Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/196f89-2421-4bc1-b305-8c6a5e0ea06e/1/qMfi8e7m1fr1Hzuvp-QSKdbHo_c.roa
File: qMfi8e7m1fr1Hzuvp-QSKdbHo_c.roa (raw, json)
Hash identifier: tC15G7NC/3zskzQUaxJ7obi+f6xMCn57e/4LdL2XoDI=
Subject key identifier: A8:C7:E2:F1:EE:E6:D5:FA:F5:1F:3B:AF:A7:E4:12:29:D6:C7:A3:F7
Certificate issuer: /CN=432ffd36796e90f812a1612ec1f464de3d5e2f38
Certificate serial: 0194228D0DE69004B8BF21B6C81748796EA5
Authority key identifier: 43:2F:FD:36:79:6E:90:F8:12:A1:61:2E:C1:F4:64:DE:3D:5E:2F:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy_9NnlukPgSoWEuwfRk3j1eLzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/196f89-2421-4bc1-b305-8c6a5e0ea06e/1/qMfi8e7m1fr1Hzuvp-QSKdbHo_c.roa
Signing time: Wed 01 Jan 2025 15:47:36 +0000
ROA not before: Wed 01 Jan 2025 15:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201452
IP address blocks: 185.136.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0d:e6:90:04:b8:bf:21:b6:c8:17:48:79:6e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432ffd36796e90f812a1612ec1f464de3d5e2f38
Validity
Not Before: Jan 1 15:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8c7e2f1eee6d5faf51f3bafa7e41229d6c7a3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:05:bc:44:ab:c4:9b:14:1d:87:0a:75:32:07:
2e:00:a2:82:82:d5:6b:67:9e:6f:a4:32:2b:71:aa:
38:2f:23:4f:d9:4e:3b:6b:72:fc:62:dd:a4:90:60:
c9:86:93:4a:ba:77:aa:80:dc:96:ac:2d:a1:34:d9:
77:99:9e:41:1b:d4:85:44:50:e3:e5:85:de:7f:3e:
46:49:9d:f1:2a:e5:32:9d:af:17:41:bb:0a:c3:3a:
71:f8:08:4d:cc:04:77:1c:a9:4d:96:15:fa:79:60:
f1:a1:a8:45:4e:1d:7c:c1:42:e1:f5:1e:c4:09:a2:
b5:2f:db:a0:00:01:9a:0d:98:2d:94:12:ae:7d:40:
2b:3b:61:50:fa:ec:d0:4c:da:92:99:e4:8a:43:00:
d1:fc:c1:1d:b8:3e:69:c5:27:e6:71:79:90:1b:9b:
a5:78:a0:9a:49:3a:1f:39:f1:40:e0:7e:fa:2a:27:
3e:ce:cd:82:ad:37:5f:38:03:7d:01:44:22:dc:11:
6d:95:5c:54:a1:71:49:e8:3a:d8:01:60:aa:69:d2:
ca:50:13:1f:34:9f:2a:85:92:49:b7:86:a5:ea:9c:
05:a3:cf:96:6b:48:66:a0:24:3d:50:6c:86:f0:d3:
97:56:46:7f:1f:b9:39:aa:c9:e6:c5:8d:1c:8e:fa:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C7:E2:F1:EE:E6:D5:FA:F5:1F:3B:AF:A7:E4:12:29:D6:C7:A3:F7
X509v3 Authority Key Identifier:
keyid:43:2F:FD:36:79:6E:90:F8:12:A1:61:2E:C1:F4:64:DE:3D:5E:2F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy_9NnlukPgSoWEuwfRk3j1eLzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/196f89-2421-4bc1-b305-8c6a5e0ea06e/1/qMfi8e7m1fr1Hzuvp-QSKdbHo_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/196f89-2421-4bc1-b305-8c6a5e0ea06e/1/Qy_9NnlukPgSoWEuwfRk3j1eLzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.133.0/24
