Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/Qpr9Nds1i4FaZEglRlgJ0LzNdV0.roa
File: Qpr9Nds1i4FaZEglRlgJ0LzNdV0.roa (raw, json)
Hash identifier: FWbVzz1RWfnzJChKbAZzseuSugvyftK4EyRHQjUJgpk=
Subject key identifier: 42:9A:FD:35:DB:35:8B:81:5A:64:48:25:46:58:09:D0:BC:CD:75:5D
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 0192674D36F2440D150A74F1580D24FC5E7C
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/Qpr9Nds1i4FaZEglRlgJ0LzNdV0.roa
Signing time: Mon 07 Oct 2024 14:06:06 +0000
ROA not before: Mon 07 Oct 2024 14:06:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216153
IP address blocks: 185.153.235.0/24 maxlen: 24
204.235.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:4d:36:f2:44:0d:15:0a:74:f1:58:0d:24:fc:5e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Oct 7 14:06:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=429afd35db358b815a644825465809d0bccd755d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:52:5a:6c:07:5c:44:c9:db:a7:0c:ce:64:17:
96:a8:9a:f2:e5:1c:23:4a:0c:e1:d1:18:3d:6d:61:
71:1a:35:3f:0c:b9:49:32:00:5f:d1:ce:d9:63:68:
4f:4a:74:ec:3e:b1:74:8a:27:d8:7c:eb:d6:ea:12:
f6:0e:9a:5f:45:7a:44:48:f5:55:a9:4c:be:33:0e:
47:f1:19:cf:33:15:ff:87:7a:7d:27:89:d7:31:51:
43:6a:79:38:c0:6e:21:28:c3:3c:c0:43:c6:07:de:
86:8a:cf:1f:37:2e:fc:46:4a:37:3c:0a:e5:1a:fb:
e0:09:d4:4a:0d:cb:4a:ec:78:6e:88:e3:e3:0b:a1:
72:d7:68:3f:e3:e4:49:3a:18:5f:64:70:9a:be:c6:
66:17:1e:3b:40:2f:24:3d:6c:ce:13:69:b7:1c:5c:
7b:9f:8a:d0:8f:8c:c5:89:a7:6a:29:a8:49:15:e1:
ba:de:25:93:ee:11:ef:c1:ce:0f:ab:ae:a8:82:38:
ea:05:e4:fb:e1:e4:09:c5:c4:88:ba:b4:4b:e2:68:
43:39:97:af:ff:ee:d3:45:6f:67:76:3f:e0:56:a9:
d3:dd:f1:24:3e:ac:be:45:68:29:9c:5c:ad:2e:43:
d1:08:d3:52:c5:3e:48:bf:03:d0:f1:76:74:95:8c:
84:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9A:FD:35:DB:35:8B:81:5A:64:48:25:46:58:09:D0:BC:CD:75:5D
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/Qpr9Nds1i4FaZEglRlgJ0LzNdV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.235.0/24
204.235.104.0/24
Signature Algorithm: sha256WithRSAEncryption
28:7d:fa:9b:67:b1:a9:06:a9:a5:1d:71:e2:12:9b:ed:2b:87:
a8:68:29:2f:5a:c1:92:c7:09:bc:21:db:14:66:9c:fd:6c:15:
15:03:58:1b:15:52:51:ae:a3:13:34:29:23:c8:3a:00:82:9d:
9d:10:25:80:7a:eb:30:18:f0:96:23:e3:95:cb:5c:ee:61:25:
de:1e:79:20:fe:64:e7:48:a3:d1:23:e4:34:d4:d2:21:c9:f7:
81:55:e6:83:91:52:1e:41:f8:2a:e1:c6:d2:fb:26:5d:d2:b1:
ea:b0:c7:64:b5:41:ee:dc:7f:74:8a:7f:af:ce:c4:de:e5:40:
96:b6:84:df:57:0f:b2:f8:fa:19:c8:ff:07:ad:72:4d:65:13:
e6:6b:f6:27:d1:a6:c1:b0:ee:ea:39:c7:94:d7:8e:68:2e:81:
d8:35:cc:b5:60:ba:b4:58:e4:8f:7d:19:3a:88:fe:53:db:5c:
d8:ed:d6:6b:8c:68:e4:f0:4a:4e:22:6f:6b:86:d1:c9:8b:02:
70:3a:85:36:e3:65:f0:7b:a8:32:84:89:f8:f6:06:43:f7:fc:
fb:51:7d:a2:47:2d:ed:8c:1f:50:c0:2d:c1:c1:42:ad:57:fd:
ae:66:f0:dd:04:cd:14:24:3a:88:e5:87:ac:69:99:f1:37:34:
0f:56:5f:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJnTTbyRA0VCnTxWA0k/F58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjQxMDA3MTQwNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjlhZmQzNWRiMzU4YjgxNWE2NDQ4MjU0NjU4MDlkMGJjY2Q3NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lJabAdcRMnbpwzOZBeWqJry5Rwj
Sgzh0Rg9bWFxGjU/DLlJMgBf0c7ZY2hPSnTsPrF0iifYfOvW6hL2DppfRXpESPVV
qUy+Mw5H8RnPMxX/h3p9J4nXMVFDank4wG4hKMM8wEPGB96Gis8fNy78Rko3PArl
GvvgCdRKDctK7HhuiOPjC6Fy12g/4+RJOhhfZHCavsZmFx47QC8kPWzOE2m3HFx7
n4rQj4zFiadqKahJFeG63iWT7hHvwc4Pq66ogjjqBeT74eQJxcSIurRL4mhDOZev
/+7TRW9ndj/gVqnT3fEkPqy+RWgpnFytLkPRCNNSxT5IvwPQ8XZ0lYyEFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEKa/TXbNYuBWmRIJUZYCdC8zXVdMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvUXByOU5kczFpNEZhWkVnbFJsZ0owTHpOZFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZnrAwQA
zOtoMA0GCSqGSIb3DQEBCwUAA4IBAQAoffqbZ7GpBqmlHXHiEpvtK4eoaCkvWsGS
xwm8IdsUZpz9bBUVA1gbFVJRrqMTNCkjyDoAgp2dECWAeuswGPCWI+OVy1zuYSXe
Hnkg/mTnSKPRI+Q01NIhyfeBVeaDkVIeQfgq4cbS+yZd0rHqsMdktUHu3H90in+v
zsTe5UCWtoTfVw+y+PoZyP8HrXJNZRPma/Yn0abBsO7qOceU145oLoHYNcy1YLq0
WOSPfRk6iP5T21zY7dZrjGjk8EpOIm9rhtHJiwJwOoU242Xwe6gyhIn49gZD9/z7
UX2iRy3tjB9QwC3BwUKtV/2uZvDdBM0UJDqI5YesaZnxNzQPVl/d
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:25 2024 by rpki-client on console.sobornost.net