Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q3YhV9-9J3mUPAmvXigf7XvYsb8.roa
File: Q3YhV9-9J3mUPAmvXigf7XvYsb8.roa (raw, json)
Hash identifier: GOUxZJqjtTdSlxxzjjLJ4OUJM0t9IPntFN5iGNNaDG4=
Subject key identifier: 43:76:21:57:DF:BD:27:79:94:3C:09:AF:5E:28:1F:ED:7B:D8:B1:BF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0194ED670B6C633621AEDACAAD0B628FE1B9
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q3YhV9-9J3mUPAmvXigf7XvYsb8.roa
Signing time: Mon 10 Feb 2025 01:09:00 +0000
ROA not before: Mon 10 Feb 2025 01:09:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213122
IP address blocks: 5.226.52.0/22 maxlen: 24
45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ed:67:0b:6c:63:36:21:ae:da:ca:ad:0b:62:8f:e1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 10 01:09:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43762157dfbd2779943c09af5e281fed7bd8b1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:de:2b:3e:08:66:b0:17:96:fc:81:f6:fc:9c:
6d:25:f9:a5:d6:8c:ae:ec:bb:01:28:9a:d0:a4:88:
89:30:19:88:49:16:ee:19:a5:39:71:84:09:b1:d6:
bd:26:4c:d6:9f:63:fa:d1:56:45:1c:d1:76:3c:cd:
2d:7c:9a:7c:23:e3:8b:f1:4b:76:f5:42:21:c5:9f:
c2:d8:82:52:bc:f6:99:4e:e2:08:6d:3b:03:26:00:
b4:e3:e9:6b:2c:bf:55:b2:35:89:0d:ac:d9:4e:45:
31:b3:13:9f:35:65:f7:f0:f1:19:21:d1:25:4f:05:
3b:89:ee:e2:ca:2d:5a:1d:49:08:39:fe:4c:d0:03:
07:e5:2a:71:c6:1e:ee:84:47:23:dc:69:12:2c:e9:
d4:9c:9f:be:a9:51:a2:e1:23:05:d8:67:9a:33:7e:
79:56:59:99:f8:0e:cb:05:f7:2e:46:6b:f0:cf:8d:
db:ce:06:90:82:2e:54:c8:d7:c7:76:a0:92:35:4e:
18:ff:15:d9:c4:d2:c8:10:1f:eb:1f:2c:fa:0b:c1:
32:df:16:a4:9c:36:cb:ab:63:08:01:6e:45:25:37:
f2:2c:e7:fb:75:ea:f4:82:6a:e3:a5:d8:5b:4f:fc:
c8:84:b9:a7:c8:ab:cd:97:d4:5a:f1:1d:0f:71:28:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:76:21:57:DF:BD:27:79:94:3C:09:AF:5E:28:1F:ED:7B:D8:B1:BF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q3YhV9-9J3mUPAmvXigf7XvYsb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.52.0/22
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:d3:6b:67:bc:20:36:cb:e2:73:0e:65:0d:56:c7:ad:b3:62:
63:68:e8:83:4d:9b:ae:d4:92:e9:84:64:1e:c3:48:fe:cd:a8:
b2:2f:99:88:8f:07:6a:bb:59:e8:55:a9:1d:20:0c:c7:b4:82:
b4:b0:1e:f1:92:d9:96:8f:54:e6:ff:4c:5c:53:98:47:65:c4:
79:8a:83:21:26:22:09:af:3b:93:ab:3c:82:d9:54:46:10:0f:
e1:f1:9c:14:a7:0f:a2:74:c5:db:61:c8:be:86:43:de:ea:fe:
04:5a:92:45:af:ef:e1:98:08:d9:50:93:b3:8b:19:5a:0f:6c:
33:0a:ba:1c:03:8e:b2:90:54:25:8f:24:1f:55:ba:2c:04:9f:
8e:75:d5:94:07:5b:25:3c:68:a4:d9:23:4c:a1:c4:19:25:58:
b4:f7:d9:51:73:18:8a:63:8e:c8:1f:f8:68:13:32:08:85:b5:
41:7b:8a:c0:9f:94:cc:bc:02:7e:b6:d3:6b:3b:e2:2e:34:21:
28:61:85:cf:bf:68:e3:a5:35:bd:97:b5:54:eb:15:07:fe:e7:
12:ef:c2:c7:10:8e:d7:e3:df:06:5d:bc:12:e6:f9:d6:85:49:
39:b8:8a:44:6e:2c:03:7c:8d:6b:f9:07:67:5a:df:f4:58:25:
52:3d:88:f0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZTtZwtsYzYhrtrKrQtij+G5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMjEwMDEwOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc2MjE1N2RmYmQyNzc5OTQzYzA5YWY1ZTI4MWZlZDdiZDhiMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN4rPghmsBeW/IH2/JxtJfml1oyu
7LsBKJrQpIiJMBmISRbuGaU5cYQJsda9JkzWn2P60VZFHNF2PM0tfJp8I+OL8Ut2
9UIhxZ/C2IJSvPaZTuIIbTsDJgC04+lrLL9VsjWJDazZTkUxsxOfNWX38PEZIdEl
TwU7ie7iyi1aHUkIOf5M0AMH5Spxxh7uhEcj3GkSLOnUnJ++qVGi4SMF2GeaM355
VlmZ+A7LBfcuRmvwz43bzgaQgi5UyNfHdqCSNU4Y/xXZxNLIEB/rHyz6C8Ey3xak
nDbLq2MIAW5FJTfyLOf7der0gmrjpdhbT/zIhLmnyKvNl9Ra8R0PcSi1JQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEN2IVffvSd5lDwJr14oH+172LG/MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUTNZaFY5LTlKM21VUEFtdlhpZ2Y3WHZZc2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBeI0AwQB
LYsGAwQCsq3sMAwDBAGyrfIDBAOyrfADBAK8/RwwDQYJKoZIhvcNAQELBQADggEB
AC7Ta2e8IDbL4nMOZQ1Wx62zYmNo6INNm67UkumEZB7DSP7NqLIvmYiPB2q7WehV
qR0gDMe0grSwHvGS2ZaPVOb/TFxTmEdlxHmKgyEmIgmvO5OrPILZVEYQD+HxnBSn
D6J0xdthyL6GQ97q/gRakkWv7+GYCNlQk7OLGVoPbDMKuhwDjrKQVCWPJB9VuiwE
n4511ZQHWyU8aKTZI0yhxBklWLT32VFzGIpjjsgf+GgTMgiFtUF7isCflMy8An62
02s74i40IShhhc+/aOOlNb2XtVTrFQf+5xLvwscQjtfj3wZdvBLm+daFSTm4ikRu
LAN8jWv5B2da3/RYJVI9iPA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:22:16 2025 by rpki-client