Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/cQWK86wyTE6QykBYGD0IQXVxmGU.roa
File: cQWK86wyTE6QykBYGD0IQXVxmGU.roa (raw, json)
Hash identifier: YU+GQaBeZSBZ4pnqlkuWqIUXGdhcGs2HRIrroMn5n04=
Subject key identifier: 71:05:8A:F3:AC:32:4C:4E:90:CA:40:58:18:3D:08:41:75:71:98:65
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 0194266B6AE9D361B913DEF8ECCF4E6427BB
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/cQWK86wyTE6QykBYGD0IQXVxmGU.roa
Signing time: Thu 02 Jan 2025 09:49:21 +0000
ROA not before: Thu 02 Jan 2025 09:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49289
IP address blocks: 93.185.112.0/20 maxlen: 20
159.255.136.0/22 maxlen: 22
159.255.144.0/24 maxlen: 24
171.22.232.0/24 maxlen: 24
171.22.233.0/24 maxlen: 24
171.22.234.0/24 maxlen: 24
171.22.235.0/24 maxlen: 24
178.239.32.0/22 maxlen: 22
178.239.36.0/24 maxlen: 24
178.239.40.0/22 maxlen: 22
178.239.44.0/23 maxlen: 23
178.239.46.0/23 maxlen: 23
185.63.132.0/23 maxlen: 23
185.63.135.0/24 maxlen: 24
188.94.120.0/21 maxlen: 21
2a00:c50::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:6a:e9:d3:61:b9:13:de:f8:ec:cf:4e:64:27:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Jan 2 09:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71058af3ac324c4e90ca4058183d084175719865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:db:12:ff:44:7f:e9:fd:ac:d2:37:83:bf:
50:ba:69:d3:6b:03:db:23:31:ae:df:83:76:29:d8:
e8:c3:a9:03:1b:66:b7:29:d2:3b:34:f7:4d:18:0c:
a2:c6:ca:26:c6:9e:d2:4b:a2:2a:d6:5c:c8:a0:49:
8d:d6:4c:38:5d:0b:cc:5e:fc:fd:a5:a0:9c:2f:c5:
89:8d:8f:a8:eb:ec:27:a5:4e:2e:5a:ed:4d:3b:77:
81:b6:aa:06:42:32:25:9e:31:97:5c:7d:f7:fb:89:
e8:77:c2:d2:fb:88:56:fc:e5:61:0d:2f:34:50:3f:
ab:d6:c3:03:90:ee:b5:36:cf:96:17:fd:a5:85:cf:
35:f3:9e:f8:d0:bd:26:3c:75:82:69:e5:15:30:40:
fc:39:82:50:66:4f:b5:bb:35:78:4f:a1:b9:ea:a4:
65:70:d9:2d:37:2c:c1:7e:93:c9:03:b0:49:27:b3:
d0:dd:5e:da:b1:8d:25:cb:66:06:22:93:21:79:34:
6b:a8:45:58:39:8d:68:af:65:43:5b:63:55:34:0e:
ce:f4:65:8b:4b:b3:a2:96:cb:3e:8b:dc:84:78:52:
6b:6c:d2:ab:d3:d0:9f:7d:d2:2e:71:64:70:ce:29:
54:ac:9f:2e:0f:4c:43:16:26:68:b4:86:80:54:44:
14:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:05:8A:F3:AC:32:4C:4E:90:CA:40:58:18:3D:08:41:75:71:98:65
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/cQWK86wyTE6QykBYGD0IQXVxmGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.112.0/20
159.255.136.0/22
159.255.144.0/24
171.22.232.0/22
