Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/QkVUxE4AhpJODfmHEAvAkyjHMvY.roa
File: QkVUxE4AhpJODfmHEAvAkyjHMvY.roa (raw, json)
Hash identifier: 2P7jvP73KgH1ucfbvzPgDI0cala+VmBiaJkBM0mxbsM=
Subject key identifier: 42:45:54:C4:4E:00:86:92:4E:0D:F9:87:10:0B:C0:93:28:C7:32:F6
Certificate issuer: /CN=0f47ec73bceecedd541efb73525d61232fa80219
Certificate serial: 01856F94D885AB02A34D4BB4259F0E234D7A
Authority key identifier: 0F:47:EC:73:BC:EE:CE:DD:54:1E:FB:73:52:5D:61:23:2F:A8:02:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D0fsc7zuzt1UHvtzUl1hIy-oAhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/QkVUxE4AhpJODfmHEAvAkyjHMvY.roa
Signing time: Sun 01 Jan 2023 23:05:03 +0000
ROA not before: Sun 01 Jan 2023 23:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29247
IP address blocks: 149.210.0.0/18 maxlen: 18
109.178.0.0/16 maxlen: 16
178.146.0.0/16 maxlen: 16
5.203.0.0/16 maxlen: 16
5.144.192.0/20 maxlen: 20
5.144.192.0/18 maxlen: 18
5.144.208.0/20 maxlen: 20
149.210.64.0/18 maxlen: 18
31.217.160.0/19 maxlen: 19
5.144.224.0/20 maxlen: 20
31.217.176.0/23 maxlen: 23
31.217.178.0/23 maxlen: 23
31.152.0.0/16 maxlen: 16
31.217.184.0/22 maxlen: 22
31.217.180.0/23 maxlen: 23
178.147.0.0/16 maxlen: 16
94.143.177.0/24 maxlen: 24
94.143.176.0/24 maxlen: 24
94.143.178.0/24 maxlen: 24
94.143.183.0/24 maxlen: 24
94.143.180.0/24 maxlen: 24
2a02:1388:2000::/36 maxlen: 36
2a02:1388::/36 maxlen: 36
2a02:1388:4000::/36 maxlen: 36
2a02:1388::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d8:85:ab:02:a3:4d:4b:b4:25:9f:0e:23:4d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f47ec73bceecedd541efb73525d61232fa80219
Validity
Not Before: Jan 1 23:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=424554c44e0086924e0df987100bc09328c732f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:67:eb:65:aa:e2:27:f6:38:a7:4e:0a:e7:21:
60:4d:fd:1b:28:6d:05:47:a7:12:73:4a:10:bb:45:
e4:25:6c:ce:ef:a3:52:fa:cc:64:72:b8:99:6e:37:
25:83:24:1f:95:6d:ca:65:b6:e6:7b:0b:bd:ad:ec:
a6:02:1e:bd:db:cb:7b:de:f7:e7:1e:fa:d5:fc:32:
93:e4:e2:31:a0:31:f1:92:73:d9:c1:0d:52:de:eb:
9e:fe:51:bf:9b:0d:fb:6f:e6:d5:51:1d:f8:3f:31:
ec:8e:87:9d:0c:70:99:24:05:68:c0:0d:f6:a4:01:
41:4b:a4:bb:eb:af:a5:bb:53:0c:b9:64:cd:4d:ce:
a6:ca:5c:dd:f3:c4:b6:05:3d:8e:88:b9:d5:de:f4:
25:2e:c3:70:87:6e:22:9b:f2:27:48:48:bd:e2:e7:
0e:e6:cb:6d:1d:8a:e5:aa:13:5b:9d:9e:fd:d9:ac:
84:30:4a:01:65:c3:5b:37:19:e6:a1:1b:1b:04:e4:
e0:4f:15:b3:65:20:d8:a5:c5:36:54:84:fd:1c:9a:
59:7b:d1:f8:20:ba:68:ad:fa:f9:73:43:69:5a:11:
a3:a8:f8:75:22:71:e2:63:a1:b5:12:32:c3:f1:57:
bf:84:fa:e2:83:92:91:8e:02:be:dd:bf:01:44:fd:
15:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:45:54:C4:4E:00:86:92:4E:0D:F9:87:10:0B:C0:93:28:C7:32:F6
X509v3 Authority Key Identifier:
keyid:0F:47:EC:73:BC:EE:CE:DD:54:1E:FB:73:52:5D:61:23:2F:A8:02:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fsc7zuzt1UHvtzUl1hIy-oAhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/QkVUxE4AhpJODfmHEAvAkyjHMvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/D0fsc7zuzt1UHvtzUl1hIy-oAhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.192.0/18
