Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/Xqops75vQ_t9meBVel-P5shYefo.roa
File: Xqops75vQ_t9meBVel-P5shYefo.roa (raw, json)
Hash identifier: bvPOMNBb/wp1W0ZNDadbdcpD6HAvjkei+sktDefctgk=
Subject key identifier: 5E:AA:29:B3:BE:6F:43:FB:7D:99:E0:55:7A:5F:8F:E6:C8:58:79:FA
Certificate issuer: /CN=41e48b13551c4f302722a80f8c62e6efd5369edc
Certificate serial: 01856FB11664F3018B843F7B551091893E02
Authority key identifier: 41:E4:8B:13:55:1C:4F:30:27:22:A8:0F:8C:62:E6:EF:D5:36:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeSLE1UcTzAnIqgPjGLm79U2ntw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/Xqops75vQ_t9meBVel-P5shYefo.roa
Signing time: Sun 01 Jan 2023 23:35:54 +0000
ROA not before: Sun 01 Jan 2023 23:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34660
IP address blocks: 185.52.220.0/22 maxlen: 22
178.23.160.0/21 maxlen: 21
217.168.144.0/20 maxlen: 20
2a00:1fb0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:16:64:f3:01:8b:84:3f:7b:55:10:91:89:3e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e48b13551c4f302722a80f8c62e6efd5369edc
Validity
Not Before: Jan 1 23:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eaa29b3be6f43fb7d99e0557a5f8fe6c85879fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a8:12:aa:bb:35:04:ea:a1:db:4b:d9:7d:97:
2b:1d:b9:d3:ef:b3:f0:94:b7:17:15:a9:90:39:0a:
59:75:a7:a3:3b:a6:e7:52:26:6a:f5:66:1d:09:be:
ae:40:bd:04:46:2b:a6:01:19:a7:91:7f:3f:2e:3b:
44:54:33:18:a0:07:32:a1:7a:22:8b:8c:77:81:ed:
91:3d:a9:7d:66:ce:fc:15:8f:24:d6:f4:26:00:ad:
12:04:f9:c7:00:15:91:85:0b:b8:8b:a0:88:ff:72:
e5:4f:bc:95:dc:65:78:42:14:64:c9:97:f8:56:83:
3a:6c:1b:14:bc:f1:16:b5:71:6a:6d:eb:38:60:75:
a0:f1:4c:62:b0:61:ea:49:d4:6e:0e:79:9c:2d:dd:
b5:48:19:09:d2:76:40:f6:47:77:fe:8f:44:b0:53:
6e:1d:59:ca:27:f7:4e:44:b2:f6:40:4e:88:e6:51:
cd:50:a1:1f:0c:6a:f4:92:89:3f:c2:5a:c0:e5:9e:
00:14:e9:1a:95:7a:38:da:97:54:90:08:ba:34:19:
9f:62:65:2b:4e:cf:eb:dc:da:69:9e:31:f3:9e:46:
49:fd:3b:a5:c8:f9:f5:e8:7b:f0:c2:f7:7c:de:47:
cf:98:7a:74:e2:5e:9e:96:02:3d:b5:92:87:a9:cd:
ad:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AA:29:B3:BE:6F:43:FB:7D:99:E0:55:7A:5F:8F:E6:C8:58:79:FA
X509v3 Authority Key Identifier:
keyid:41:E4:8B:13:55:1C:4F:30:27:22:A8:0F:8C:62:E6:EF:D5:36:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeSLE1UcTzAnIqgPjGLm79U2ntw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/Xqops75vQ_t9meBVel-P5shYefo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/QeSLE1UcTzAnIqgPjGLm79U2ntw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.160.0/21
185.52.220.0/22
217.168.144.0/20
