Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Q-9Jl2MPtUOHY-jm1wMy3k31T8k.roa
File: Q-9Jl2MPtUOHY-jm1wMy3k31T8k.roa (raw, json)
Hash identifier: X0IWIfGjS7tH49X84lTNj8EDIaj+8RZX5lQfNVCrnj8=
Subject key identifier: 43:EF:49:97:63:0F:B5:43:87:63:E8:E6:D7:03:32:DE:4D:F5:4F:C9
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01856ED4CD02D001318CA3A40590DC1C9F96
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Q-9Jl2MPtUOHY-jm1wMy3k31T8k.roa
Signing time: Sun 01 Jan 2023 19:35:17 +0000
ROA not before: Sun 01 Jan 2023 19:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.138.0/23 maxlen: 24
94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
176.46.140.0/22 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cd:02:d0:01:31:8c:a3:a4:05:90:dc:1c:9f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 1 19:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ef4997630fb5438763e8e6d70332de4df54fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c5:9b:da:0d:06:3f:f9:cb:1e:45:7c:f5:6d:
67:37:f4:55:d8:1a:c2:03:10:f2:84:74:0a:40:e4:
86:93:47:b5:8a:95:07:cb:7d:28:66:51:0f:6d:87:
90:74:06:78:38:79:6e:b3:aa:3c:94:07:2f:e9:2c:
0e:40:fe:b5:25:62:72:db:da:b6:ae:44:aa:fd:a8:
b5:ce:b1:ab:4f:80:dd:19:d9:9a:ed:99:f3:cf:9d:
05:61:3a:59:e3:5e:cf:5f:ba:a8:dc:8c:d4:46:6d:
ad:e0:5f:6c:d7:3b:bc:cf:0e:27:5b:55:d8:05:97:
a2:1b:bb:9e:d8:a5:6b:3f:76:c5:73:b9:b3:ff:6c:
cf:df:4c:05:9d:70:51:bb:ec:66:6d:bd:de:11:e3:
8d:c4:0e:b6:c7:d9:e1:34:d4:5e:23:67:3b:2b:59:
db:60:72:df:05:78:9e:82:76:a3:36:e4:49:96:0a:
3f:af:7d:07:4b:d2:c7:e4:f5:dc:95:89:35:99:ec:
0f:d5:57:a2:9b:5f:83:0a:01:bb:a7:12:a1:13:61:
d1:24:f7:65:2b:ea:69:c1:53:c0:96:02:8c:7a:4b:
50:51:7b:d2:8b:1d:2b:b7:ac:da:67:fe:e9:1d:d6:
27:4f:5f:6d:6b:f6:17:68:07:f4:d8:c1:85:08:00:
48:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:49:97:63:0F:B5:43:87:63:E8:E6:D7:03:32:DE:4D:F5:4F:C9
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Q-9Jl2MPtUOHY-jm1wMy3k31T8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.138.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:fe:6a:ae:01:a8:3c:f9:d6:93:34:19:67:7e:fd:f0:79:54:
aa:ba:22:60:5a:45:12:b4:78:1d:d5:1d:ae:71:5f:1b:c7:0f:
5a:1d:e3:9b:77:a7:3a:0f:04:87:5d:53:c8:b4:65:78:d6:45:
2a:ae:42:0c:28:df:e6:2f:39:a7:5a:f2:b3:96:9e:f0:fe:04:
41:64:a9:02:0f:06:76:82:9e:a6:27:83:ce:bd:8f:c2:20:09:
1c:5e:68:a2:db:a5:5b:fe:76:08:ff:af:f4:37:79:18:a3:cc:
73:78:e7:c4:79:bf:17:19:e0:72:40:1d:37:af:2b:e3:c5:30:
c3:17:c3:df:9d:57:5f:18:37:f9:3a:fe:f7:e8:72:ba:7c:96:
c6:8a:68:11:ba:f1:21:19:44:e6:8a:05:81:c9:5f:67:6b:dc:
ad:e4:b5:2e:dc:60:78:9e:1c:c8:84:95:3c:02:c9:8a:9b:05:
c7:b4:33:69:a9:69:8d:51:24:d7:18:4d:be:6a:79:cb:79:81:
24:e4:f1:0c:4e:ea:31:88:05:ee:1a:c2:04:35:18:e3:e7:dd:
37:84:23:8c:cd:e6:85:0b:77:55:a0:f1:06:c2:a8:7a:9f:27:
11:1b:00:b2:43:f5:0f:d3:52:76:5b:d5:b0:9b:64:8e:d1:50:
5f:b2:c4:60
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVu1M0C0AExjKOkBZDcHJ+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VmNDk5NzYzMGZiNTQzODc2M2U4ZTZkNzAzMzJkZTRkZjU0ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cWb2g0GP/nLHkV89W1nN/RV2BrC
AxDyhHQKQOSGk0e1ipUHy30oZlEPbYeQdAZ4OHlus6o8lAcv6SwOQP61JWJy29q2
rkSq/ai1zrGrT4DdGdma7Znzz50FYTpZ417PX7qo3IzURm2t4F9s1zu8zw4nW1XY
BZeiG7ue2KVrP3bFc7mz/2zP30wFnXBRu+xmbb3eEeONxA62x9nhNNReI2c7K1nb
YHLfBXiegnajNuRJlgo/r30HS9LH5PXclYk1mewP1Veim1+DCgG7pxKhE2HRJPdl
K+ppwVPAlgKMektQUXvSix0rt6zaZ/7pHdYnT19ta/YXaAf02MGFCABICQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEPvSZdjD7VDh2Po5tcDMt5N9U/JMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUS05SmwyTVB0VU9IWS1qbTF3TXkzazMxVDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAAwQFbcugMAwDBAGwLooDBAWwLoADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AKb+aq4BqDz51pM0GWd+/fB5VKq6ImBaRRK0eB3VHa5xXxvHD1od45t3pzoPBIdd
U8i0ZXjWRSquQgwo3+YvOada8rOWnvD+BEFkqQIPBnaCnqYng869j8IgCRxeaKLb
pVv+dgj/r/Q3eRijzHN458R5vxcZ4HJAHTevK+PFMMMXw9+dV18YN/k6/vfocrp8
lsaKaBG68SEZROaKBYHJX2dr3K3ktS7cYHieHMiElTwCyYqbBce0M2mpaY1RJNcY
Tb5qect5gSTk8QxO6jGIBe4awgQ1GOPn3TeEI4zN5oULd1Wg8QbCqHqfJxEbALJD
9Q/TUnZb1bCbZI7RUF+yxGA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:14 2025 by rpki-client