Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/269486-09dc-4d49-84e5-968bc32d9adc/1/qOgqE3TuZZjFA0zi4S62GnMz7KY.roa
File: qOgqE3TuZZjFA0zi4S62GnMz7KY.roa (raw, json)
Hash identifier: r/sFMWjXzlFmcek6C+kr4eygXusXe56noe1eG8EXcRs=
Subject key identifier: A8:E8:2A:13:74:EE:65:98:C5:03:4C:E2:E1:2E:B6:1A:73:33:EC:A6
Certificate issuer: /CN=9c8440d3e55babae92bc693ea39092f6e4f50c24
Certificate serial: 01875540FAF89B73047C199963E9AFA88810
Authority key identifier: 9C:84:40:D3:E5:5B:AB:AE:92:BC:69:3E:A3:90:92:F6:E4:F5:0C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nIRA0-Vbq66SvGk-o5CS9uT1DCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/269486-09dc-4d49-84e5-968bc32d9adc/1/qOgqE3TuZZjFA0zi4S62GnMz7KY.roa
Signing time: Thu 06 Apr 2023 06:28:54 +0000
ROA not before: Thu 06 Apr 2023 06:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.211.42.0/24 maxlen: 32
194.124.252.0/24 maxlen: 32
194.124.255.0/24 maxlen: 32
45.13.228.0/22 maxlen: 32
194.126.194.0/24 maxlen: 32
82.115.215.0/24 maxlen: 32
45.158.212.0/22 maxlen: 32
176.111.172.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:40:fa:f8:9b:73:04:7c:19:99:63:e9:af:a8:88:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c8440d3e55babae92bc693ea39092f6e4f50c24
Validity
Not Before: Apr 6 06:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e82a1374ee6598c5034ce2e12eb61a7333eca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:67:91:a1:b1:96:ad:f8:bb:31:0b:d6:10:
63:cd:7b:de:6d:dd:36:02:a8:9f:ac:2c:9f:04:d0:
1c:9f:be:56:8f:8c:a2:9e:10:49:ee:67:8f:d5:15:
7f:ac:ab:d5:2d:0e:51:bc:3e:4f:31:31:41:8b:f0:
1a:8d:29:57:e2:4d:d4:0c:69:60:e7:25:af:a8:5e:
e8:3f:34:e9:38:a8:5c:34:f3:69:38:46:8e:8a:7c:
19:d0:30:98:c0:36:63:ca:c5:40:3f:38:1a:6c:e3:
db:ef:25:50:91:7a:da:cc:fe:00:ae:63:d8:e8:ee:
2c:25:94:cd:2f:14:46:e9:d4:f0:d3:b2:dc:14:de:
8f:e0:2e:47:7e:9b:8e:19:d8:99:b6:bc:07:9a:11:
f3:ca:21:82:80:a9:99:f2:8c:ed:96:6b:2b:a6:1c:
4e:fa:6e:3c:f7:6f:18:4c:18:d1:f9:4b:f7:ee:fd:
5c:88:56:58:32:94:65:dc:f7:f8:96:ff:15:09:f0:
62:82:8a:af:1c:ab:98:f8:04:e7:e3:d0:73:d9:b7:
4b:1f:f5:92:86:c1:69:da:d6:89:86:bd:c6:28:e8:
42:1a:6a:19:9f:d1:97:74:31:d5:d7:38:4e:7d:2b:
a4:dd:2d:59:fe:53:cb:12:39:c1:65:73:0c:be:1e:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E8:2A:13:74:EE:65:98:C5:03:4C:E2:E1:2E:B6:1A:73:33:EC:A6
X509v3 Authority Key Identifier:
keyid:9C:84:40:D3:E5:5B:AB:AE:92:BC:69:3E:A3:90:92:F6:E4:F5:0C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nIRA0-Vbq66SvGk-o5CS9uT1DCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/269486-09dc-4d49-84e5-968bc32d9adc/1/qOgqE3TuZZjFA0zi4S62GnMz7KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/269486-09dc-4d49-84e5-968bc32d9adc/1/nIRA0-Vbq66SvGk-o5CS9uT1DCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.228.0/22
