Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/e84c77-5272-412b-b3fd-c4de67e13eb0/1/QTH68uA3y3zqOE98H-X27hlKLHg.roa
File: QTH68uA3y3zqOE98H-X27hlKLHg.roa (raw, json)
Hash identifier: POyUR/thMzWlT6agcEoWXyNHRaqJHhqSVA15ql0XP6U=
Subject key identifier: 41:31:FA:F2:E0:37:CB:7C:EA:38:4F:7C:1F:E5:F6:EE:19:4A:2C:78
Certificate issuer: /CN=a2e68ae99c24b2073a0ac32803243c3bea1e67ce
Certificate serial: 019424B28BCD6D1F7D7C72996F20D36EBD26
Authority key identifier: A2:E6:8A:E9:9C:24:B2:07:3A:0A:C3:28:03:24:3C:3B:EA:1E:67:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouaK6Zwksgc6CsMoAyQ8O-oeZ84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/e84c77-5272-412b-b3fd-c4de67e13eb0/1/QTH68uA3y3zqOE98H-X27hlKLHg.roa
Signing time: Thu 02 Jan 2025 01:47:48 +0000
ROA not before: Thu 02 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204949
IP address blocks: 185.193.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:8b:cd:6d:1f:7d:7c:72:99:6f:20:d3:6e:bd:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e68ae99c24b2073a0ac32803243c3bea1e67ce
Validity
Not Before: Jan 2 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4131faf2e037cb7cea384f7c1fe5f6ee194a2c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:54:c6:e8:39:41:17:f4:ad:d6:77:6e:ea:b0:
e0:c5:50:84:58:52:61:6e:63:bb:3a:a0:3b:e1:7a:
ad:d4:84:bc:56:b3:1d:2a:98:74:28:d6:e9:22:b8:
6d:29:80:77:1e:1a:21:76:46:7a:17:13:80:64:e5:
28:e1:17:20:46:e8:a2:b7:6d:cb:7b:4e:dd:12:cb:
71:fe:44:fb:e9:84:b2:db:20:b9:05:fe:72:8d:17:
d4:a0:6a:55:b0:67:0b:f4:c5:ad:31:46:49:89:2e:
77:44:85:38:48:1d:49:fb:68:eb:c3:13:49:fe:b1:
5b:c4:62:81:3f:34:38:1a:67:f8:96:1e:1c:9b:2a:
15:a7:5f:86:1d:75:cf:62:25:f8:57:b5:a1:f7:2a:
21:e3:82:a7:d0:1e:dc:50:30:8d:b2:40:09:fb:09:
3a:e5:2d:b0:9b:9c:94:fe:fb:ed:0d:df:00:b2:fd:
00:dd:49:16:8e:89:2d:5f:a1:3a:7e:b8:30:2c:bf:
a4:2f:52:88:b1:07:1a:67:be:ea:2c:ca:79:58:e5:
ac:82:66:95:fe:66:68:ae:e5:f7:c3:5f:99:1d:93:
56:43:f1:80:59:73:42:2c:6c:3f:19:6b:fe:cf:f8:
64:72:dc:4f:d9:01:09:f5:30:04:87:2d:f1:b0:6c:
a3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:31:FA:F2:E0:37:CB:7C:EA:38:4F:7C:1F:E5:F6:EE:19:4A:2C:78
X509v3 Authority Key Identifier:
keyid:A2:E6:8A:E9:9C:24:B2:07:3A:0A:C3:28:03:24:3C:3B:EA:1E:67:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouaK6Zwksgc6CsMoAyQ8O-oeZ84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/e84c77-5272-412b-b3fd-c4de67e13eb0/1/QTH68uA3y3zqOE98H-X27hlKLHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/e84c77-5272-412b-b3fd-c4de67e13eb0/1/ouaK6Zwksgc6CsMoAyQ8O-oeZ84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.243.0/24
