Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/Q643Ti_drNCIp6fhw9dqQY-x9rI.roa
File: Q643Ti_drNCIp6fhw9dqQY-x9rI.roa (raw, json)
Hash identifier: Ym4LBu369T2gsg/wSrUowGnbxAOnNivuuGebbGBSwmI=
Subject key identifier: 43:AE:37:4E:2F:DD:AC:D0:88:A7:A7:E1:C3:D7:6A:41:8F:B1:F6:B2
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01835F5385EEB320111BBF1A47576E6C9573
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/Q643Ti_drNCIp6fhw9dqQY-x9rI.roa
Signing time: Wed 21 Sep 2022 09:14:12 +0000
ROA not before: Wed 21 Sep 2022 09:14:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.31.126.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
194.99.26.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:53:85:ee:b3:20:11:1b:bf:1a:47:57:6e:6c:95:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Sep 21 09:14:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43ae374e2fddacd088a7a7e1c3d76a418fb1f6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:4f:b3:34:7a:3d:9c:17:0b:9f:31:11:61:
39:04:78:6f:7c:aa:e6:d7:e0:26:dd:67:a4:f9:cc:
46:b5:18:f4:b8:cb:23:79:a4:4a:06:a1:eb:0d:90:
6d:67:70:36:92:f5:eb:8f:4e:fb:fb:c0:00:84:ba:
d0:2c:87:8d:bd:b2:0e:a4:48:72:8b:ea:fd:82:84:
89:0a:9c:65:e6:ee:45:07:22:21:c3:40:ec:69:08:
d5:69:04:8c:81:3f:2d:65:0e:09:a1:25:5c:1f:cc:
63:15:68:bc:f3:79:0b:e1:92:fe:09:de:59:a1:2a:
3c:d7:6c:27:23:82:10:0a:04:3c:18:d4:8b:19:08:
e6:4f:f8:66:26:50:b6:25:07:30:e8:0e:2c:ca:8e:
96:2d:99:1e:5b:bc:f9:6a:f4:40:e4:07:25:d9:55:
53:35:13:fb:3a:9e:6e:29:3b:ec:17:a9:75:4d:60:
04:37:44:5d:97:4e:6b:4e:14:56:1a:79:51:c8:e9:
4c:67:08:ff:07:b8:79:62:0b:7d:c3:f5:5d:53:62:
94:d0:b0:28:cd:05:63:2d:74:02:f5:4a:ca:23:6d:
65:18:71:99:1c:fc:77:85:b3:34:a1:41:12:7d:f4:
52:eb:b5:ea:6f:72:38:b0:8f:f7:12:50:0a:a5:a1:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AE:37:4E:2F:DD:AC:D0:88:A7:A7:E1:C3:D7:6A:41:8F:B1:F6:B2
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/Q643Ti_drNCIp6fhw9dqQY-x9rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.24.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
52:10:85:89:f7:03:36:97:5e:04:c0:54:25:6c:8d:5b:6f:89:
88:e7:9a:aa:70:b3:5f:2f:32:f3:14:69:fa:c0:d2:38:f1:39:
25:1e:59:a8:81:85:1b:50:97:ca:b2:49:36:b5:ad:1b:16:60:
47:79:49:71:0b:37:e6:40:c8:c2:ea:48:a3:7e:a8:e7:b5:a5:
60:0a:36:5d:80:42:8b:48:14:11:a2:88:01:f9:01:82:8e:a8:
81:e6:f6:93:ed:4d:89:b7:d6:80:e1:98:61:bc:1f:21:3a:ca:
53:3c:70:1a:fd:da:69:eb:68:d6:34:1e:6e:6a:4f:25:45:43:
16:dd:a5:d4:3c:d6:12:94:53:60:f2:d4:97:1f:8a:64:db:8b:
0d:50:f7:9c:cd:24:d7:b0:a9:db:57:1a:bb:03:88:80:7c:77:
af:ff:6d:5e:e1:8e:6a:6a:6d:77:62:6e:d5:56:89:6d:29:f1:
02:4d:35:67:ee:14:2e:90:d6:46:35:25:5e:f5:ee:36:a3:f4:
e7:37:ec:95:96:b4:c7:af:7a:32:22:80:92:4a:8e:48:41:3a:
38:f0:58:f1:b9:27:97:f7:ae:56:4d:c9:d9:3f:32:59:9b:84:
60:16:a8:7c:de:d1:56:46:1d:18:94:28:2a:cc:3e:a7:ec:d2:
63:b5:4e:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYNfU4XusyARG78aR1dubJVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjIwOTIxMDkxNDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FlMzc0ZTJmZGRhY2QwODhhN2E3ZTFjM2Q3NmE0MThmYjFmNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxBPszR6PZwXC58xEWE5BHhvfKrm
1+Am3Wek+cxGtRj0uMsjeaRKBqHrDZBtZ3A2kvXrj077+8AAhLrQLIeNvbIOpEhy
i+r9goSJCpxl5u5FByIhw0DsaQjVaQSMgT8tZQ4JoSVcH8xjFWi883kL4ZL+Cd5Z
oSo812wnI4IQCgQ8GNSLGQjmT/hmJlC2JQcw6A4syo6WLZkeW7z5avRA5Acl2VVT
NRP7Op5uKTvsF6l1TWAEN0Rdl05rThRWGnlRyOlMZwj/B7h5Ygt9w/VdU2KU0LAo
zQVjLXQC9UrKI21lGHGZHPx3hbM0oUESffRS67Xqb3I4sI/3ElAKpaFYrQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEOuN04v3azQiKen4cPXakGPsfayMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvUTY0M1RpX2RyTkNJcDZmaHc5ZHFRWS14OXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCTVMYAwQA
wR9+MAwDBADBl70DBAbBl4ADBADCYxgDBADCYxowDQYJKoZIhvcNAQELBQADggEB
AFIQhYn3AzaXXgTAVCVsjVtviYjnmqpws18vMvMUafrA0jjxOSUeWaiBhRtQl8qy
STa1rRsWYEd5SXELN+ZAyMLqSKN+qOe1pWAKNl2AQotIFBGiiAH5AYKOqIHm9pPt
TYm31oDhmGG8HyE6ylM8cBr92mnraNY0Hm5qTyVFQxbdpdQ81hKUU2Dy1JcfimTb
iw1Q95zNJNewqdtXGrsDiIB8d6//bV7hjmpqbXdibtVWiW0p8QJNNWfuFC6Q1kY1
JV717jaj9Oc37JWWtMevejIigJJKjkhBOjjwWPG5J5f3rlZNydk/MlmbhGAWqHze
0VZGHRiUKCrMPqfs0mO1Tos=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:34 2025 by rpki-client