Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/QNMd7fYlDbTeyuBK16mSq7qfSLc.roa
File: QNMd7fYlDbTeyuBK16mSq7qfSLc.roa (raw, json)
Hash identifier: Uvn5WU7449r2QlDZIybO/+JxR3wsRR3AoUBb6n7OQ44=
Subject key identifier: 40:D3:1D:ED:F6:25:0D:B4:DE:CA:E0:4A:D7:A9:92:AB:BA:9F:48:B7
Certificate issuer: /CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Certificate serial: 01942068647D175F08B478FDCC51FF9D35F4
Authority key identifier: 9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/QNMd7fYlDbTeyuBK16mSq7qfSLc.roa
Signing time: Wed 01 Jan 2025 05:48:19 +0000
ROA not before: Wed 01 Jan 2025 05:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206348
IP address blocks: 89.47.8.0/23 maxlen: 24
2a12:bb40::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:64:7d:17:5f:08:b4:78:fd:cc:51:ff:9d:35:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Validity
Not Before: Jan 1 05:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40d31dedf6250db4decae04ad7a992abba9f48b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:61:91:5d:85:2a:4b:7c:98:d4:ac:de:a1:
2a:8f:85:08:cf:6b:51:af:ec:eb:c2:a9:84:dd:a5:
3f:c5:0c:1c:5a:d0:d3:5c:9b:ac:e1:dc:81:41:1a:
79:41:69:23:ed:a0:ea:a7:57:c9:4f:88:bb:f3:b6:
99:51:ec:9f:d8:ba:94:65:70:d3:5a:e6:74:3a:a0:
5e:1a:b9:37:dc:c9:6d:a3:a7:60:fc:e7:83:50:2f:
95:c6:7a:ed:b1:c6:6b:a5:e5:6f:f9:80:c6:ee:39:
3d:9f:98:46:17:4e:0d:fa:87:db:b4:03:76:53:f9:
b1:79:b5:be:06:1f:69:b6:e2:24:57:86:42:6c:f9:
4f:a3:5b:db:5b:41:6a:e1:bf:3d:56:a1:8b:7e:fb:
73:7d:51:09:bc:72:c0:d0:89:b0:75:36:ed:e9:01:
33:40:40:fe:fe:88:c4:c6:ca:c6:3a:93:fd:0f:54:
25:54:b5:49:0a:52:ae:a2:36:42:08:13:ef:ef:dc:
b4:d3:ae:22:28:b7:86:1f:3f:62:78:0b:ad:a7:ea:
54:22:3c:d2:ad:0c:b6:ea:e0:73:68:d9:f0:c9:0d:
ee:8b:79:9e:fa:89:b0:93:9e:1a:a8:84:73:ce:e4:
4c:0e:bd:00:3d:48:69:32:39:73:dd:09:b1:f7:b2:
36:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D3:1D:ED:F6:25:0D:B4:DE:CA:E0:4A:D7:A9:92:AB:BA:9F:48:B7
X509v3 Authority Key Identifier:
keyid:9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/QNMd7fYlDbTeyuBK16mSq7qfSLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/m7NQqQXfP9u8JFbVyBwvIJrnUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.8.0/23
IPv6:
2a12:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b8:17:6a:66:01:f1:7b:52:63:81:da:52:ed:39:86:bc:2d:
d7:11:73:fd:5d:56:ef:ce:49:44:c3:84:97:1c:56:99:20:f7:
35:b8:bc:9e:a2:46:3b:46:95:ff:3c:93:0b:77:80:19:3f:04:
c0:3b:8c:48:d4:cf:3c:6a:a6:a3:12:e6:fa:47:0a:ca:07:ac:
ec:75:0d:42:e6:cb:c5:af:a3:1f:8d:14:e5:09:6c:07:03:cb:
a0:7e:5e:2d:72:66:f6:0a:3b:22:4d:83:4b:96:35:4b:a9:f9:
77:43:7c:b4:dc:01:b2:32:92:be:40:8d:08:2e:e1:ad:02:38:
ef:5f:66:2d:f6:26:70:49:7b:cf:c4:76:8a:f4:40:2a:8f:5c:
65:13:40:73:2a:16:47:9b:3c:a3:34:3c:cb:88:da:7b:1d:8b:
98:6d:4c:98:3a:ea:3b:b3:92:7f:3d:81:00:b1:c9:46:80:00:
5b:e7:a0:74:c7:e4:f8:e6:2c:e3:6d:70:a2:55:7a:5f:9d:09:
c6:90:8d:1e:09:07:9a:a0:a8:c9:39:2a:47:98:60:fd:9c:05:
aa:29:d3:6c:08:bd:a1:61:17:20:58:ca:51:a0:e1:22:9c:ce:
8c:6b:9c:28:70:9d:14:b8:2a:22:a3:77:43:2a:38:0d:da:e8:
d8:64:69:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaGR9F18ItHj9zFH/nTX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYjM1MGE5MDVkZjNmZGJiYzI0NTZkNWM4MWMyZjIwOWFl
NzUyZjMwHhcNMjUwMTAxMDU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQzMWRlZGY2MjUwZGI0ZGVjYWUwNGFkN2E5OTJhYmJhOWY0OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc5hkV2FKkt8mNSs3qEqj4UIz2tR
r+zrwqmE3aU/xQwcWtDTXJus4dyBQRp5QWkj7aDqp1fJT4i787aZUeyf2LqUZXDT
WuZ0OqBeGrk33Mlto6dg/OeDUC+VxnrtscZrpeVv+YDG7jk9n5hGF04N+ofbtAN2
U/mxebW+Bh9ptuIkV4ZCbPlPo1vbW0Fq4b89VqGLfvtzfVEJvHLA0ImwdTbt6QEz
QED+/ojExsrGOpP9D1QlVLVJClKuojZCCBPv79y0064iKLeGHz9ieAutp+pUIjzS
rQy26uBzaNnwyQ3ui3me+omwk54aqIRzzuRMDr0APUhpMjlz3Qmx97I2YQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDTHe32JQ203srgStepkqu6n0i3MB8GA1UdIwQY
MBaAFJuzUKkF3z/bvCRW1cgcLyCa51LzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdOUXFRWGZQOXU4SkZiVnlCd3ZJSnJuVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iMTRkZGQtYWZkYS00MDhjLTljNDYt
OWMxZjY5YTI0MmJhLzEvUU5NZDdmWWxEYlRleXVCSzE2bVNxN3FmU0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iMTRkZGQtYWZkYS00MDhjLTljNDYtOWMxZjY5YTI0MmJh
LzEvbTdOUXFRWGZQOXU4SkZiVnlCd3ZJSnJuVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBWS8IMA0E
AgACMAcDBQMqErtAMA0GCSqGSIb3DQEBCwUAA4IBAQBbuBdqZgHxe1JjgdpS7TmG
vC3XEXP9XVbvzklEw4SXHFaZIPc1uLyeokY7RpX/PJMLd4AZPwTAO4xI1M88aqaj
Eub6RwrKB6zsdQ1C5svFr6MfjRTlCWwHA8ugfl4tcmb2CjsiTYNLljVLqfl3Q3y0
3AGyMpK+QI0ILuGtAjjvX2Yt9iZwSXvPxHaK9EAqj1xlE0BzKhZHmzyjNDzLiNp7
HYuYbUyYOuo7s5J/PYEAsclGgABb56B0x+T45izjbXCiVXpfnQnGkI0eCQeaoKjJ
OSpHmGD9nAWqKdNsCL2hYRcgWMpRoOEinM6Ma5wocJ0UuCoio3dDKjgN2ujYZGnL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net