Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/KQQl88pudZq85EBbxW7r0gqznMw.roa
File: KQQl88pudZq85EBbxW7r0gqznMw.roa (raw, json)
Hash identifier: aoxusWm+UZcNumfa1uGUCVyYRA8uAtf3+LDHw7/jn2M=
Subject key identifier: 29:04:25:F3:CA:6E:75:9A:BC:E4:40:5B:C5:6E:EB:D2:0A:B3:9C:CC
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4C0A144AB24CD6FC7C771F41B038E
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/KQQl88pudZq85EBbxW7r0gqznMw.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 88.218.80.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c0:a1:44:ab:24:cd:6f:c7:c7:71:f4:1b:03:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290425f3ca6e759abce4405bc56eebd20ab39ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:56:79:57:6d:8b:d0:af:b9:38:e5:a8:91:
74:f0:b5:3a:9f:50:ad:eb:6b:9a:4a:56:01:f8:d5:
d0:63:fc:14:06:98:e2:15:54:85:f8:c4:a6:b0:9d:
2f:a4:71:e1:e8:5c:06:9c:f8:66:16:7f:32:e2:9f:
93:5b:bd:61:db:5c:16:e1:10:d4:3a:76:7d:99:80:
b4:b6:7d:c6:3f:65:83:3d:8e:2b:fd:8e:a3:38:37:
a8:0f:bf:3d:97:a7:c5:48:15:d5:55:e3:84:8d:70:
e0:61:28:68:80:b5:91:e0:14:93:63:96:d2:4b:54:
99:3e:f6:52:14:0a:8b:75:66:18:1c:a1:a0:ca:af:
48:cb:e1:79:c4:42:22:13:43:06:69:75:48:e0:94:
9d:70:42:a7:1b:33:75:ba:02:75:83:bc:26:df:d4:
7e:ed:29:e3:29:e7:00:97:0e:41:51:44:97:d4:f4:
b3:7c:b0:6c:20:c1:d3:91:de:21:7a:fa:74:45:ed:
5c:87:bd:2a:da:63:0b:7a:2c:aa:00:87:00:9b:f7:
1a:65:d8:6d:81:a0:97:61:c5:e9:a6:e2:22:6d:e0:
7f:9a:3d:e1:9b:3c:73:f7:67:9a:55:70:ef:8d:2d:
3b:c2:49:61:26:36:5a:28:5d:26:fa:30:7b:a6:e7:
f3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:04:25:F3:CA:6E:75:9A:BC:E4:40:5B:C5:6E:EB:D2:0A:B3:9C:CC
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/KQQl88pudZq85EBbxW7r0gqznMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
95.214.83.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:df:53:c7:27:50:8f:c0:4a:84:36:96:df:29:26:5b:8c:40:
8c:47:bd:c7:60:26:3c:c8:e8:91:e1:db:5a:03:73:90:78:a1:
4c:88:3b:d1:62:a6:85:38:eb:c7:b1:5b:d1:b0:38:9a:74:40:
5f:2c:ec:ee:9c:af:95:99:68:ee:cf:fd:74:9a:b2:19:b6:2f:
92:09:13:b9:88:09:5d:cb:5c:2d:06:f0:70:ca:f3:23:1d:4d:
2e:27:36:67:a5:d0:78:e3:b9:3e:06:d3:d2:c9:a0:5f:a0:bf:
17:1d:56:f7:27:42:eb:41:4c:4f:86:03:13:33:a2:aa:70:db:
50:7b:ee:fb:b4:f0:19:0a:05:c7:9a:e8:5b:36:83:4e:f7:e3:
4a:71:d0:32:f1:48:65:82:4c:0a:66:1f:11:4c:84:e9:56:c0:
16:f2:68:1f:0f:66:b4:dc:02:6a:eb:25:1c:15:0b:2c:22:ef:
66:43:a6:58:87:3a:7c:0f:de:fd:78:a6:8f:13:dd:96:8e:aa:
a9:ec:6c:f9:ad:5a:a1:57:b7:b0:56:f4:38:20:f8:93:4e:56:
6f:8e:3d:a8:79:b1:c1:8a:a9:68:b5:6b:04:b6:99:2b:a0:06:
ea:f5:6c:a1:9e:ce:50:ff:76:49:e5:0f:95:19:28:32:32:d5:
9f:ce:b1:df
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVu1MChRKskzW/Hx3H0GwOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA0MjVmM2NhNmU3NTlhYmNlNDQwNWJjNTZlZWJkMjBhYjM5Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZBWeVdti9CvuTjlqJF08LU6n1Ct
62uaSlYB+NXQY/wUBpjiFVSF+MSmsJ0vpHHh6FwGnPhmFn8y4p+TW71h21wW4RDU
OnZ9mYC0tn3GP2WDPY4r/Y6jODeoD789l6fFSBXVVeOEjXDgYShogLWR4BSTY5bS
S1SZPvZSFAqLdWYYHKGgyq9Iy+F5xEIiE0MGaXVI4JSdcEKnGzN1ugJ1g7wm39R+
7SnjKecAlw5BUUSX1PSzfLBsIMHTkd4hevp0Re1ch70q2mMLeiyqAIcAm/caZdht
gaCXYcXppuIibeB/mj3hmzxz92eaVXDvjS07wklhJjZaKF0m+jB7pufzawIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCkEJfPKbnWavORAW8Vu69IKs5zMMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvS1FRbDg4cHVkWnE4NUVCYnhXN3IwZ3F6bk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTVMUAwQC
VPxAAwQAWNpQAwQAX9ZTAwQBsHa8AwQAsHa/AwQBubFMAwQAwaBEMA0GCSqGSIb3
DQEBCwUAA4IBAQCj31PHJ1CPwEqENpbfKSZbjECMR73HYCY8yOiR4dtaA3OQeKFM
iDvRYqaFOOvHsVvRsDiadEBfLOzunK+VmWjuz/10mrIZti+SCRO5iAldy1wtBvBw
yvMjHU0uJzZnpdB447k+BtPSyaBfoL8XHVb3J0LrQUxPhgMTM6KqcNtQe+77tPAZ
CgXHmuhbNoNO9+NKcdAy8UhlgkwKZh8RTITpVsAW8mgfD2a03AJq6yUcFQssIu9m
Q6ZYhzp8D979eKaPE92Wjqqp7Gz5rVqhV7ewVvQ4IPiTTlZvjj2oebHBiqlotWsE
tpkroAbq9Wyhns5Q/3ZJ5Q+VGSgyMtWfzrHf
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:27:34 2025 by rpki-client