Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/RQLm1F_GU6Rf6SABLYT1-T4K2eg.roa
File: RQLm1F_GU6Rf6SABLYT1-T4K2eg.roa (raw, json)
Hash identifier: mwnEudM31MbodbHT16yRei6aRDOacGQVEjuWzLDqvXM=
Subject key identifier: 45:02:E6:D4:5F:C6:53:A4:5F:E9:20:01:2D:84:F5:F9:3E:0A:D9:E8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6F61B91B503571607693DC07D5BC
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/RQLm1F_GU6Rf6SABLYT1-T4K2eg.roa
Signing time: Thu 02 Jan 2025 09:50:28 +0000
ROA not before: Thu 02 Jan 2025 09:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34875
IP address blocks: 212.220.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6f:61:b9:1b:50:35:71:60:76:93:dc:07:d5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4502e6d45fc653a45fe920012d84f5f93e0ad9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9d:7a:f6:7f:bc:3c:0b:2f:97:b6:6a:9b:5d:
e6:85:4f:c2:8c:56:25:23:5e:01:ac:ae:f4:f6:9e:
31:5e:14:a4:17:c8:d1:fd:22:b0:d5:6d:5f:2d:5f:
8e:7b:ea:4f:63:d3:78:3c:01:28:7d:ec:25:8f:0e:
95:2a:09:69:21:14:52:12:ba:1a:56:ff:48:e0:df:
31:7e:09:19:ef:aa:ae:3e:66:25:99:91:25:bb:84:
8c:10:e0:f1:ed:4f:5a:7c:bb:0c:d7:b3:20:8c:4a:
dd:b7:8d:1b:33:cd:e4:5a:2e:db:d3:03:dc:99:61:
a5:f9:61:8f:c1:e5:57:7f:a6:57:44:6c:24:87:a2:
f5:10:97:d1:b6:0d:6b:3e:05:6b:26:53:25:93:83:
05:eb:b2:29:24:fb:83:bf:b1:78:b9:6a:5f:ef:5a:
ff:b3:d1:8f:68:39:a0:86:81:b9:15:c3:3e:5b:30:
5d:93:73:b5:8b:7c:6e:d0:9e:0b:f9:aa:c2:85:03:
46:48:73:e5:db:73:59:ad:00:d9:25:73:ff:f6:5e:
a5:24:ab:f1:d2:54:76:db:6a:50:1e:bb:04:81:de:
68:10:d6:f5:41:fe:02:4f:05:f5:67:20:94:c8:a4:
99:de:ce:c5:30:b0:3b:34:b2:7c:02:83:d8:5b:2d:
19:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:02:E6:D4:5F:C6:53:A4:5F:E9:20:01:2D:84:F5:F9:3E:0A:D9:E8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/RQLm1F_GU6Rf6SABLYT1-T4K2eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.220.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e7:e5:dc:e9:3e:55:c9:cb:9d:d6:ec:e7:f8:ef:20:af:9c:
d4:6c:de:0b:ab:ab:ba:8c:38:af:5c:b2:5e:07:0e:78:fc:a7:
82:0b:bb:1d:49:6d:c3:3d:b8:cf:a8:2e:2f:c2:dc:38:90:14:
e6:a7:0b:fb:80:19:84:ef:f9:2d:5b:0e:b8:05:bd:59:5c:1a:
ba:4e:8d:d4:0f:6f:6a:35:47:6d:3c:96:45:70:5c:08:60:52:
21:c3:32:9a:bf:f7:f6:82:59:3b:48:43:9e:a9:35:1c:11:23:
a0:35:26:04:5c:af:b1:c3:19:bc:99:7c:18:e9:48:ce:88:f7:
34:b5:7c:bf:26:98:ec:6f:1b:a1:f0:cb:bc:6a:d8:7b:d4:4f:
7d:a8:1e:ca:a2:0f:20:46:74:dd:8b:fd:6e:27:87:49:b1:68:
c4:5e:73:70:b8:14:9b:6f:75:94:68:72:f2:34:58:9f:7c:90:
42:5d:c4:4f:18:71:c4:5f:eb:cd:13:2f:f6:4f:90:d9:52:2e:
fa:8b:e5:48:8f:d2:b6:c1:38:5e:f3:cd:21:92:df:78:dd:8e:
a5:75:a8:27:c5:0c:01:ab:83:1f:f0:a1:71:90:19:d0:6d:09:
27:99:fa:2c:ab:49:3b:ba:e9:43:fb:71:5b:fd:15:cc:3e:ee:
3e:3f:fd:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbG9huRtQNXFgdpPcB9W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAyZTZkNDVmYzY1M2E0NWZlOTIwMDEyZDg0ZjVmOTNlMGFkOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5169n+8PAsvl7Zqm13mhU/CjFYl
I14BrK709p4xXhSkF8jR/SKw1W1fLV+Oe+pPY9N4PAEofewljw6VKglpIRRSEroa
Vv9I4N8xfgkZ76quPmYlmZElu4SMEODx7U9afLsM17MgjErdt40bM83kWi7b0wPc
mWGl+WGPweVXf6ZXRGwkh6L1EJfRtg1rPgVrJlMlk4MF67IpJPuDv7F4uWpf71r/
s9GPaDmghoG5FcM+WzBdk3O1i3xu0J4L+arChQNGSHPl23NZrQDZJXP/9l6lJKvx
0lR222pQHrsEgd5oENb1Qf4CTwX1ZyCUyKSZ3s7FMLA7NLJ8AoPYWy0ZfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUC5tRfxlOkX+kgAS2E9fk+CtnoMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUlFMbTFGX0dVNlJmNlNBQkxZVDEtVDRLMmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1NwEMA0G
CSqGSIb3DQEBCwUAA4IBAQCb5+Xc6T5Vycud1uzn+O8gr5zUbN4Lq6u6jDivXLJe
Bw54/KeCC7sdSW3DPbjPqC4vwtw4kBTmpwv7gBmE7/ktWw64Bb1ZXBq6To3UD29q
NUdtPJZFcFwIYFIhwzKav/f2glk7SEOeqTUcESOgNSYEXK+xwxm8mXwY6UjOiPc0
tXy/Jpjsbxuh8Mu8ath71E99qB7Kog8gRnTdi/1uJ4dJsWjEXnNwuBSbb3WUaHLy
NFiffJBCXcRPGHHEX+vNEy/2T5DZUi76i+VIj9K2wThe880hkt943Y6ldagnxQwB
q4Mf8KFxkBnQbQknmfosq0k7uulD+3Fb/RXMPu4+P/3O
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net