Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/QfUl5QLNhk0I7qctBXM_c9eZ2TA.roa
File: QfUl5QLNhk0I7qctBXM_c9eZ2TA.roa (raw, json)
Hash identifier: AXUc7nwnd/jrS8tjQYmNJppILEhv1+nFPBTDFx4NbUM=
Subject key identifier: 41:F5:25:E5:02:CD:86:4D:08:EE:A7:2D:05:73:3F:73:D7:99:D9:30
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4BAFF790069C8762B1C069F899AE4
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/QfUl5QLNhk0I7qctBXM_c9eZ2TA.roa
Signing time: Sun 01 Jan 2023 19:35:13 +0000
ROA not before: Sun 01 Jan 2023 19:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 193.142.36.0/22 maxlen: 22
212.87.219.0/24 maxlen: 24
212.87.218.0/24 maxlen: 24
212.87.216.0/24 maxlen: 24
91.132.124.0/23 maxlen: 23
93.177.95.0/24 maxlen: 24
93.177.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ba:ff:79:00:69:c8:76:2b:1c:06:9f:89:9a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41f525e502cd864d08eea72d05733f73d799d930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:95:9d:88:52:f3:64:ef:9f:a0:56:f2:f6:de:
00:9f:a2:81:57:b6:39:73:80:d1:cf:92:38:55:c3:
36:9f:c3:49:18:63:f4:ea:2a:f2:1f:ae:85:eb:c1:
e3:f9:f3:e2:21:f0:f3:48:3a:bc:8b:58:45:11:d1:
82:60:35:3e:cd:04:31:b4:b0:ac:ef:1a:bc:ab:6b:
99:2a:00:c4:5f:30:05:7d:46:65:40:df:86:01:7c:
fe:57:ee:3c:f9:4e:dc:1b:54:f0:36:8c:53:34:69:
e1:1b:13:32:8b:d0:4e:90:16:86:90:63:ab:44:a7:
b1:54:be:11:6f:68:fe:41:81:94:ef:95:60:45:cb:
d1:9a:15:68:10:fa:3c:5b:f6:51:b5:80:ac:84:19:
99:49:c1:42:cf:3c:34:00:39:43:b3:d9:f4:40:74:
c7:7e:08:4f:1c:2f:c2:48:e0:e6:ca:b6:d0:f3:1f:
07:15:6d:8e:6d:03:2e:7e:8a:e9:a0:d1:94:7a:d7:
53:67:30:36:92:03:80:1f:1e:02:f9:e9:ca:8a:b6:
a0:ff:75:cd:3e:95:fd:4c:48:92:5e:13:15:42:49:
fe:e2:b4:10:b1:65:22:3c:48:79:c5:58:53:5d:74:
8e:7c:cb:66:69:74:11:ee:48:23:cf:b1:81:88:fd:
c3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F5:25:E5:02:CD:86:4D:08:EE:A7:2D:05:73:3F:73:D7:99:D9:30
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/QfUl5QLNhk0I7qctBXM_c9eZ2TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.124.0/23
93.177.94.0/23
193.142.36.0/22
212.87.216.0/24
212.87.218.0/23
Signature Algorithm: sha256WithRSAEncryption
44:50:ff:97:77:45:cc:3b:de:cd:00:96:dd:f3:ee:7b:13:e1:
ca:db:06:62:d2:65:85:2a:be:e3:1e:00:bb:38:75:f4:4f:ae:
42:f6:9f:df:6e:a9:3f:2f:fb:ca:10:38:d7:e1:fe:6d:6c:ac:
7d:af:59:fd:4d:95:c0:f0:f8:81:40:bf:20:e7:78:55:d0:a9:
41:12:65:98:5d:bc:98:ae:ff:8f:0b:c5:bc:86:5d:db:a3:ad:
19:e2:71:8d:68:8b:51:47:94:d5:06:1b:1a:b6:3a:e3:bb:88:
8b:59:03:df:b1:09:dd:c1:cb:77:82:46:09:9c:20:80:33:23:
d9:12:96:44:a6:1e:48:82:37:13:90:44:ff:22:8e:0b:e0:28:
c3:f3:7b:27:a5:48:b9:81:6f:de:89:83:0b:2f:ad:ba:e0:6e:
e6:93:eb:34:d4:2e:cb:b7:9b:cd:64:33:71:5d:82:fd:1b:eb:
03:e1:10:74:b4:db:94:ca:91:54:2c:c8:9f:5c:5f:1e:88:df:
35:26:e4:5c:e0:7c:cc:d1:c1:74:57:8a:83:a7:03:6e:bc:91:
cf:78:56:bc:dc:99:c6:67:d3:f5:04:7a:a0:d8:e2:61:0f:c4:
10:ed:97:4d:3d:c0:ef:a5:25:f6:38:5e:1b:05:38:28:28:e1:
01:87:42:79
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVu1Lr/eQBpyHYrHAafiZrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWY1MjVlNTAyY2Q4NjRkMDhlZWE3MmQwNTczM2Y3M2Q3OTlkOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZWdiFLzZO+foFby9t4An6KBV7Y5
c4DRz5I4VcM2n8NJGGP06iryH66F68Hj+fPiIfDzSDq8i1hFEdGCYDU+zQQxtLCs
7xq8q2uZKgDEXzAFfUZlQN+GAXz+V+48+U7cG1TwNoxTNGnhGxMyi9BOkBaGkGOr
RKexVL4Rb2j+QYGU75VgRcvRmhVoEPo8W/ZRtYCshBmZScFCzzw0ADlDs9n0QHTH
fghPHC/CSODmyrbQ8x8HFW2ObQMuforpoNGUetdTZzA2kgOAHx4C+enKirag/3XN
PpX9TEiSXhMVQkn+4rQQsWUiPEh5xVhTXXSOfMtmaXQR7kgjz7GBiP3DBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEH1JeUCzYZNCO6nLQVzP3PXmdkwMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvUWZVbDVRTE5oazBJN3FjdEJYTV9jOWVaMlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW4R8AwQB
XbFeAwQCwY4kAwQA1FfYAwQB1FfaMA0GCSqGSIb3DQEBCwUAA4IBAQBEUP+Xd0XM
O97NAJbd8+57E+HK2wZi0mWFKr7jHgC7OHX0T65C9p/fbqk/L/vKEDjX4f5tbKx9
r1n9TZXA8PiBQL8g53hV0KlBEmWYXbyYrv+PC8W8hl3bo60Z4nGNaItRR5TVBhsa
tjrju4iLWQPfsQndwct3gkYJnCCAMyPZEpZEph5IgjcTkET/Io4L4CjD83snpUi5
gW/eiYMLL6264G7mk+s01C7Lt5vNZDNxXYL9G+sD4RB0tNuUypFULMifXF8eiN81
JuRc4HzM0cF0V4qDpwNuvJHPeFa83JnGZ9P1BHqg2OJhD8QQ7ZdNPcDvpSX2OF4b
BTgoKOEBh0J5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:44 2025 by rpki-client