Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QeLCQz5ltknVbVTGTldbrVi-NbM.roa
File: QeLCQz5ltknVbVTGTldbrVi-NbM.roa (raw, json)
Hash identifier: wkixh+DBU/3SlsLQS/gd3BElVnwUJS5bjseACrXuj4E=
Subject key identifier: 41:E2:C2:43:3E:65:B6:49:D5:6D:54:C6:4E:57:5B:AD:58:BE:35:B3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01942220086A37598242C1C82E1BDE9BF665
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QeLCQz5ltknVbVTGTldbrVi-NbM.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197549
IP address blocks: 85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.249.218.0/23 maxlen: 32
94.249.222.0/23 maxlen: 32
217.69.175.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:08:6a:37:59:82:42:c1:c8:2e:1b:de:9b:f6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e2c2433e65b649d56d54c64e575bad58be35b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:49:67:3c:39:08:86:90:f0:b9:36:12:96:
66:cf:9e:bb:18:1c:6e:88:5d:26:57:88:51:a1:a9:
77:78:f4:3f:64:0f:5c:ac:d2:6b:bd:55:2c:3a:0b:
7b:6e:9c:5e:17:89:30:e6:bf:f4:48:bc:86:51:e5:
d5:7a:ac:6c:0d:fd:4b:c2:25:39:e1:4c:76:75:77:
a4:3e:40:06:1c:f5:2a:bb:a3:a8:dc:52:5a:c8:92:
94:3d:24:b0:bd:64:2c:dc:4a:ca:0f:ef:3f:b6:e6:
9a:4b:31:19:81:01:7f:ce:3c:34:71:98:75:cb:d7:
f5:1b:af:0a:ec:86:06:7b:67:38:38:0c:f9:7d:f7:
e5:aa:ee:c5:b9:39:22:82:d3:1f:c1:24:a3:87:41:
78:f0:b6:18:9d:8b:0b:86:9d:42:75:fd:98:a4:47:
7c:3d:78:dd:f0:87:85:88:d3:57:5a:68:33:7c:76:
20:96:80:5e:5a:e1:a4:c3:01:09:11:92:5a:96:68:
d6:a5:7d:d9:57:da:d9:f5:3b:7f:d3:4b:38:f1:e9:
fb:7f:6a:cb:d4:41:73:f4:20:1d:69:77:1e:8b:01:
5b:4e:b9:c3:5b:1e:ff:e5:c0:47:86:ab:f0:92:17:
46:a8:62:da:02:e4:cb:20:74:91:9d:aa:8c:ec:df:
82:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E2:C2:43:3E:65:B6:49:D5:6D:54:C6:4E:57:5B:AD:58:BE:35:B3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QeLCQz5ltknVbVTGTldbrVi-NbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.93.0.0/19
89.106.64.0/19
89.144.0.0/18
94.249.218.0/23
94.249.222.0/23
217.69.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:53:7d:cd:41:43:9d:c9:dd:ab:b0:bc:17:94:9e:8d:c3:9a:
65:dc:7d:2e:5b:f8:60:91:32:90:21:f0:d1:7e:d9:75:57:f4:
65:e6:33:79:1e:a5:ab:e5:36:c0:84:c2:4c:26:9f:96:e0:3d:
c6:7d:76:99:6f:3c:64:86:42:25:6b:c9:6f:bc:d9:ba:aa:b2:
b3:6d:a4:5c:d5:d6:c1:5c:24:d3:0f:0b:57:11:b2:53:6f:71:
2b:ad:d4:e8:1d:df:30:02:96:70:26:d3:fd:20:73:86:4a:46:
9c:ab:02:a0:2a:2f:b6:1f:86:83:ef:32:f5:6b:ab:b3:09:90:
b8:43:a0:ec:65:78:ac:73:3e:16:5b:23:ac:db:1c:fc:3e:d3:
02:43:75:a0:72:63:f5:f4:aa:df:d7:1f:06:8b:3f:d9:3a:69:
c1:b5:2c:9d:80:d3:51:b1:aa:a7:c1:d6:bf:bd:a0:34:62:34:
4d:db:02:69:ae:9d:21:86:78:37:cb:59:37:4f:12:6a:bd:06:
22:b9:dd:d8:11:2b:98:01:9e:2d:6b:eb:e5:ca:96:42:e1:61:
e8:3d:2b:2e:30:15:8c:ab:cc:46:f3:42:c0:44:e0:eb:92:d9:
7b:7a:f0:3a:8f:e6:c6:cd:15:c6:bd:68:31:0c:99:7f:3a:d4:
10:d4:4f:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiIAhqN1mCQsHILhvem/ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUyYzI0MzNlNjViNjQ5ZDU2ZDU0YzY0ZTU3NWJhZDU4YmUzNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/hJZzw5CIaQ8Lk2EpZmz567GBxu
iF0mV4hRoal3ePQ/ZA9crNJrvVUsOgt7bpxeF4kw5r/0SLyGUeXVeqxsDf1LwiU5
4Ux2dXekPkAGHPUqu6Oo3FJayJKUPSSwvWQs3ErKD+8/tuaaSzEZgQF/zjw0cZh1
y9f1G68K7IYGe2c4OAz5ffflqu7FuTkigtMfwSSjh0F48LYYnYsLhp1Cdf2YpEd8
PXjd8IeFiNNXWmgzfHYgloBeWuGkwwEJEZJalmjWpX3ZV9rZ9Tt/00s48en7f2rL
1EFz9CAdaXceiwFbTrnDWx7/5cBHhqvwkhdGqGLaAuTLIHSRnaqM7N+CmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEHiwkM+ZbZJ1W1Uxk5XW61YvjWzMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUWVMQ1F6NWx0a25WYlZUR1RsZGJyVmktTmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFVV0AAwQF
WWpAAwQGWZAAAwQBXvnaAwQBXvneAwQA2UWvMA0GCSqGSIb3DQEBCwUAA4IBAQAN
U33NQUOdyd2rsLwXlJ6Nw5pl3H0uW/hgkTKQIfDRftl1V/Rl5jN5HqWr5TbAhMJM
Jp+W4D3GfXaZbzxkhkIla8lvvNm6qrKzbaRc1dbBXCTTDwtXEbJTb3ErrdToHd8w
ApZwJtP9IHOGSkacqwKgKi+2H4aD7zL1a6uzCZC4Q6DsZXiscz4WWyOs2xz8PtMC
Q3WgcmP19Krf1x8Giz/ZOmnBtSydgNNRsaqnwda/vaA0YjRN2wJprp0hhng3y1k3
TxJqvQYiud3YESuYAZ4ta+vlypZC4WHoPSsuMBWMq8xG80LARODrktl7evA6j+bG
zRXGvWgxDJl/OtQQ1E8c
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:16:06 2025 by rpki-client