Signature Algorithm: sha256WithRSAEncryption
92:c2:ef:d7:58:ca:8e:94:bc:09:2c:21:28:6b:18:7b:f9:6d:
c0:1b:4d:ab:00:88:8a:57:e0:a1:ad:39:49:88:52:63:d6:45:
09:57:6e:89:1d:ce:7c:2b:89:a5:32:ae:be:fa:04:dc:1f:f7:
1a:6e:eb:8d:0a:f2:fc:51:c7:fd:21:2e:16:85:04:06:9e:25:
91:21:91:7e:b4:d6:2f:70:dd:0c:e2:09:cb:e5:66:07:e7:39:
8f:e7:22:81:9d:a4:d1:c1:be:ee:85:e5:bc:91:d0:12:fe:51:
38:0e:9a:e3:86:bc:b8:38:a4:d4:f7:8f:55:b1:c0:86:44:0e:
49:02:89:a4:d6:69:3d:4b:1f:6e:ca:89:2e:25:1c:f8:0d:ed:
71:e4:8a:8f:97:42:4b:e3:ba:01:6d:04:94:b1:ba:ab:f9:5c:
eb:36:67:89:cf:03:25:e0:6c:75:9e:9f:93:2b:dd:b9:5a:47:
5c:8e:19:4b:57:c4:26:22:b9:cb:70:41:a5:6d:e5:5a:a7:94:
63:34:ab:44:21:6f:c9:f7:f3:bf:5f:86:40:af:c8:3a:cc:74:
de:09:d1:4c:40:2e:73:eb:9e:c6:ea:7a:c5:73:9f:71:db:35:
a6:b4:f1:30:37:96:8a:48:f2:7a:f3:55:52:a4:1b:45:ca:57:
54:76:82:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksovNbR99fHKZbyDTbr0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTY4YWU5OWMyNGIyMDczYTBhYzMyODAzMjQzYzNiZWEx
ZTY3Y2UwHhcNMjUwMTAyMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMxZmFmMmUwMzdjYjdjZWEzODRmN2MxZmU1ZjZlZTE5NGEyYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VTG6DlBF/St1ndu6rDgxVCEWFJh
bmO7OqA74Xqt1IS8VrMdKph0KNbpIrhtKYB3HhohdkZ6FxOAZOUo4RcgRuiit23L
e07dEstx/kT76YSy2yC5Bf5yjRfUoGpVsGcL9MWtMUZJiS53RIU4SB1J+2jrwxNJ
/rFbxGKBPzQ4Gmf4lh4cmyoVp1+GHXXPYiX4V7Wh9yoh44Kn0B7cUDCNskAJ+wk6
5S2wm5yU/vvtDd8Asv0A3UkWjoktX6E6frgwLL+kL1KIsQcaZ77qLMp5WOWsgmaV
/mZoruX3w1+ZHZNWQ/GAWXNCLGw/GWv+z/hkctxP2QEJ9TAEhy3xsGyjswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEx+vLgN8t86jhPfB/l9u4ZSix4MB8GA1UdIwQY
MBaAFKLmiumcJLIHOgrDKAMkPDvqHmfOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VhSzZad2tzZ2M2Q3NNb0F5UThPLW9lWjg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9lODRjNzctNTI3Mi00MTJiLWIzZmQt
YzRkZTY3ZTEzZWIwLzEvUVRINjh1QTN5M3pxT0U5OEgtWDI3aGxLTEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9lODRjNzctNTI3Mi00MTJiLWIzZmQtYzRkZTY3ZTEzZWIw
LzEvb3VhSzZad2tzZ2M2Q3NNb0F5UThPLW9lWjg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucHzMA0G
CSqGSIb3DQEBCwUAA4IBAQCSwu/XWMqOlLwJLCEoaxh7+W3AG02rAIiKV+ChrTlJ
iFJj1kUJV26JHc58K4mlMq6++gTcH/cabuuNCvL8Ucf9IS4WhQQGniWRIZF+tNYv
cN0M4gnL5WYH5zmP5yKBnaTRwb7uheW8kdAS/lE4Dprjhry4OKTU949VscCGRA5J
Aomk1mk9Sx9uyokuJRz4De1x5IqPl0JL47oBbQSUsbqr+VzrNmeJzwMl4Gx1np+T
K925WkdcjhlLV8QmIrnLcEGlbeVap5RjNKtEIW/J9/O/X4ZAr8g6zHTeCdFMQC5z
657G6nrFc59x2zWmtPEwN5aKSPJ681VSpBtFyldUdoKH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:44 2025 by rpki-client