Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/Quv2K6GGMi_wGt8z_xDeLg-RNDY.roa
File: Quv2K6GGMi_wGt8z_xDeLg-RNDY.roa (raw, json)
Hash identifier: NjCSit0LutWe30TUrlD/sxI8xtn0X1mfUieW3QyqkZk=
Subject key identifier: 42:EB:F6:2B:A1:86:32:2F:F0:1A:DF:33:FF:10:DE:2E:0F:91:34:36
Certificate issuer: /CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Certificate serial: 018857D2FAEDBAC659EE467106F51610AA91
Authority key identifier: A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/Quv2K6GGMi_wGt8z_xDeLg-RNDY.roa
Signing time: Fri 26 May 2023 11:30:24 +0000
ROA not before: Fri 26 May 2023 11:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51059
IP address blocks: 185.2.206.0/24 maxlen: 24
185.2.204.0/24 maxlen: 24
185.2.205.0/24 maxlen: 24
185.2.207.0/24 maxlen: 24
37.230.48.0/20 maxlen: 20
5.83.192.0/19 maxlen: 19
77.75.192.0/21 maxlen: 21
109.107.32.0/19 maxlen: 19
37.1.224.0/21 maxlen: 21
2a02:1348::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:d2:fa:ed:ba:c6:59:ee:46:71:06:f5:16:10:aa:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Validity
Not Before: May 26 11:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42ebf62ba186322ff01adf33ff10de2e0f913436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6b:8b:56:be:3b:11:1d:dd:65:43:d7:a6:0d:
a3:53:cd:c2:bb:83:34:f8:69:7d:50:da:f3:22:96:
50:27:6d:dd:88:9f:76:ab:af:ee:9e:c4:49:7b:0c:
f6:5b:d7:13:60:61:4f:2e:16:75:2d:fa:ac:c1:8e:
79:d1:52:16:3d:b9:e6:00:f4:85:07:66:a8:2f:e7:
cf:40:51:e8:77:9e:65:3b:6c:a2:a1:0a:42:77:72:
0e:02:2f:be:74:d3:2d:1e:8e:c5:1c:f4:0f:80:bf:
19:e3:24:3e:f2:b5:bc:7b:72:86:2f:2f:d8:eb:d1:
c2:13:31:50:40:7f:ed:20:c8:61:0f:93:0d:9b:78:
b8:95:7c:6a:96:0d:b5:fb:11:1e:4b:a5:a9:e5:f1:
bd:27:39:bb:b2:e6:30:64:9c:22:29:b1:14:1f:7d:
12:71:a8:b6:89:7b:9b:91:ad:ef:fc:03:31:30:ca:
28:18:f7:65:96:6f:ad:e2:6d:91:da:44:ca:87:38:
61:57:4e:0e:39:73:98:86:58:a8:aa:4f:30:2a:9b:
d9:8f:8b:a8:9a:80:72:3d:14:25:55:ce:07:eb:64:
62:cd:74:98:ee:ed:b0:b9:bf:72:12:d6:68:f3:bb:
8c:e5:e5:d4:cc:ec:34:18:4d:82:23:50:9d:bb:d9:
c2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:EB:F6:2B:A1:86:32:2F:F0:1A:DF:33:FF:10:DE:2E:0F:91:34:36
X509v3 Authority Key Identifier:
keyid:A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/Quv2K6GGMi_wGt8z_xDeLg-RNDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/qE4-G-zzC0SkaYFf0PjAacVi-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.192.0/19
37.1.224.0/21
37.230.48.0/20
