Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/QEGvK3iuTBbvTcDyPl3t-MobkAU.roa
File: QEGvK3iuTBbvTcDyPl3t-MobkAU.roa (raw, json)
Hash identifier: reGPBeh4ClVicxkkONFggLeLA9QOXr7t6wUr7M6t+eg=
Subject key identifier: 40:41:AF:2B:78:AE:4C:16:EF:4D:C0:F2:3E:5D:ED:F8:CA:1B:90:05
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01882BC50E97318C2623C5FA549BE9BE450B
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/QEGvK3iuTBbvTcDyPl3t-MobkAU.roa
Signing time: Wed 17 May 2023 22:11:54 +0000
ROA not before: Wed 17 May 2023 22:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 94.131.147.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.129.0/24 maxlen: 24
94.131.128.0/23 maxlen: 23
94.131.128.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.144.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.143.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2b:c5:0e:97:31:8c:26:23:c5:fa:54:9b:e9:be:45:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: May 17 22:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4041af2b78ae4c16ef4dc0f23e5dedf8ca1b9005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:22:76:49:2e:ac:bd:85:86:ee:4e:69:9b:90:
ca:95:2e:ca:99:a3:a9:e4:25:e4:43:17:a0:13:8d:
55:68:b3:60:9f:c7:8f:75:c6:ff:38:21:6e:9c:0c:
53:0c:ac:9e:46:03:7b:f1:3a:9f:91:cc:c6:a7:f0:
21:e7:eb:8e:a9:d5:6b:d4:83:72:bf:ce:fa:67:9a:
3a:fe:d8:4a:e3:bd:a1:d5:26:37:ab:54:44:dc:06:
cd:48:39:8c:e5:ab:a1:02:53:dc:d5:9a:a4:fd:29:
63:67:d2:82:b3:f6:60:87:19:02:57:f6:0a:ca:af:
2b:87:92:d9:ac:3c:bb:0a:18:a3:53:4b:2f:59:7c:
b8:c7:a5:12:8c:e6:cb:98:7e:80:a2:04:93:57:80:
d0:04:31:4e:96:c7:86:d3:64:f7:6a:e1:0e:a8:62:
9f:0b:69:9c:e7:64:a9:49:2a:87:d2:ba:30:9d:fa:
34:0d:bb:16:d2:62:a7:22:d9:69:c6:7f:1e:a9:b5:
c2:b5:48:2b:30:7e:ea:e9:85:1e:31:aa:c9:e9:55:
90:1f:af:ba:cd:63:7a:f8:0d:28:a2:8d:56:b6:c2:
83:e7:51:91:79:84:c6:c4:84:4f:22:04:d0:72:f1:
1d:3f:65:45:d3:11:c1:34:64:fb:87:40:58:c6:7c:
df:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:41:AF:2B:78:AE:4C:16:EF:4D:C0:F2:3E:5D:ED:F8:CA:1B:90:05
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/QEGvK3iuTBbvTcDyPl3t-MobkAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:51:c1:e4:5b:a7:ad:8a:ec:fe:76:c8:59:68:dc:3f:6a:41:
42:75:ba:4a:3b:5c:05:4a:3e:9d:93:d1:b9:47:09:18:49:b5:
a3:2c:15:e3:9b:ee:90:ed:20:e4:41:96:72:29:71:11:16:3d:
12:5e:24:5f:da:10:61:4b:22:7b:04:f0:01:2c:ad:41:65:bb:
f9:f1:4c:24:26:61:03:c8:4f:fa:d2:46:10:e5:01:99:e0:28:
b9:7b:46:cd:3a:90:fc:77:23:c2:a7:74:0e:24:e4:2e:ad:b8:
98:75:d1:35:b0:ac:58:00:91:a6:22:50:32:55:9f:3a:93:e7:
47:34:ad:26:a7:72:af:e0:43:25:b5:47:94:3b:58:a4:99:3f:
cb:e8:88:56:30:1e:21:c8:a5:f8:0c:4f:ae:1f:e5:4d:77:53:
2b:af:97:31:07:ad:54:68:96:fa:b1:28:c3:5f:8c:ae:41:2e:
07:b5:af:42:f1:42:7b:a8:3c:0e:01:20:64:15:b0:34:4f:5a:
66:f1:27:3b:f6:5e:2e:72:0f:c3:49:d3:c9:4c:23:71:c0:89:
c4:49:c9:b5:db:1e:f3:10:08:da:91:6b:17:e6:4f:cd:3a:d5:
2a:b5:10:04:a2:d2:51:39:c6:d2:e9:7d:37:c1:57:12:f4:73:
aa:41:ba:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgrxQ6XMYwmI8X6VJvpvkULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNTE3MjIxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQxYWYyYjc4YWU0YzE2ZWY0ZGMwZjIzZTVkZWRmOGNhMWI5MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSJ2SS6svYWG7k5pm5DKlS7KmaOp
5CXkQxegE41VaLNgn8ePdcb/OCFunAxTDKyeRgN78TqfkczGp/Ah5+uOqdVr1INy
v876Z5o6/thK472h1SY3q1RE3AbNSDmM5auhAlPc1Zqk/SljZ9KCs/ZghxkCV/YK
yq8rh5LZrDy7ChijU0svWXy4x6USjObLmH6AogSTV4DQBDFOlseG02T3auEOqGKf
C2mc52SpSSqH0rownfo0DbsW0mKnItlpxn8eqbXCtUgrMH7q6YUeMarJ6VWQH6+6
zWN6+A0ooo1WtsKD51GReYTGxIRPIgTQcvEdP2VF0xHBNGT7h0BYxnzfHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBBryt4rkwW703A8j5d7fjKG5AFMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvUUVHdkszaXVUQmJ2VGNEeVBsM3QtTW9ia0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFXoOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCPUcHkW6etiuz+dshZaNw/akFCdbpKO1wFSj6dk9G5
RwkYSbWjLBXjm+6Q7SDkQZZyKXERFj0SXiRf2hBhSyJ7BPABLK1BZbv58UwkJmED
yE/60kYQ5QGZ4Ci5e0bNOpD8dyPCp3QOJOQurbiYddE1sKxYAJGmIlAyVZ86k+dH
NK0mp3Kv4EMltUeUO1ikmT/L6IhWMB4hyKX4DE+uH+VNd1Mrr5cxB61UaJb6sSjD
X4yuQS4Hta9C8UJ7qDwOASBkFbA0T1pm8Sc79l4ucg/DSdPJTCNxwInEScm12x7z
EAjakWsX5k/NOtUqtRAEotJROcbS6X03wVcS9HOqQbo4
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:04 2025 by rpki-client