Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/QNhj8szxUJQB2UJkTSFbnKRcj2U.roa
File: QNhj8szxUJQB2UJkTSFbnKRcj2U.roa (raw, json)
Hash identifier: G9tQdAu6v2DV1kcxNZeTfgXQ9D3NQf3F0+ROvxbmmRM=
Subject key identifier: 40:D8:63:F2:CC:F1:50:94:01:D9:42:64:4D:21:5B:9C:A4:5C:8F:65
Certificate issuer: /CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Certificate serial: 019422FBC3A731140C083C95BC57C177C5C3
Authority key identifier: 16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/QNhj8szxUJQB2UJkTSFbnKRcj2U.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49381
IP address blocks: 91.229.196.0/22 maxlen: 22
193.169.44.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c3:a7:31:14:0c:08:3c:95:bc:57:c1:77:c5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40d863f2ccf1509401d942644d215b9ca45c8f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0c:b8:27:c1:f3:a8:10:aa:5d:36:d4:1e:8b:
f7:76:c7:dc:9f:54:72:a0:2f:2d:7e:ed:7b:ac:6c:
53:63:6f:19:fe:8f:5f:26:dd:cd:30:71:9f:b8:d9:
ae:47:1b:27:be:69:0c:bc:5e:da:97:9f:6f:7e:e6:
78:49:d7:c8:f9:14:d5:b0:8f:95:75:fc:02:93:3c:
5d:b6:c0:40:05:a1:76:66:4f:8a:cb:bc:e2:0d:ba:
1d:18:b7:47:88:bc:ce:7f:e4:64:57:71:8e:69:42:
37:e2:07:76:47:9b:f4:77:eb:08:0a:d7:21:c4:6b:
95:53:b5:33:4e:de:a2:04:c3:2d:8a:2f:fd:10:c1:
f0:6b:0e:a2:0e:3c:93:8f:5f:d0:b4:ac:cc:a7:73:
36:c4:15:92:28:38:47:42:90:cc:8f:e6:ec:af:47:
fa:52:1c:f2:d1:bc:01:84:c5:96:8e:49:0b:4c:52:
a5:00:2f:ce:f5:f8:9e:67:9c:5a:a3:8a:cf:b6:20:
60:43:50:b3:d8:88:e7:0e:24:8c:42:82:5a:d3:a6:
95:aa:a6:80:f2:da:3f:ac:4d:37:44:b2:2c:3b:bc:
be:8d:d8:e8:f0:c3:7b:90:00:7c:65:78:6f:c7:2a:
4d:dd:c9:00:aa:0b:20:c0:8b:31:ab:89:7c:00:0a:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D8:63:F2:CC:F1:50:94:01:D9:42:64:4D:21:5B:9C:A4:5C:8F:65
X509v3 Authority Key Identifier:
keyid:16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/QNhj8szxUJQB2UJkTSFbnKRcj2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/FpdnWF3O9z4fqfZNpsfydu2Hpx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.196.0/22
193.169.44.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:27:d0:4a:4c:bd:cf:8e:87:22:eb:91:8a:7b:ab:0e:62:81:
f1:cb:35:e3:1b:82:ac:43:19:90:c3:82:5b:10:17:d9:e9:5c:
e0:43:66:8a:63:96:6c:31:67:32:cd:6f:e6:73:04:8c:a9:64:
8c:2e:b1:75:be:b5:a5:c6:d6:2d:47:90:c1:30:99:f1:19:67:
ef:21:0e:7e:cd:33:cc:d8:6d:c9:7d:e5:92:24:21:22:61:29:
ad:49:66:65:21:e1:a9:63:9d:ae:40:dc:a2:2c:c3:b2:3c:3c:
c0:2f:f1:42:bb:34:db:ea:a7:b3:33:90:64:e5:80:5d:d2:03:
8b:2f:ae:a6:43:a8:9a:e3:bd:d0:79:47:c9:bc:24:99:78:a2:
2b:dd:c2:1d:44:d7:a9:fd:e9:db:fe:c3:06:a6:8d:a0:2a:70:
94:c5:d9:5c:fd:4b:b4:0d:8d:82:d3:b1:ad:2c:37:05:af:cc:
f5:6b:53:b6:99:58:51:8e:42:cb:86:03:57:ab:da:e5:b3:0c:
be:0f:10:55:2e:59:74:34:1a:01:14:77:d7:f2:f0:7b:55:c2:
31:e9:d7:d3:55:d0:85:73:53:73:84:26:a4:f9:f8:0b:03:64:
5f:9c:3e:bd:de:f0:7f:6d:81:1d:c8:66:e1:0a:1d:9a:dd:ce:
54:fe:df:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+8OnMRQMCDyVvFfBd8XDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTc2NzU4NWRjZWY3M2UxZmE5ZjY0ZGE2YzdmMjc2ZWQ4
N2E3MWYwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ4NjNmMmNjZjE1MDk0MDFkOTQyNjQ0ZDIxNWI5Y2E0NWM4ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgy4J8HzqBCqXTbUHov3dsfcn1Ry
oC8tfu17rGxTY28Z/o9fJt3NMHGfuNmuRxsnvmkMvF7al59vfuZ4SdfI+RTVsI+V
dfwCkzxdtsBABaF2Zk+Ky7ziDbodGLdHiLzOf+RkV3GOaUI34gd2R5v0d+sICtch
xGuVU7UzTt6iBMMtii/9EMHwaw6iDjyTj1/QtKzMp3M2xBWSKDhHQpDMj+bsr0f6
Uhzy0bwBhMWWjkkLTFKlAC/O9fieZ5xao4rPtiBgQ1Cz2IjnDiSMQoJa06aVqqaA
8to/rE03RLIsO7y+jdjo8MN7kAB8ZXhvxypN3ckAqgsgwIsxq4l8AAosSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDYY/LM8VCUAdlCZE0hW5ykXI9lMB8GA1UdIwQY
MBaAFBaXZ1hdzvc+H6n2TabH8nbth6cfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAt
NDdiNjMwOTUzYzUwLzEvUU5oajhzenhVSlFCMlVKa1RTRmJuS1JjajJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAtNDdiNjMwOTUzYzUw
LzEvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+XEAwQB
waksMA0GCSqGSIb3DQEBCwUAA4IBAQA6J9BKTL3Pjoci65GKe6sOYoHxyzXjG4Ks
QxmQw4JbEBfZ6VzgQ2aKY5ZsMWcyzW/mcwSMqWSMLrF1vrWlxtYtR5DBMJnxGWfv
IQ5+zTPM2G3JfeWSJCEiYSmtSWZlIeGpY52uQNyiLMOyPDzAL/FCuzTb6qezM5Bk
5YBd0gOLL66mQ6ia473QeUfJvCSZeKIr3cIdRNep/enb/sMGpo2gKnCUxdlc/Uu0
DY2C07GtLDcFr8z1a1O2mVhRjkLLhgNXq9rlswy+DxBVLll0NBoBFHfX8vB7VcIx
6dfTVdCFc1NzhCak+fgLA2RfnD693vB/bYEdyGbhCh2a3c5U/t/s
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net