Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_QwHLA_x4XrF_LwmLQEKjtsyunM.roa
File: _QwHLA_x4XrF_LwmLQEKjtsyunM.roa (raw, json)
Hash identifier: 0ukcceGqdC9YJyfaIrC7MCA2MhUBX0lIv2pOPYik5xA=
Subject key identifier: FD:0C:07:2C:0F:F1:E1:7A:C5:FC:BC:26:2D:01:0A:8E:DB:32:BA:73
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01948ED5D7F076CF515E9AF61F4087B4B286
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_QwHLA_x4XrF_LwmLQEKjtsyunM.roa
Signing time: Wed 22 Jan 2025 16:26:06 +0000
ROA not before: Wed 22 Jan 2025 16:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213538
IP address blocks: 31.135.0.0/24 maxlen: 24
64.43.92.0/24 maxlen: 24
77.36.88.0/24 maxlen: 24
91.200.134.0/24 maxlen: 24
91.237.92.0/24 maxlen: 24
91.245.90.0/24 maxlen: 24
91.246.217.0/24 maxlen: 24
93.120.33.0/24 maxlen: 24
93.120.72.0/24 maxlen: 24
176.96.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:d5:d7:f0:76:cf:51:5e:9a:f6:1f:40:87:b4:b2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 22 16:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd0c072c0ff1e17ac5fcbc262d010a8edb32ba73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:96:cb:a1:35:20:91:13:5d:29:d8:0b:86:32:
97:7e:5c:60:5c:89:04:a2:b1:74:6a:db:31:d9:ce:
65:d7:78:4b:24:5d:10:6f:57:57:9a:4d:1c:52:39:
73:8d:52:11:9d:a9:74:c4:92:91:2d:39:66:7e:a6:
0c:02:03:1d:f2:9e:8c:cc:af:ea:fc:c2:50:46:44:
8f:c7:76:ca:a5:54:b3:91:e2:c3:b3:8e:34:c8:6c:
70:2c:81:d5:0e:f1:8e:df:f2:83:55:87:66:c0:71:
2a:12:bc:59:6f:c7:3f:82:b4:8d:f1:54:8f:e7:9b:
ba:7f:d3:10:75:f8:09:ac:66:97:1f:88:74:4d:37:
57:a1:9e:90:b2:90:7b:b5:ad:ef:d7:0e:0f:69:16:
55:79:fb:e6:71:f4:4d:08:8f:94:75:e8:4a:cd:2b:
16:d4:e0:0b:3d:0a:55:ca:6c:c9:1c:cd:78:d2:7a:
e0:ef:a4:9a:76:76:00:19:0c:bd:f8:9f:a7:15:be:
49:0e:14:76:e4:a8:25:66:77:4c:9a:0b:ec:6e:4a:
31:6b:1f:34:b5:c9:ba:54:6f:b3:d6:a0:2e:9a:f1:
37:8f:e7:4d:f9:e6:28:26:46:4b:8e:59:f8:49:5a:
4c:31:19:ef:31:27:3b:0f:78:cf:5f:49:2f:83:6d:
12:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0C:07:2C:0F:F1:E1:7A:C5:FC:BC:26:2D:01:0A:8E:DB:32:BA:73
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_QwHLA_x4XrF_LwmLQEKjtsyunM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.0.0/24
64.43.92.0/24
77.36.88.0/24
91.200.134.0/24
91.237.92.0/24
91.245.90.0/24
91.246.217.0/24
93.120.33.0/24
93.120.72.0/24
176.96.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:8a:96:97:b5:19:38:f5:31:9a:26:d3:b7:c5:d4:1b:6a:22:
5f:df:0f:dd:6c:9c:b2:8b:0c:ed:61:db:15:27:bb:0a:59:47:
03:09:21:56:e0:c9:69:f4:a0:de:90:5f:d2:08:9d:3b:28:7c:
6d:08:c3:92:23:1d:ac:11:62:24:a1:b1:9c:a4:8d:d0:42:5f:
44:e6:7f:a7:be:70:5e:53:60:67:4c:da:f0:7e:ee:1b:4e:1e:
6f:6f:cc:c9:27:18:75:2b:e2:d0:11:c9:b8:d2:90:f9:dc:f6:
3e:1e:f1:4c:2a:10:db:07:fb:b8:8b:38:ec:3f:f3:5d:6d:e3:
fb:9f:c0:14:8a:e6:96:0a:4e:32:1f:fc:26:1b:33:2d:d5:bd:
c3:11:4e:f4:56:c5:a9:99:ec:39:b2:87:4c:e6:65:a3:69:54:
db:8d:b5:48:f9:e5:7b:28:1e:93:70:f8:ee:f2:f6:0c:62:69:
83:fb:00:d2:d0:93:02:e6:39:c4:b3:2f:0d:47:eb:0d:3c:e4:
6f:1d:ae:47:5f:28:cd:67:33:37:a6:6e:9b:09:16:ba:bd:55:
f1:71:2a:4e:e2:35:9a:4e:aa:a4:6a:d9:59:99:9f:cf:73:e7:
11:07:cf:58:bc:28:b6:3b:6d:e8:2f:bc:a0:ff:bc:7f:dd:9b:
74:b8:4c:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZSO1dfwds9RXpr2H0CHtLKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTIyMTYyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBjMDcyYzBmZjFlMTdhYzVmY2JjMjYyZDAxMGE4ZWRiMzJiYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZbLoTUgkRNdKdgLhjKXflxgXIkE
orF0atsx2c5l13hLJF0Qb1dXmk0cUjlzjVIRnal0xJKRLTlmfqYMAgMd8p6MzK/q
/MJQRkSPx3bKpVSzkeLDs440yGxwLIHVDvGO3/KDVYdmwHEqErxZb8c/grSN8VSP
55u6f9MQdfgJrGaXH4h0TTdXoZ6QspB7ta3v1w4PaRZVefvmcfRNCI+UdehKzSsW
1OALPQpVymzJHM140nrg76SadnYAGQy9+J+nFb5JDhR25KglZndMmgvsbkoxax80
tcm6VG+z1qAumvE3j+dN+eYoJkZLjln4SVpMMRnvMSc7D3jPX0kvg20SzwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP0MBywP8eF6xfy8Ji0BCo7bMrpzMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvX1F3SExBX3g0WHJGX0x3bUxRRUtqdHN5dW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAH4cAAwQA
QCtcAwQATSRYAwQAW8iGAwQAW+1cAwQAW/VaAwQAW/bZAwQAXXghAwQAXXhIAwQA
sGBZMA0GCSqGSIb3DQEBCwUAA4IBAQBNipaXtRk49TGaJtO3xdQbaiJf3w/dbJyy
iwztYdsVJ7sKWUcDCSFW4Mlp9KDekF/SCJ07KHxtCMOSIx2sEWIkobGcpI3QQl9E
5n+nvnBeU2BnTNrwfu4bTh5vb8zJJxh1K+LQEcm40pD53PY+HvFMKhDbB/u4izjs
P/NdbeP7n8AUiuaWCk4yH/wmGzMt1b3DEU70VsWpmew5sodM5mWjaVTbjbVI+eV7
KB6TcPju8vYMYmmD+wDS0JMC5jnEsy8NR+sNPORvHa5HXyjNZzM3pm6bCRa6vVXx
cSpO4jWaTqqkatlZmZ/Pc+cRB89YvCi2O23oL7yg/7x/3Zt0uEx4
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:17:20 2025 by rpki-client