Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/QrNi5AkdCHX3LFM6JPmtjk3iGxA.roa
File: QrNi5AkdCHX3LFM6JPmtjk3iGxA.roa (raw, json)
Hash identifier: IvcAfgmwmeVHDhLSeZBuix6WlRSI40eMAlMPdMiG4oE=
Subject key identifier: 42:B3:62:E4:09:1D:08:75:F7:2C:53:3A:24:F9:AD:8E:4D:E2:1B:10
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E4A77F986A3B2769A6A404B9621E
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/QrNi5AkdCHX3LFM6JPmtjk3iGxA.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 46.3.160.0/22 maxlen: 22
46.3.205.0/24 maxlen: 24
46.3.216.0/22 maxlen: 22
46.3.222.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.229.0/24 maxlen: 24
149.126.230.0/24 maxlen: 24
149.126.243.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e4:a7:7f:98:6a:3b:27:69:a6:a4:04:b9:62:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b362e4091d0875f72c533a24f9ad8e4de21b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4b:bd:a8:76:81:f6:cd:92:b4:de:18:40:0e:
e7:f6:c2:11:98:3a:5d:af:35:02:b7:14:41:ed:39:
46:a5:51:cd:41:8c:e8:b6:05:6c:cc:a0:36:01:95:
10:db:d5:96:52:30:c8:ef:64:4c:d3:c2:72:2e:45:
ec:d8:68:ee:f6:ed:02:94:92:ff:ed:1a:06:83:ee:
10:99:61:0c:f3:f0:cd:6b:ff:81:75:ca:6b:ca:5e:
55:14:06:37:66:34:8a:81:f7:62:20:2e:78:b3:23:
de:d1:8c:7c:0b:dc:67:ab:0c:b2:dc:bc:bf:9d:17:
b0:90:7c:9c:86:38:5e:e2:72:ed:43:01:fc:bd:9e:
f9:78:c2:c7:fb:8a:7f:61:9f:36:80:09:1f:e1:e0:
5a:21:c9:38:c9:04:f2:4b:2a:2b:26:36:4d:dd:64:
9c:30:2e:e3:f9:99:9d:11:d4:c9:7a:a3:28:ad:a5:
2f:f2:76:b3:a0:4b:70:3d:17:33:e5:98:a0:3e:f3:
3a:fe:bc:cd:fb:05:2f:96:da:1c:f1:5c:5b:27:34:
6a:68:e4:56:1c:3d:e3:7f:2e:7e:d1:1e:21:6c:4c:
60:12:51:44:a6:40:80:cd:76:7b:83:d4:bc:d8:b5:
e1:87:f8:5f:b3:ac:17:57:4d:89:f3:fb:df:bb:8d:
37:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B3:62:E4:09:1D:08:75:F7:2C:53:3A:24:F9:AD:8E:4D:E2:1B:10
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/QrNi5AkdCHX3LFM6JPmtjk3iGxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.160.0/22
46.3.205.0/24
46.3.216.0/22
46.3.222.0/24
46.3.248.0/24
46.3.251.0/24
46.3.253.0-46.3.255.255
149.126.226.0/24
149.126.229.0-149.126.230.255
149.126.243.0-149.126.245.255
149.126.247.0-149.126.250.255
Signature Algorithm: sha256WithRSAEncryption
5d:e1:36:21:4e:49:de:e0:b7:5d:83:65:07:b0:88:5d:81:ab:
6b:25:11:46:66:c0:76:2f:f5:34:7f:17:40:f7:23:70:d9:50:
56:02:1e:9d:ad:25:02:73:1f:a9:b2:a1:2b:ce:67:5d:d5:5d:
30:15:de:2d:2f:b0:b7:14:69:c2:f7:70:2a:ec:a5:1d:84:83:
0e:6f:cf:de:5e:8c:ce:66:2b:f9:e8:c7:df:c9:e1:ca:c3:df:
28:18:b5:06:18:c3:e1:0a:ed:55:89:58:56:7e:37:0f:d9:87:
a6:cb:ae:15:f9:fb:4c:ba:5a:8c:c4:c2:96:a5:5a:ec:97:a1:
81:65:84:48:ab:44:50:eb:57:02:11:20:7c:b7:9a:b8:a3:0b:
68:e8:c7:99:1b:16:35:07:82:88:73:fc:cb:fe:49:91:d8:02:
a2:a0:9f:78:d9:58:9b:3f:7b:77:16:77:30:20:3e:66:cb:f9:
65:61:06:6a:1b:ab:db:0c:dd:02:a3:9f:27:6c:0c:cc:c8:86:
2d:36:cf:39:5f:57:ec:04:27:0a:7d:73:79:ba:b1:77:6f:80:
de:93:12:85:2c:ac:54:44:06:b6:18:37:01:3a:94:39:3f:10:
37:5e:6b:d2:09:9f:21:6c:6e:38:2f:82:d9:c8:53:76:7f:07:
ee:f6:ab:2c
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZQjaeSnf5hqOydppqQEuWIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmIzNjJlNDA5MWQwODc1ZjcyYzUzM2EyNGY5YWQ4ZTRkZTIxYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEu9qHaB9s2StN4YQA7n9sIRmDpd
rzUCtxRB7TlGpVHNQYzotgVszKA2AZUQ29WWUjDI72RM08JyLkXs2Gju9u0ClJL/
7RoGg+4QmWEM8/DNa/+Bdcpryl5VFAY3ZjSKgfdiIC54syPe0Yx8C9xnqwyy3Ly/
nRewkHychjhe4nLtQwH8vZ75eMLH+4p/YZ82gAkf4eBaIck4yQTySyorJjZN3WSc
MC7j+ZmdEdTJeqMoraUv8nazoEtwPRcz5ZigPvM6/rzN+wUvltoc8VxbJzRqaORW
HD3jfy5+0R4hbExgElFEpkCAzXZ7g9S82LXhh/hfs6wXV02J8/vfu4036wIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFEKzYuQJHQh19yxTOiT5rY5N4hsQMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvUXJOaTVBa2RDSFgzTEZNNkpQbXRqazNpR3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBnBAIAATBhAwQCLgOgAwQA
LgPNAwQCLgPYAwQALgPeAwQALgP4AwQALgP7MAsDBAAuA/0DAwIuAAMEAJV+4jAM
AwQAlX7lAwQAlX7mMAwDBACVfvMDBAGVfvQwDAMEAJV+9wMEAJV++jANBgkqhkiG
9w0BAQsFAAOCAQEAXeE2IU5J3uC3XYNlB7CIXYGrayURRmbAdi/1NH8XQPcjcNlQ
VgIena0lAnMfqbKhK85nXdVdMBXeLS+wtxRpwvdwKuylHYSDDm/P3l6MzmYr+ejH
38nhysPfKBi1BhjD4QrtVYlYVn43D9mHpsuuFfn7TLpajMTClqVa7JehgWWESKtE
UOtXAhEgfLeauKMLaOjHmRsWNQeCiHP8y/5JkdgCoqCfeNlYmz97dxZ3MCA+Zsv5
ZWEGahur2wzdAqOfJ2wMzMiGLTbPOV9X7AQnCn1zebqxd2+A3pMShSysVEQGthg3
ATqUOT8QN15r0gmfIWxuOC+C2chTdn8H7varLA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:39 2025 by rpki-client