Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/jQsHaj5ydFI2fziM46K4sV8khMM.roa
File: jQsHaj5ydFI2fziM46K4sV8khMM.roa (raw, json)
Hash identifier: /VZu49ELcVRt0AgBq70u1HUIw5xDpnWHzAN7Dc2pulg=
Subject key identifier: 8D:0B:07:6A:3E:72:74:52:36:7F:38:8C:E3:A2:B8:B1:5F:24:84:C3
Certificate issuer: /CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Certificate serial: 019425FD772377498A0FF4E489B34BE53BE6
Authority key identifier: B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/jQsHaj5ydFI2fziM46K4sV8khMM.roa
Signing time: Thu 02 Jan 2025 07:49:15 +0000
ROA not before: Thu 02 Jan 2025 07:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41858
IP address blocks: 89.40.148.0/22 maxlen: 22
185.21.92.0/22 maxlen: 22
193.34.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:77:23:77:49:8a:0f:f4:e4:89:b3:4b:e5:3b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Validity
Not Before: Jan 2 07:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d0b076a3e727452367f388ce3a2b8b15f2484c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:08:8a:01:db:97:93:7e:32:db:bd:7a:68:0c:
37:e6:e5:69:88:d6:c9:5e:b7:54:4f:fe:d6:7b:cc:
3c:11:d7:e5:8d:7b:d1:e7:02:7e:b7:3f:e6:b7:1e:
6b:58:79:7b:53:73:55:52:38:be:98:71:bc:3d:d0:
82:62:af:56:59:a8:25:36:44:81:06:38:da:13:76:
3a:b6:7e:68:58:22:c9:59:8a:00:18:7c:51:8d:39:
1a:ac:34:c3:87:48:b6:b8:57:8a:b4:5e:6d:35:b4:
a2:0e:f9:14:ac:29:3f:4c:10:cc:71:8e:bd:45:4c:
1c:fe:13:03:c7:95:6a:95:95:8d:95:fd:45:b9:1d:
10:4a:0a:77:d7:92:10:1d:ad:53:89:f6:16:76:e8:
c9:bd:b9:e5:34:1b:e4:26:b6:ca:93:db:53:f0:36:
b7:c6:5b:0f:a5:9e:f3:17:a1:e7:43:43:63:76:cb:
63:1d:3f:34:73:61:9e:27:7f:53:5e:90:d4:16:47:
36:c5:27:25:91:d4:e0:6b:a9:39:2c:f5:11:df:71:
74:17:af:4a:46:e2:20:5f:b2:e8:06:d6:ff:20:c1:
d8:47:7b:b7:54:15:b5:59:b4:a5:9d:1b:1b:45:7e:
22:72:38:6e:b1:e5:00:d4:d7:af:c7:e3:93:dc:aa:
49:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0B:07:6A:3E:72:74:52:36:7F:38:8C:E3:A2:B8:B1:5F:24:84:C3
X509v3 Authority Key Identifier:
keyid:B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/jQsHaj5ydFI2fziM46K4sV8khMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.148.0/22
185.21.92.0/22
193.34.182.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:c6:83:ec:01:da:08:46:90:16:28:92:0a:0b:37:42:0c:c4:
a7:ce:25:46:f7:68:83:69:f8:b2:a1:86:85:46:bc:a1:06:22:
8e:6c:97:bc:3a:5e:2e:54:81:3e:76:da:f5:d6:1a:6f:5d:c6:
65:da:12:b6:3d:15:a1:31:79:92:37:ac:0b:9a:8f:30:e5:3c:
cd:65:af:df:42:2a:45:44:7c:6a:a1:95:4a:af:46:46:a1:90:
c8:f5:ee:3d:34:9c:a2:8b:fa:ad:a3:56:c9:79:2c:33:20:93:
a3:1c:23:7c:62:0d:c7:c5:c3:c6:39:91:3f:61:45:3b:e7:a8:
f2:0d:ab:bd:93:dc:8a:4c:db:48:3f:e7:db:f8:4e:8f:bf:d8:
68:cf:e9:2a:45:34:5a:a5:61:81:03:a5:e4:ce:ea:b5:80:55:
7c:5c:5b:86:f1:fe:86:fe:9f:0b:e5:77:0f:62:75:3a:83:91:
58:10:93:72:30:f3:23:94:96:73:ea:dd:a3:22:2f:bd:53:0b:
5b:56:e1:c6:f0:d6:10:cb:82:f9:8f:c1:59:08:be:12:67:9a:
89:8a:87:5f:7c:f0:bb:4b:4f:a4:41:ad:5b:4c:a5:6b:66:39:
68:3d:52:0e:ea:e1:72:0b:5e:36:53:7d:23:0a:26:c2:78:5c:
95:b9:c6:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/Xcjd0mKD/TkibNL5TvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDE0Y2UxOGE4ZjFkMDVhNmEzNTM5MGFmNGFlYzhjZTZj
YzU2ZWMwHhcNMjUwMTAyMDc0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBiMDc2YTNlNzI3NDUyMzY3ZjM4OGNlM2EyYjhiMTVmMjQ4NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+QiKAduXk34y2716aAw35uVpiNbJ
XrdUT/7We8w8EdfljXvR5wJ+tz/mtx5rWHl7U3NVUji+mHG8PdCCYq9WWaglNkSB
BjjaE3Y6tn5oWCLJWYoAGHxRjTkarDTDh0i2uFeKtF5tNbSiDvkUrCk/TBDMcY69
RUwc/hMDx5VqlZWNlf1FuR0QSgp315IQHa1TifYWdujJvbnlNBvkJrbKk9tT8Da3
xlsPpZ7zF6HnQ0NjdstjHT80c2GeJ39TXpDUFkc2xSclkdTga6k5LPUR33F0F69K
RuIgX7LoBtb/IMHYR3u3VBW1WbSlnRsbRX4icjhuseUA1Nevx+OT3KpJfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI0LB2o+cnRSNn84jOOiuLFfJITDMB8GA1UdIwQY
MBaAFLPRTOGKjx0FpqNTkK9K7IzmzFbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEt
NTJjNjk5ZDM4NmNkLzEvalFzSGFqNXlkRkkyZnppTTQ2SzRzVjhraE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEtNTJjNjk5ZDM4NmNk
LzEvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSiUAwQC
uRVcAwQBwSK2MA0GCSqGSIb3DQEBCwUAA4IBAQDAxoPsAdoIRpAWKJIKCzdCDMSn
ziVG92iDafiyoYaFRryhBiKObJe8Ol4uVIE+dtr11hpvXcZl2hK2PRWhMXmSN6wL
mo8w5TzNZa/fQipFRHxqoZVKr0ZGoZDI9e49NJyii/qto1bJeSwzIJOjHCN8Yg3H
xcPGOZE/YUU756jyDau9k9yKTNtIP+fb+E6Pv9hoz+kqRTRapWGBA6Xkzuq1gFV8
XFuG8f6G/p8L5XcPYnU6g5FYEJNyMPMjlJZz6t2jIi+9UwtbVuHG8NYQy4L5j8FZ
CL4SZ5qJiodffPC7S0+kQa1bTKVrZjloPVIO6uFyC142U30jCibCeFyVucb0
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:37:46 2025 by rpki-client