77.75.192.0/21
109.107.32.0/19
185.2.204.0/22
IPv6:
2a02:1348::/32
Signature Algorithm: sha256WithRSAEncryption
61:54:f9:23:31:61:7b:e8:0a:9e:18:57:cb:5c:5f:12:15:5c:
80:45:01:f3:18:72:b4:80:37:31:b2:4b:f0:66:27:e8:9a:8d:
90:35:4f:74:97:db:a3:92:19:ce:b9:58:1b:9f:94:2a:84:54:
78:88:dc:1c:60:4f:f0:7a:78:69:4d:ab:da:e3:6c:09:c4:4e:
fd:6d:00:fb:e7:24:0e:b8:dc:55:45:3a:d0:78:ce:1b:bb:51:
63:a7:1a:64:50:05:b2:a1:09:a9:49:87:9b:78:bb:5f:ea:5f:
f0:fd:87:49:ee:e4:3f:7f:4c:f5:55:78:8b:c0:c5:be:f8:8c:
1e:98:98:c3:4e:ff:5b:e2:83:b6:a1:fa:e8:cf:a1:da:51:ad:
52:6c:a5:ad:fe:b5:35:04:5c:e2:10:6a:47:7c:9a:e0:7d:6e:
e5:4d:65:a9:60:b1:bc:0b:e4:07:15:2b:aa:da:c3:7e:e1:6e:
4b:34:33:5f:9a:d7:98:c0:1d:21:76:74:60:c5:9d:55:86:e0:
39:94:06:e4:b7:1f:46:89:64:13:cc:93:da:47:90:83:6f:e2:
36:90:1e:89:a1:10:7c:bc:4f:df:12:86:d5:75:25:2e:4a:65:
19:ed:87:6e:97:a7:3f:25:e0:c5:a1:ce:96:a9:38:af:78:27:
1d:84:cf:80
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYhX0vrtusZZ7kZxBvUWEKqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NGUzZTFiZWNmMzBiNDRhNDY5ODE1ZmQwZjhjMDY5YzU2
MmY5OTYwHhcNMjMwNTI2MTEzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmViZjYyYmExODYzMjJmZjAxYWRmMzNmZjEwZGUyZTBmOTEzNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2uLVr47ER3dZUPXpg2jU83Cu4M0
+Gl9UNrzIpZQJ23diJ92q6/unsRJewz2W9cTYGFPLhZ1LfqswY550VIWPbnmAPSF
B2aoL+fPQFHod55lO2yioQpCd3IOAi++dNMtHo7FHPQPgL8Z4yQ+8rW8e3KGLy/Y
69HCEzFQQH/tIMhhD5MNm3i4lXxqlg21+xEeS6Wp5fG9Jzm7suYwZJwiKbEUH30S
cai2iXubka3v/AMxMMooGPdllm+t4m2R2kTKhzhhV04OOXOYhlioqk8wKpvZj4uo
moByPRQlVc4H62RizXSY7u2wub9yEtZo87uM5eXUzOw0GE2CI1Cdu9nCzwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFELr9iuhhjIv8BrfM/8Q3i4PkTQ2MB8GA1UdIwQY
MBaAFKhOPhvs8wtEpGmBX9D4wGnFYvmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYt
Y2M0ZmU2MzIzZmVjLzEvUXV2Mks2R0dNaV93R3Q4el94RGVMZy1STkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYtY2M0ZmU2MzIzZmVj
LzEvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFBVPAAwQD
JQHgAwQEJeYwAwQDTUvAAwQFbWsgAwQCuQLMMA0EAgACMAcDBQAqAhNIMA0GCSqG
SIb3DQEBCwUAA4IBAQBhVPkjMWF76AqeGFfLXF8SFVyARQHzGHK0gDcxskvwZifo
mo2QNU90l9ujkhnOuVgbn5QqhFR4iNwcYE/wenhpTava42wJxE79bQD75yQOuNxV
RTrQeM4bu1FjpxpkUAWyoQmpSYebeLtf6l/w/YdJ7uQ/f0z1VXiLwMW++IwemJjD
Tv9b4oO2ofroz6HaUa1SbKWt/rU1BFziEGpHfJrgfW7lTWWpYLG8C+QHFSuq2sN+
4W5LNDNfmteYwB0hdnRgxZ1VhuA5lAbktx9GiWQTzJPaR5CDb+I2kB6JoRB8vE/f
EobVdSUuSmUZ7Ydul6c/JeDFoc6WqTiveCcdhM+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org