IPv6:
2a00:1fb0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:93:90:d6:d1:18:c9:b1:4e:23:13:91:17:44:af:30:93:fc:
ba:3a:8e:e9:89:3b:8b:c9:89:ba:60:bf:3f:b2:89:a1:97:c1:
91:9c:ca:c2:65:46:63:49:75:4a:db:7b:6b:73:31:cd:e0:d1:
0a:df:65:92:cb:27:27:e8:cd:c9:0e:b2:40:d3:fb:c0:03:d1:
5a:27:86:56:4f:54:cc:63:78:74:f9:79:bf:c0:f2:73:05:19:
4e:e0:d0:26:9b:6f:d0:5f:6c:7c:8b:84:ba:82:37:d6:b9:ac:
97:02:bb:bc:14:72:71:52:70:db:b2:93:26:db:52:4a:7c:4e:
31:7e:6a:d6:44:b0:d9:56:08:7c:17:b2:28:bb:51:ce:9f:00:
59:7d:e5:f0:47:16:64:ae:8f:ce:5e:00:f1:00:da:ae:b8:18:
ba:1e:f8:af:a6:dd:58:bd:11:01:8b:f1:49:d9:da:57:1b:95:
29:75:1f:11:7d:9f:7e:44:f8:0d:35:c0:68:67:20:2a:b4:97:
c6:4f:e8:b3:cf:b1:f9:25:12:0a:33:f4:34:bd:5f:7c:3e:41:
f6:a8:03:3b:c3:bc:94:44:fb:c6:e2:2d:37:37:3a:09:37:58:
53:0f:0f:e0:57:13:0c:5a:90:05:f3:c2:fa:0f:e3:b1:b8:f8:
12:7b:a6:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvsRZk8wGLhD97VRCRiT4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTQ4YjEzNTUxYzRmMzAyNzIyYTgwZjhjNjJlNmVmZDUz
NjllZGMwHhcNMjMwMTAxMjMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFhMjliM2JlNmY0M2ZiN2Q5OWUwNTU3YTVmOGZlNmM4NTg3OWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06gSqrs1BOqh20vZfZcrHbnT77Pw
lLcXFamQOQpZdaejO6bnUiZq9WYdCb6uQL0ERiumARmnkX8/LjtEVDMYoAcyoXoi
i4x3ge2RPal9Zs78FY8k1vQmAK0SBPnHABWRhQu4i6CI/3LlT7yV3GV4QhRkyZf4
VoM6bBsUvPEWtXFqbes4YHWg8UxisGHqSdRuDnmcLd21SBkJ0nZA9kd3/o9EsFNu
HVnKJ/dORLL2QE6I5lHNUKEfDGr0kok/wlrA5Z4AFOkalXo42pdUkAi6NBmfYmUr
Ts/r3NppnjHznkZJ/TulyPn16Hvwwvd83kfPmHp04l6elgI9tZKHqc2tAwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF6qKbO+b0P7fZngVXpfj+bIWHn6MB8GA1UdIwQY
MBaAFEHkixNVHE8wJyKoD4xi5u/VNp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVTTEUxVWNUekFuSXFnUGpHTG03OVUybnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNzk2ODQtY2IyMS00ZGNjLTk2MjEt
NWY5MTE2MDM5NDVhLzEvWHFvcHM3NXZRX3Q5bWVCVmVsLVA1c2hZZWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNzk2ODQtY2IyMS00ZGNjLTk2MjEtNWY5MTE2MDM5NDVh
LzEvUWVTTEUxVWNUekFuSXFnUGpHTG03OVUybnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDshegAwQC
uTTcAwQE2aiQMA0EAgACMAcDBQMqAB+wMA0GCSqGSIb3DQEBCwUAA4IBAQANk5DW
0RjJsU4jE5EXRK8wk/y6Oo7piTuLyYm6YL8/somhl8GRnMrCZUZjSXVK23trczHN
4NEK32WSyycn6M3JDrJA0/vAA9FaJ4ZWT1TMY3h0+Xm/wPJzBRlO4NAmm2/QX2x8
i4S6gjfWuayXAru8FHJxUnDbspMm21JKfE4xfmrWRLDZVgh8F7Iou1HOnwBZfeXw
RxZkro/OXgDxANquuBi6Hvivpt1YvREBi/FJ2dpXG5UpdR8RfZ9+RPgNNcBoZyAq
tJfGT+izz7H5JRIKM/Q0vV98PkH2qAM7w7yURPvG4i03NzoJN1hTDw/gVxMMWpAF
88L6D+OxuPgSe6bW
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:48 2025 by rpki-client