178.239.32.0-178.239.36.255
178.239.40.0/21
185.63.132.0/23
185.63.135.0/24
188.94.120.0/21
IPv6:
2a00:c50::/29
Signature Algorithm: sha256WithRSAEncryption
3b:cc:36:4c:d0:c3:d5:96:f2:c4:f8:f2:e4:76:5b:0d:f7:8a:
5d:75:20:7e:4c:23:a9:6b:16:5a:b2:6f:30:11:ee:24:61:85:
7c:4e:b0:04:b1:f0:fa:7e:08:89:60:e2:7d:65:d0:1a:da:70:
b3:f1:4d:01:b9:34:c2:9d:21:b6:44:10:c5:94:21:a0:00:79:
68:46:d6:9f:f4:71:8b:1b:70:6b:b2:fa:42:b9:e9:d9:47:c6:
ad:15:98:fa:76:00:1c:f2:eb:59:b6:fa:9b:31:29:19:31:fc:
df:5f:a3:c0:a7:df:8c:0b:76:67:b2:02:0c:a5:1b:a9:f1:ad:
23:07:f3:41:2b:45:5a:c9:83:dc:16:d7:7f:4b:8e:22:8b:09:
23:cb:a2:8f:ee:dc:bf:0c:28:54:0d:37:aa:06:ff:01:f8:8d:
e4:12:6c:49:3c:2b:47:bb:80:01:ce:f2:eb:1c:74:d6:e3:12:
39:20:5e:d1:45:5b:bc:2b:f1:98:60:84:e8:e4:d4:80:83:28:
1c:48:ce:58:ac:56:2f:4a:27:cc:1a:dd:4a:70:7a:62:ef:ad:
60:37:41:f8:de:aa:cb:10:c7:bb:73:48:9f:28:cd:2d:16:13:
64:28:06:41:ec:e6:87:de:9d:3f:90:8b:10:15:39:e9:6a:f0:
9a:34:a5:9a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQma2rp02G5E9747M9OZCe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjUwMTAyMDk0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA1OGFmM2FjMzI0YzRlOTBjYTQwNTgxODNkMDg0MTc1NzE5ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss/bEv9Ef+n9rNI3g79QumnTawPb
IzGu34N2Kdjow6kDG2a3KdI7NPdNGAyixsomxp7SS6Iq1lzIoEmN1kw4XQvMXvz9
paCcL8WJjY+o6+wnpU4uWu1NO3eBtqoGQjIlnjGXXH33+4nod8LS+4hW/OVhDS80
UD+r1sMDkO61Ns+WF/2lhc8185740L0mPHWCaeUVMED8OYJQZk+1uzV4T6G56qRl
cNktNyzBfpPJA7BJJ7PQ3V7asY0ly2YGIpMheTRrqEVYOY1or2VDW2NVNA7O9GWL
S7Oilss+i9yEeFJrbNKr09CffdIucWRwzilUrJ8uD0xDFiZotIaAVEQURwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFHEFivOsMkxOkMpAWBg9CEF1cZhlMB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvY1FXSzg2d3lURTZReWtCWUdEMElRWFZ4bUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYtOGVlMGExMmEzNTli
LzEvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQEXblwAwQC
n/+IAwQAn/+QAwQCqxboMAwDBAWy7yADBACy7yQDBAOy7ygDBAG5P4QDBAC5P4cD
BAO8XngwDQQCAAIwBwMFAyoADFAwDQYJKoZIhvcNAQELBQADggEBADvMNkzQw9WW
8sT48uR2Ww33il11IH5MI6lrFlqybzAR7iRhhXxOsASx8Pp+CIlg4n1l0BracLPx
TQG5NMKdIbZEEMWUIaAAeWhG1p/0cYsbcGuy+kK56dlHxq0VmPp2ABzy61m2+psx
KRkx/N9fo8Cn34wLdmeyAgylG6nxrSMH80ErRVrJg9wW139LjiKLCSPLoo/u3L8M
KFQNN6oG/wH4jeQSbEk8K0e7gAHO8uscdNbjEjkgXtFFW7wr8ZhghOjk1ICDKBxI
zlisVi9KJ8wa3UpwemLvrWA3QfjeqssQx7tzSJ8ozS0WE2QoBkHs5ofenT+QixAV
Oelq8Jo0pZo=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:33 2025 by rpki-client