Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/QsbeSf1wSmlvXy1YWfLpeuzVc7I.roa
File: QsbeSf1wSmlvXy1YWfLpeuzVc7I.roa (raw, json)
Hash identifier: 31ekyuIll7jbSg3So4PZlEvJJPxudTYgN0T76VWQSUE=
Subject key identifier: 42:C6:DE:49:FD:70:4A:69:6F:5F:2D:58:59:F2:E9:7A:EC:D5:73:B2
Certificate issuer: /CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Certificate serial: 0185731604C22B81436DAFF6DEBF6BC97A25
Authority key identifier: E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/QsbeSf1wSmlvXy1YWfLpeuzVc7I.roa
Signing time: Mon 02 Jan 2023 15:25:00 +0000
ROA not before: Mon 02 Jan 2023 15:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51095
IP address blocks: 185.40.106.0/24 maxlen: 24
213.170.143.0/24 maxlen: 24
89.35.237.0/24 maxlen: 24
2a0c:e080::/29 maxlen: 32
2a0c:e082:10::/44 maxlen: 44
2a0c:e082::/44 maxlen: 44
2a0c:e080::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:04:c2:2b:81:43:6d:af:f6:de:bf:6b:c9:7a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Validity
Not Before: Jan 2 15:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c6de49fd704a696f5f2d5859f2e97aecd573b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0b:d7:ce:53:67:02:f6:46:05:6b:c2:a5:3a:
38:89:52:97:77:c7:62:c6:14:e9:df:c6:8c:2a:24:
85:13:d2:03:2d:80:04:7b:3a:09:fa:b6:ac:bd:0d:
e3:ef:73:81:3f:82:6e:e3:b9:4f:a8:18:03:e0:12:
c9:ef:02:1b:51:49:48:05:a9:ae:88:d1:af:b1:52:
e7:9e:22:71:a4:bf:d2:85:0b:ed:e6:63:e9:42:ed:
6a:16:bd:83:8c:f4:7b:e2:5e:ae:2a:a1:91:e2:c7:
cd:76:57:a5:3b:89:bd:1a:57:69:d9:7a:7a:84:d2:
58:cf:6f:3d:dc:5f:c6:a4:7d:24:ed:a9:d4:92:f1:
f7:5b:b1:08:ee:1d:f6:b9:84:e9:6c:32:98:1c:88:
81:c9:80:ea:ab:fc:be:79:eb:7f:37:23:1b:61:6f:
7f:43:d2:9d:1c:37:f7:32:42:71:72:89:41:df:ca:
10:0a:41:bd:c8:08:38:4d:56:f1:be:5c:64:ea:44:
fa:38:30:34:33:a8:92:d3:1c:82:79:fd:7c:65:8b:
ff:49:3b:ac:1d:ff:16:eb:ae:ad:98:12:67:48:3d:
fe:31:6b:ad:90:a2:55:4e:99:25:3c:1d:cc:f3:58:
1b:84:e0:82:fb:b5:20:ce:6f:15:b6:d6:93:7b:68:
54:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C6:DE:49:FD:70:4A:69:6F:5F:2D:58:59:F2:E9:7A:EC:D5:73:B2
X509v3 Authority Key Identifier:
keyid:E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/QsbeSf1wSmlvXy1YWfLpeuzVc7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.237.0/24
185.40.106.0/24
213.170.143.0/24
IPv6:
2a0c:e080::/29
Signature Algorithm: sha256WithRSAEncryption
a0:52:70:d9:bd:f3:fa:a6:17:aa:ec:1f:dc:3d:60:de:c5:0b:
9b:71:1f:e4:e5:ac:00:c7:0b:f3:34:44:24:3a:20:75:e0:9a:
f7:00:7a:a3:c0:34:d8:11:a3:b1:11:7d:8f:ee:79:b1:92:4c:
ac:7e:c3:75:d8:b8:5e:0f:52:e4:08:66:a9:4b:47:f9:64:6a:
a8:76:ba:06:a6:6a:67:d8:cd:17:ca:16:cc:21:61:92:e2:2b:
b8:48:64:d2:34:84:5e:45:f7:bb:1f:7e:9e:58:31:97:ac:be:
44:7d:4c:91:c9:b1:bb:3a:99:6d:82:97:e5:d9:d2:df:91:79:
18:17:d8:6f:54:08:21:0d:2a:53:c5:7d:ce:1f:41:d9:6a:5e:
8d:54:39:36:a9:2d:70:a8:1d:c8:17:a9:25:a7:c7:92:d3:62:
fc:f7:e5:80:4f:7f:70:53:bd:bd:ec:d4:73:11:47:f0:83:79:
c4:ef:58:ef:de:33:66:c8:96:da:db:a2:45:23:8e:a8:f5:e7:
a5:6b:50:6f:3e:80:d9:8b:24:e7:8e:7d:d0:57:19:2c:ae:3d:
24:b5:d4:d3:d8:b9:c2:ba:3b:07:44:84:b5:ed:63:a4:92:2b:
11:4a:ab:ff:39:04:e4:7d:e7:49:f1:3b:4a:59:7b:d1:09:39:
d8:12:16:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzFgTCK4FDba/23r9ryXolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzlmZmYyZjhlZDBkNjVhYWQwYjk0ZjgwMzZmMmVlMWFl
ZWVhMGEwHhcNMjMwMTAyMTUyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmM2ZGU0OWZkNzA0YTY5NmY1ZjJkNTg1OWYyZTk3YWVjZDU3M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAvXzlNnAvZGBWvCpTo4iVKXd8di
xhTp38aMKiSFE9IDLYAEezoJ+rasvQ3j73OBP4Ju47lPqBgD4BLJ7wIbUUlIBamu
iNGvsVLnniJxpL/ShQvt5mPpQu1qFr2DjPR74l6uKqGR4sfNdlelO4m9Gldp2Xp6
hNJYz2893F/GpH0k7anUkvH3W7EI7h32uYTpbDKYHIiByYDqq/y+eet/NyMbYW9/
Q9KdHDf3MkJxcolB38oQCkG9yAg4TVbxvlxk6kT6ODA0M6iS0xyCef18ZYv/STus
Hf8W666tmBJnSD3+MWutkKJVTpklPB3M81gbhOCC+7Ugzm8VttaTe2hU0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFELG3kn9cEppb18tWFny6Xrs1XOyMB8GA1UdIwQY
MBaAFOXJ//L47Q1lqtC5T4A28u4a7uoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2Qt
OWZhYTYyYTFmMTc4LzEvUXNiZVNmMXdTbWx2WHkxWVdmTHBldXpWYzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2QtOWZhYTYyYTFmMTc4
LzEvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWSPtAwQA
uShqAwQA1aqPMA0EAgACMAcDBQMqDOCAMA0GCSqGSIb3DQEBCwUAA4IBAQCgUnDZ
vfP6pheq7B/cPWDexQubcR/k5awAxwvzNEQkOiB14Jr3AHqjwDTYEaOxEX2P7nmx
kkysfsN12LheD1LkCGapS0f5ZGqodroGpmpn2M0XyhbMIWGS4iu4SGTSNIReRfe7
H36eWDGXrL5EfUyRybG7Opltgpfl2dLfkXkYF9hvVAghDSpTxX3OH0HZal6NVDk2
qS1wqB3IF6klp8eS02L89+WAT39wU7297NRzEUfwg3nE71jv3jNmyJba26JFI46o
9eela1BvPoDZiyTnjn3QVxksrj0ktdTT2LnCujsHRIS17WOkkisRSqv/OQTkfedJ
8TtKWXvRCTnYEhbQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:17:30 2025 by rpki-client