsMedzgz8ZIYlqF1T2GmBNUL
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:57 2024 by rpki-client on console.sobornost.net