5.203.0.0/16
31.152.0.0/16
31.217.160.0/19
94.143.176.0-94.143.178.255
94.143.180.0/24
94.143.183.0/24
109.178.0.0/16
149.210.0.0/17
178.146.0.0/15
IPv6:
2a02:1388::/29
Signature Algorithm: sha256WithRSAEncryption
7d:6e:ac:ca:09:92:e5:9c:ef:54:ea:6b:bf:56:db:1d:bc:71:
94:0f:ca:91:80:39:7c:dc:a8:47:a6:bc:1c:d5:90:d1:4a:d4:
6b:2b:34:c0:d7:b4:39:be:be:d8:01:49:76:1f:98:22:04:4e:
21:51:48:95:bd:0c:ba:4f:5e:42:a0:6d:f0:1f:64:88:d5:b8:
82:56:e5:d5:2e:be:cc:8b:d4:8b:e7:cb:5d:dd:ad:e3:6a:70:
16:5a:34:8f:2e:30:b9:5d:bc:a5:dc:14:47:a1:01:ce:b4:99:
a6:ce:f9:07:59:77:6e:ca:73:82:f7:22:ce:ce:03:2b:84:c1:
e0:70:36:a2:4c:a0:7b:cd:03:1d:d4:d3:5b:8c:37:da:4f:7f:
b7:d8:dc:44:bd:b7:34:0c:31:e6:ec:a6:81:0a:0c:74:79:5e:
92:a8:92:f4:5c:f3:04:4b:21:2b:01:bb:63:5b:09:a0:2b:0e:
db:ca:7f:aa:3e:ed:04:3d:e7:ec:5f:92:91:91:81:3c:7b:2a:
71:0f:f7:6b:37:42:f3:ec:be:22:fd:ac:78:d5:80:29:71:87:
9b:b1:e5:fa:3f:e9:9b:33:4e:57:c3:c4:70:10:e8:23:4c:a7:
95:1e:dd:02:0e:26:fe:32:b8:6f:29:eb:fe:3d:a4:3b:22:ad:
83:04:42:01
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVvlNiFqwKjTUu0JZ8OI016MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdlYzczYmNlZWNlZGQ1NDFlZmI3MzUyNWQ2MTIzMmZh
ODAyMTkwHhcNMjMwMTAxMjMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ1NTRjNDRlMDA4NjkyNGUwZGY5ODcxMDBiYzA5MzI4YzczMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGfrZariJ/Y4p04K5yFgTf0bKG0F
R6cSc0oQu0XkJWzO76NS+sxkcriZbjclgyQflW3KZbbmewu9reymAh6928t73vfn
HvrV/DKT5OIxoDHxknPZwQ1S3uue/lG/mw37b+bVUR34PzHsjoedDHCZJAVowA32
pAFBS6S766+lu1MMuWTNTc6mylzd88S2BT2OiLnV3vQlLsNwh24im/InSEi94ucO
5sttHYrlqhNbnZ792ayEMEoBZcNbNxnmoRsbBOTgTxWzZSDYpcU2VIT9HJpZe9H4
ILporfr5c0NpWhGjqPh1InHiY6G1EjLD8Ve/hPrig5KRjgK+3b8BRP0VFwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFEJFVMROAIaSTg35hxALwJMoxzL2MB8GA1UdIwQY
MBaAFA9H7HO87s7dVB77c1JdYSMvqAIZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmc2M3enV6dDFVSHZ0elVsMWhJeS1vQWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wOTQxODAtMDE3MS00MjUyLWFmZWEt
OTIzNTQ2ZWQzZThhLzEvUWtWVXhFNEFocEpPRGZtSEVBdkFreWpITXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wOTQxODAtMDE3MS00MjUyLWFmZWEtOTIzNTQ2ZWQzZThh
LzEvRDBmc2M3enV6dDFVSHZ0elVsMWhJeS1vQWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQGBZDAAwMA
BcsDAwAfmAMEBR/ZoDAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV
0gADAwGykjANBAIAAjAHAwUDKgITiDANBgkqhkiG9w0BAQsFAAOCAQEAfW6sygmS
5ZzvVOprv1bbHbxxlA/KkYA5fNyoR6a8HNWQ0UrUays0wNe0Ob6+2AFJdh+YIgRO
IVFIlb0Muk9eQqBt8B9kiNW4glbl1S6+zIvUi+fLXd2t42pwFlo0jy4wuV28pdwU
R6EBzrSZps75B1l3bspzgvcizs4DK4TB4HA2okyge80DHdTTW4w32k9/t9jcRL23
NAwx5uymgQoMdHlekqiS9FzzBEshKwG7Y1sJoCsO28p/qj7tBD3n7F+SkZGBPHsq
cQ/3azdC8+y+Iv2seNWAKXGHm7Hl+j/pmzNOV8PEcBDoI0ynlR7dAg4m/jK4bynr
/j2kOyKtgwRCAQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:26 2025 by rpki-client