Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/QwSiPMgCrnV_t6yAUHlhkg3u_jM.roa
File: QwSiPMgCrnV_t6yAUHlhkg3u_jM.roa (raw, json)
Hash identifier: hYyVlbmE/pf2k4j7NJjebHsv7m2YlTW7LKuiiP6VfuQ=
Subject key identifier: 43:04:A2:3C:C8:02:AE:75:7F:B7:AC:80:50:79:61:92:0D:EE:FE:33
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 0194CAF11C54B3A5BAD4A27FF2B2E83C4748
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/QwSiPMgCrnV_t6yAUHlhkg3u_jM.roa
Signing time: Mon 03 Feb 2025 08:33:06 +0000
ROA not before: Mon 03 Feb 2025 08:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49028
IP address blocks: 2.59.188.0/22 maxlen: 22
45.151.8.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
193.203.52.0/22 maxlen: 22
2a09:f7c0::/29 maxlen: 29
2a0c:2dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:f1:1c:54:b3:a5:ba:d4:a2:7f:f2:b2:e8:3c:47:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Feb 3 08:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4304a23cc802ae757fb7ac80507961920deefe33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:9d:f4:2f:a1:34:3f:10:85:0b:9d:35:f9:
88:57:00:0d:99:1e:ef:f5:1d:65:9a:ea:a9:bb:d5:
af:cf:c4:3a:3c:c0:cf:f7:06:1d:1b:fe:26:b8:21:
26:3d:06:ce:f4:39:72:e1:7d:2f:be:37:f7:dd:35:
be:51:a4:a8:9c:2e:71:cd:b0:66:80:92:92:a8:18:
49:4c:0a:af:7c:1b:db:f9:80:71:7c:3b:51:3c:e1:
7c:bc:ae:04:a6:b6:3d:3c:e9:4d:50:a6:67:88:5b:
09:88:08:e2:2d:48:5e:9d:5d:2d:a2:14:87:da:2b:
13:54:1d:d0:c4:96:7a:c0:a8:04:be:3d:12:9d:74:
52:5f:be:f4:0b:4c:6a:b5:6d:39:44:f0:7e:da:ec:
60:d9:85:15:2c:30:cb:54:72:aa:a4:67:a0:b2:0c:
d0:2e:c4:f7:bc:bd:80:4a:7e:4f:62:9d:18:c2:e3:
7d:30:29:50:30:2c:58:82:77:64:d2:a0:0f:70:03:
cb:a4:6b:58:66:76:46:cd:5b:6a:27:d2:6f:96:50:
39:51:c9:44:3a:ce:a0:a4:f9:0d:8e:bd:72:94:a9:
e5:dc:74:a7:21:02:25:a2:c0:9b:5b:87:9a:fa:93:
4b:36:bb:ee:de:c2:ff:e5:c9:78:9f:97:cc:d4:ac:
f4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:04:A2:3C:C8:02:AE:75:7F:B7:AC:80:50:79:61:92:0D:EE:FE:33
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/QwSiPMgCrnV_t6yAUHlhkg3u_jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.8.0/22
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:af:92:f1:3b:a4:5d:e2:a3:a6:62:1d:8b:b9:24:b3:1e:e7:
da:c4:44:35:e7:62:b9:b1:03:3a:e8:25:cd:d3:f4:ec:cf:9a:
fc:aa:e9:72:0b:c8:39:32:11:de:73:1f:9f:d0:6d:2f:81:85:
5b:6c:ab:c9:52:d5:e2:d6:ad:47:eb:20:41:27:b5:5d:ee:5e:
0a:60:bf:01:b4:f6:bc:ac:ce:21:f3:81:36:b2:4a:89:f8:cd:
0a:ea:59:24:5a:6e:71:96:c7:9e:fa:77:c1:13:7c:2e:ac:29:
63:ec:fb:b6:65:a4:56:1a:99:4d:2c:b3:57:b3:38:f1:40:ee:
94:63:a6:2d:0b:86:68:b2:e0:5f:8e:10:03:0e:d8:06:11:e9:
03:5a:a5:ec:88:16:01:c3:8f:9d:0b:1b:f4:a3:eb:76:0f:ba:
50:c9:4a:2c:4c:b3:ec:c5:5c:28:81:50:c7:25:99:2d:d2:3c:
b5:8e:db:5a:fc:9b:9d:c2:89:b3:67:3f:c4:3b:fc:aa:12:ee:
3f:92:2c:01:a3:e9:cc:7a:69:e2:53:c1:38:b8:3d:f8:b5:8a:
5c:12:91:2f:49:ce:ca:fa:c6:d7:aa:18:1d:20:6f:4f:69:06:
40:73:9d:f1:6f:7b:32:32:eb:8f:d7:d4:20:d2:36:fa:4f:fa:
4f:f1:2c:0d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZTK8RxUs6W61KJ/8rLoPEdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjUwMjAzMDgzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA0YTIzY2M4MDJhZTc1N2ZiN2FjODA1MDc5NjE5MjBkZWVmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxCd9C+hND8QhQudNfmIVwANmR7v
9R1lmuqpu9Wvz8Q6PMDP9wYdG/4muCEmPQbO9Dly4X0vvjf33TW+UaSonC5xzbBm
gJKSqBhJTAqvfBvb+YBxfDtRPOF8vK4EprY9POlNUKZniFsJiAjiLUhenV0tohSH
2isTVB3QxJZ6wKgEvj0SnXRSX770C0xqtW05RPB+2uxg2YUVLDDLVHKqpGegsgzQ
LsT3vL2ASn5PYp0YwuN9MClQMCxYgndk0qAPcAPLpGtYZnZGzVtqJ9JvllA5UclE
Os6gpPkNjr1ylKnl3HSnIQIlosCbW4ea+pNLNrvu3sL/5cl4n5fM1Kz0OwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEMEojzIAq51f7esgFB5YZIN7v4zMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvUXdTaVBNZ0NyblZfdDZ5QVVIbGhrZzN1X2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCAju8AwQC
LZcIAwQCufzsAwQCwcs0MBQEAgACMA4DBQMqCffAAwUDKgwtwDANBgkqhkiG9w0B
AQsFAAOCAQEAba+S8TukXeKjpmIdi7kksx7n2sRENediubEDOuglzdP07M+a/Krp
cgvIOTIR3nMfn9BtL4GFW2yryVLV4tatR+sgQSe1Xe5eCmC/AbT2vKzOIfOBNrJK
ifjNCupZJFpucZbHnvp3wRN8LqwpY+z7tmWkVhqZTSyzV7M48UDulGOmLQuGaLLg
X44QAw7YBhHpA1ql7IgWAcOPnQsb9KPrdg+6UMlKLEyz7MVcKIFQxyWZLdI8tY7b
WvybncKJs2c/xDv8qhLuP5IsAaPpzHpp4lPBOLg9+LWKXBKRL0nOyvrG16oYHSBv
T2kGQHOd8W97MjLrj9fUINI2+k/6T/EsDQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:01:10 2025 by rpki-client