Signature Algorithm: sha256WithRSAEncryption
98:a6:95:ba:b2:21:d1:1c:d3:a4:04:2e:42:82:e1:56:7f:26:
4f:c2:26:05:dc:51:26:cb:ce:e3:ad:0e:c1:14:c8:86:24:7a:
86:87:41:61:25:fe:6e:4e:08:36:9a:41:88:70:30:0a:fd:17:
2d:3f:c6:ca:a6:1b:c5:80:45:f9:62:c4:10:25:05:a4:f1:0f:
09:40:75:2a:c3:5d:2f:39:02:90:1f:ef:fa:03:0b:3b:93:90:
5d:b8:da:3d:84:fb:a9:47:bf:14:61:5b:0d:d5:7d:5f:cb:01:
db:6e:be:e0:91:92:39:d9:0b:03:21:64:55:ac:52:c8:a2:b1:
ed:00:f1:04:b1:3e:17:52:65:2c:30:6e:69:54:12:7f:83:fe:
27:67:54:e5:82:4f:61:de:4a:6b:79:0b:53:d5:37:46:a9:7e:
eb:20:0e:eb:16:e7:b4:a4:0e:1e:cd:73:5c:9e:d3:c5:66:15:
b7:4a:f0:8a:b2:22:2f:90:73:b4:a3:f3:4e:47:72:2f:28:fc:
03:2f:7b:c7:8f:e2:1e:67:6c:7c:47:26:3c:74:59:e8:e9:9c:
a5:21:8d:05:db:80:fe:d4:3b:10:57:72:32:01:d0:62:07:0d:
d8:90:71:bc:0f:6b:66:16:11:11:cc:92:63:bd:39:91:6b:91:
bf:0e:37:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijQ3mkAS4vyG2yBdIeW6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmZmZDM2Nzk2ZTkwZjgxMmExNjEyZWMxZjQ2NGRlM2Q1
ZTJmMzgwHhcNMjUwMTAxMTU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM3ZTJmMWVlZTZkNWZhZjUxZjNiYWZhN2U0MTIyOWQ2YzdhM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswW8RKvEmxQdhwp1MgcuAKKCgtVr
Z55vpDIrcao4LyNP2U47a3L8Yt2kkGDJhpNKuneqgNyWrC2hNNl3mZ5BG9SFRFDj
5YXefz5GSZ3xKuUyna8XQbsKwzpx+AhNzAR3HKlNlhX6eWDxoahFTh18wULh9R7E
CaK1L9ugAAGaDZgtlBKufUArO2FQ+uzQTNqSmeSKQwDR/MEduD5pxSfmcXmQG5ul
eKCaSTofOfFA4H76Kic+zs2CrTdfOAN9AUQi3BFtlVxUoXFJ6DrYAWCqadLKUBMf
NJ8qhZJJt4al6pwFo8+Wa0hmoCQ9UGyG8NOXVkZ/H7k5qsnmxY0cjvrJGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjH4vHu5tX69R87r6fkEinWx6P3MB8GA1UdIwQY
MBaAFEMv/TZ5bpD4EqFhLsH0ZN49Xi84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlfOU5ubHVrUGdTb1dFdXdmUmszajFlTHpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xOTZmODktMjQyMS00YmMxLWIzMDUt
OGM2YTVlMGVhMDZlLzEvcU1maThlN20xZnIxSHp1dnAtUVNLZGJIb19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xOTZmODktMjQyMS00YmMxLWIzMDUtOGM2YTVlMGVhMDZl
LzEvUXlfOU5ubHVrUGdTb1dFdXdmUmszajFlTHpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiFMA0G
CSqGSIb3DQEBCwUAA4IBAQCYppW6siHRHNOkBC5CguFWfyZPwiYF3FEmy87jrQ7B
FMiGJHqGh0FhJf5uTgg2mkGIcDAK/RctP8bKphvFgEX5YsQQJQWk8Q8JQHUqw10v
OQKQH+/6Aws7k5BduNo9hPupR78UYVsN1X1fywHbbr7gkZI52QsDIWRVrFLIorHt
APEEsT4XUmUsMG5pVBJ/g/4nZ1Tlgk9h3kpreQtT1TdGqX7rIA7rFue0pA4ezXNc
ntPFZhW3SvCKsiIvkHO0o/NOR3IvKPwDL3vHj+IeZ2x8RyY8dFno6ZylIY0F24D+
1DsQV3IyAdBiBw3YkHG8D2tmFhERzJJjvTmRa5G/Djef
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:02 2025 by rpki-client on console.sobornost.net