Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/QYMBoTP839ez6fMKYJDIpy0Y8cs.roa
File: QYMBoTP839ez6fMKYJDIpy0Y8cs.roa (raw, json)
Hash identifier: dcm0OYfvcaGkXdf87oK+gQ2QoJurOOn6byziNndBdkg=
Subject key identifier: 41:83:01:A1:33:FC:DF:D7:B3:E9:F3:0A:60:90:C8:A7:2D:18:F1:CB
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 019421B24E18270398AB787F9C2242B5DC63
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/QYMBoTP839ez6fMKYJDIpy0Y8cs.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151872
IP address blocks: 178.248.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4e:18:27:03:98:ab:78:7f:9c:22:42:b5:dc:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=418301a133fcdfd7b3e9f30a6090c8a72d18f1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7a:0d:5f:1c:f6:84:c8:12:2f:73:e4:72:26:
a3:ba:3c:5d:ae:f5:ed:31:ea:fd:44:27:45:ca:c8:
da:a4:2d:53:49:01:dd:27:56:95:5f:c2:2b:49:79:
58:7e:bb:e5:c9:e7:91:27:d9:25:e4:c0:cb:27:43:
8e:f2:48:ee:1b:09:82:fd:77:db:5e:54:ca:b5:f5:
20:3c:a4:81:db:5a:fa:3e:78:bc:fb:cb:60:4c:fd:
06:29:65:7b:a7:8a:c9:24:d1:18:7a:3d:df:78:4d:
09:15:4d:0b:6e:1e:0c:19:c2:e0:a3:de:3d:46:ce:
ba:b4:b3:eb:1c:f2:f3:28:bb:11:c8:e0:76:55:eb:
64:85:5e:1c:97:fd:9d:a3:b4:67:97:bc:02:c7:70:
b9:53:a3:c4:4a:3d:f6:1e:82:eb:e7:a0:cb:2e:a1:
67:90:ca:a6:6f:42:12:45:08:1d:21:e0:22:b1:2c:
0f:95:03:ee:4c:c0:0a:3e:0b:48:cc:a3:60:a6:cb:
bf:7c:b3:59:02:3a:f0:48:88:b4:7e:ee:23:bd:e0:
ad:2e:5d:20:f3:e7:62:fd:d1:7e:55:91:91:4a:02:
a5:d0:40:fb:22:45:95:a7:d4:2c:81:5c:21:07:1e:
9f:f1:d5:78:07:91:63:a4:8a:be:6f:e5:f3:65:86:
a2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:83:01:A1:33:FC:DF:D7:B3:E9:F3:0A:60:90:C8:A7:2D:18:F1:CB
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/QYMBoTP839ez6fMKYJDIpy0Y8cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.72.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e2:32:9e:b2:9d:f5:31:2d:23:97:fe:c7:eb:63:73:c8:f8:
e0:4a:6a:56:6e:06:7d:21:27:eb:94:d2:02:d6:14:78:ec:f9:
09:85:48:b4:3a:9c:fa:76:10:69:30:f4:b0:51:9a:49:0c:7c:
ec:0c:a7:23:13:1a:cb:95:a0:65:e4:d3:3a:3b:da:cb:3d:f9:
b2:08:c3:2f:58:ff:89:c6:b2:0a:c2:ff:54:a0:9d:10:95:8e:
da:f4:a0:48:3f:3c:ae:37:da:fa:d2:82:db:5e:3b:cb:f7:09:
6b:c5:96:21:dc:3f:44:8e:4a:e8:bd:7b:b9:e7:18:3f:8f:44:
b7:9a:be:1e:a0:20:57:49:ec:ef:d1:1f:45:00:ce:c6:63:0e:
ea:9b:97:ed:89:99:08:28:be:f3:a3:34:71:b1:29:c0:53:12:
a5:f3:63:03:b5:56:3e:a5:16:b0:8d:00:2d:94:51:bd:3e:d0:
ed:3b:da:be:59:92:9a:3d:85:b4:4a:b9:1b:97:73:05:13:68:
f5:55:d7:26:84:91:79:25:39:c9:95:d5:98:0a:83:ef:d2:4a:
4e:e9:c5:91:d6:5f:cc:dd:9f:cd:ea:72:98:62:02:fe:78:cd:
ed:d6:f2:1e:e7:8f:96:57:01:66:66:8e:6e:af:aa:d7:37:79:
5a:87:86:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsk4YJwOYq3h/nCJCtdxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgzMDFhMTMzZmNkZmQ3YjNlOWYzMGE2MDkwYzhhNzJkMThmMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5noNXxz2hMgSL3PkciajujxdrvXt
Mer9RCdFysjapC1TSQHdJ1aVX8IrSXlYfrvlyeeRJ9kl5MDLJ0OO8kjuGwmC/Xfb
XlTKtfUgPKSB21r6Pni8+8tgTP0GKWV7p4rJJNEYej3feE0JFU0Lbh4MGcLgo949
Rs66tLPrHPLzKLsRyOB2VetkhV4cl/2do7Rnl7wCx3C5U6PESj32HoLr56DLLqFn
kMqmb0ISRQgdIeAisSwPlQPuTMAKPgtIzKNgpsu/fLNZAjrwSIi0fu4jveCtLl0g
8+di/dF+VZGRSgKl0ED7IkWVp9QsgVwhBx6f8dV4B5FjpIq+b+XzZYai6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGDAaEz/N/Xs+nzCmCQyKctGPHLMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvUVlNQm9UUDgzOWV6NmZNS1lKRElweTBZOGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvhIMA0G
CSqGSIb3DQEBCwUAA4IBAQAd4jKesp31MS0jl/7H62NzyPjgSmpWbgZ9ISfrlNIC
1hR47PkJhUi0Opz6dhBpMPSwUZpJDHzsDKcjExrLlaBl5NM6O9rLPfmyCMMvWP+J
xrIKwv9UoJ0QlY7a9KBIPzyuN9r60oLbXjvL9wlrxZYh3D9EjkrovXu55xg/j0S3
mr4eoCBXSezv0R9FAM7GYw7qm5ftiZkIKL7zozRxsSnAUxKl82MDtVY+pRawjQAt
lFG9PtDtO9q+WZKaPYW0Srkbl3MFE2j1VdcmhJF5JTnJldWYCoPv0kpO6cWR1l/M
3Z/N6nKYYgL+eM3t1vIe54+WVwFmZo5ur6rXN3lah4Z2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:05 2025 by rpki-client