Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/QG26uYioHVmhp2a5DlzMfuEJFvQ.roa
File: QG26uYioHVmhp2a5DlzMfuEJFvQ.roa (raw, json)
Hash identifier: QYW9l61NzSQ8p9p0VXIlshNNkTFPqxE5hMNyzeqT5Xw=
Subject key identifier: 40:6D:BA:B9:88:A8:1D:59:A1:A7:66:B9:0E:5C:CC:7E:E1:09:16:F4
Certificate issuer: /CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Certificate serial: 01941F8BFF8EF43BA68D522B41AF5F531853
Authority key identifier: 2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/QG26uYioHVmhp2a5DlzMfuEJFvQ.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39093
IP address blocks: 45.158.144.0/22 maxlen: 22
88.81.96.0/19 maxlen: 19
185.46.252.0/22 maxlen: 22
2a02:3d8::/32 maxlen: 32
2a0f:6380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:ff:8e:f4:3b:a6:8d:52:2b:41:af:5f:53:18:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=406dbab988a81d59a1a766b90e5ccc7ee10916f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:97:ec:e0:25:a3:5c:69:a3:81:cc:c4:f1:62:
3a:fe:16:0e:24:fb:00:a6:b4:00:83:55:0d:02:ad:
73:f9:ba:28:72:da:e7:db:97:90:ac:53:f4:59:9c:
0e:ba:1d:47:1c:38:c1:d7:ab:86:59:7a:e8:9a:8c:
22:1a:d4:f0:c1:c2:5e:ab:25:73:7a:08:ce:66:66:
56:9e:de:11:10:ce:bf:e9:8f:20:a6:73:2b:51:46:
7a:dd:45:8d:84:2e:39:bb:15:5c:31:2e:70:fc:2e:
23:f4:06:12:78:5a:6f:59:14:7a:23:4f:cf:20:7e:
17:b1:f7:ec:6c:8a:a9:23:c9:f0:60:78:51:05:8c:
c7:0c:f6:b0:32:a2:cc:a5:c2:a2:8c:dd:cf:a3:24:
00:f6:fa:8f:e3:ac:08:2f:14:db:df:bf:64:b0:2a:
c7:ea:9f:ec:e5:2b:23:e2:70:e2:62:6e:1f:97:d9:
95:ab:94:53:05:21:65:9c:ed:60:ac:c0:3e:21:b4:
a0:34:3a:ea:5b:98:e8:5e:c9:2b:2b:ce:4c:b9:35:
7a:5f:c1:8c:1b:3e:43:b8:47:46:63:2b:27:33:e5:
09:61:16:ce:87:69:15:67:fa:d3:2f:ae:62:d1:63:
64:64:de:48:ed:97:a9:83:45:a8:2d:ef:0c:7f:02:
28:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:BA:B9:88:A8:1D:59:A1:A7:66:B9:0E:5C:CC:7E:E1:09:16:F4
X509v3 Authority Key Identifier:
keyid:2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/QG26uYioHVmhp2a5DlzMfuEJFvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/LPtHb88xPP8pXeDRcJFWrwJT188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.144.0/22
88.81.96.0/19
185.46.252.0/22
IPv6:
2a02:3d8::/32
2a0f:6380::/29
Signature Algorithm: sha256WithRSAEncryption
24:91:8a:b8:0d:13:81:21:36:4c:11:b2:04:32:09:44:61:d5:
4b:ff:d6:d3:c9:6b:a8:2e:c5:64:e1:c6:ab:25:da:5d:2a:c6:
c6:26:a7:b6:ea:1e:d2:50:3c:89:75:c8:2e:fd:7f:31:ee:cf:
fa:d3:7e:3b:f3:d2:d5:8e:eb:63:5c:9f:2e:70:3b:d7:3a:69:
51:f8:31:d5:1f:bc:25:55:ba:37:b6:82:a9:2c:01:30:d2:e2:
82:31:30:21:bc:58:ff:8b:55:9d:c1:5c:63:7e:b6:c5:a2:02:
f1:3c:6d:7b:a5:ba:e8:3b:d3:50:7a:c4:1d:2c:9d:68:63:38:
a4:47:dc:5f:c6:27:82:c3:d4:87:c7:80:f3:26:52:69:08:ce:
85:db:6c:da:9e:87:28:34:da:5e:b7:97:ba:e1:7f:60:57:96:
90:dc:a6:54:33:88:48:05:87:cc:2c:5a:f6:20:e3:a6:06:82:
2e:40:a6:73:3d:aa:db:26:8c:db:1f:68:5d:04:04:00:99:c2:
f4:84:3f:fc:4f:14:96:34:5d:26:21:f9:48:9e:58:e1:50:01:
42:36:6f:f0:a0:47:0d:7f:f4:93:dc:d9:10:a5:6a:b8:30:f3:
3c:95:1a:a0:7a:82:94:15:34:c9:fe:34:61:fb:37:f4:30:b4:
20:e2:e5:fd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQfi/+O9DumjVIrQa9fUxhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZmI0NzZmY2YzMTNjZmYyOTVkZTBkMTcwOTE1NmFmMDI1
M2Q3Y2YwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZkYmFiOTg4YTgxZDU5YTFhNzY2YjkwZTVjY2M3ZWUxMDkxNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pfs4CWjXGmjgczE8WI6/hYOJPsA
prQAg1UNAq1z+booctrn25eQrFP0WZwOuh1HHDjB16uGWXromowiGtTwwcJeqyVz
egjOZmZWnt4REM6/6Y8gpnMrUUZ63UWNhC45uxVcMS5w/C4j9AYSeFpvWRR6I0/P
IH4XsffsbIqpI8nwYHhRBYzHDPawMqLMpcKijN3PoyQA9vqP46wILxTb379ksCrH
6p/s5Ssj4nDiYm4fl9mVq5RTBSFlnO1grMA+IbSgNDrqW5joXskrK85MuTV6X8GM
Gz5DuEdGYysnM+UJYRbOh2kVZ/rTL65i0WNkZN5I7Zepg0WoLe8MfwIowQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEBturmIqB1ZoadmuQ5czH7hCRb0MB8GA1UdIwQY
MBaAFCz7R2/PMTz/KV3g0XCRVq8CU9fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFB0SGI4OHhQUDhwWGVEUmNKRldyd0pUMTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84MTFiMWItM2E3Mi00NDAyLWI0ZmQt
ZmE0ZGQyMWFlM2RjLzEvUUcyNnVZaW9IVm1ocDJhNURsek1mdUVKRnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84MTFiMWItM2E3Mi00NDAyLWI0ZmQtZmE0ZGQyMWFlM2Rj
LzEvTFB0SGI4OHhQUDhwWGVEUmNKRldyd0pUMTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLZ6QAwQF
WFFgAwQCuS78MBQEAgACMA4DBQAqAgPYAwUDKg9jgDANBgkqhkiG9w0BAQsFAAOC
AQEAJJGKuA0TgSE2TBGyBDIJRGHVS//W08lrqC7FZOHGqyXaXSrGxiantuoe0lA8
iXXILv1/Me7P+tN+O/PS1Y7rY1yfLnA71zppUfgx1R+8JVW6N7aCqSwBMNLigjEw
IbxY/4tVncFcY362xaIC8Txte6W66DvTUHrEHSydaGM4pEfcX8YngsPUh8eA8yZS
aQjOhdts2p6HKDTaXreXuuF/YFeWkNymVDOISAWHzCxa9iDjpgaCLkCmcz2q2yaM
2x9oXQQEAJnC9IQ//E8UljRdJiH5SJ5Y4VABQjZv8KBHDX/0k9zZEKVquDDzPJUa
oHqClBU0yf40Yfs39DC0IOLl/Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:23 2025 by rpki-client