45.158.212.0/22
82.115.215.0/24
176.111.172.0/24
185.211.42.0/24
194.124.252.0/24
194.124.255.0/24
194.126.194.0/24
Signature Algorithm: sha256WithRSAEncryption
40:94:95:7d:7b:bc:cc:e7:60:a1:17:c0:ba:ec:55:30:85:05:
3e:34:b4:64:f9:99:85:9e:5e:6c:c0:17:ec:3d:83:fe:7c:81:
e6:64:42:a5:53:91:57:9a:76:c5:f6:75:4b:9b:2c:ec:03:e5:
ce:1e:ad:46:72:3c:e1:86:4c:90:fa:37:c9:0c:e9:88:88:e6:
c2:39:ad:68:e0:da:f5:68:e3:98:cb:c4:0f:e3:5d:f1:ba:d7:
b1:fa:66:f4:52:89:a2:ce:3a:93:47:05:b8:f5:a4:76:ec:b9:
a5:55:9a:ea:1a:d3:4e:41:6d:55:9d:94:a4:3a:cc:74:53:24:
31:44:b6:87:a2:95:a4:3c:ac:d0:44:9c:06:8e:98:26:19:f4:
57:11:bb:0c:50:4a:9e:39:ee:78:10:ec:7a:8d:7d:90:51:a8:
6a:b6:77:5c:f5:b7:ed:0a:59:98:74:c6:5a:dc:3f:9e:fb:5a:
92:9a:29:ff:63:da:e0:17:1f:4f:e9:50:f2:c7:88:06:01:ea:
e6:12:6f:67:63:45:18:ce:5a:0d:a0:d8:9b:96:e0:43:f0:be:
3a:9e:71:31:2e:41:e4:6c:3d:63:45:38:7a:96:59:66:80:d5:
39:94:7d:49:7f:69:c8:25:a6:ce:ca:f2:da:8d:cb:c1:2b:b0:
61:c6:4a:43
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdVQPr4m3MEfBmZY+mvqIgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljODQ0MGQzZTU1YmFiYWU5MmJjNjkzZWEzOTA5MmY2ZTRm
NTBjMjQwHhcNMjMwNDA2MDYyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU4MmExMzc0ZWU2NTk4YzUwMzRjZTJlMTJlYjYxYTczMzNlY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjutnkaGxlq34uzEL1hBjzXvebd02
AqifrCyfBNAcn75Wj4yinhBJ7meP1RV/rKvVLQ5RvD5PMTFBi/AajSlX4k3UDGlg
5yWvqF7oPzTpOKhcNPNpOEaOinwZ0DCYwDZjysVAPzgabOPb7yVQkXrazP4ArmPY
6O4sJZTNLxRG6dTw07LcFN6P4C5HfpuOGdiZtrwHmhHzyiGCgKmZ8oztlmsrphxO
+m48928YTBjR+Uv37v1ciFZYMpRl3Pf4lv8VCfBigoqvHKuY+ATn49Bz2bdLH/WS
hsFp2taJhr3GKOhCGmoZn9GXdDHV1zhOfSuk3S1Z/lPLEjnBZXMMvh6aKQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKjoKhN07mWYxQNM4uEuthpzM+ymMB8GA1UdIwQY
MBaAFJyEQNPlW6uukrxpPqOQkvbk9QwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbklSQTAtVmJxNjZTdkdrLW81Q1M5dVQxRENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNjk0ODYtMDlkYy00ZDQ5LTg0ZTUt
OTY4YmMzMmQ5YWRjLzEvcU9ncUUzVHVaWmpGQTB6aTRTNjJHbk16N0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNjk0ODYtMDlkYy00ZDQ5LTg0ZTUtOTY4YmMzMmQ5YWRj
LzEvbklSQTAtVmJxNjZTdkdrLW81Q1M5dVQxRENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLQ3kAwQC
LZ7UAwQAUnPXAwQAsG+sAwQAudMqAwQAwnz8AwQAwnz/AwQAwn7CMA0GCSqGSIb3
DQEBCwUAA4IBAQBAlJV9e7zM52ChF8C67FUwhQU+NLRk+ZmFnl5swBfsPYP+fIHm
ZEKlU5FXmnbF9nVLmyzsA+XOHq1GcjzhhkyQ+jfJDOmIiObCOa1o4Nr1aOOYy8QP
413xutex+mb0UomizjqTRwW49aR27LmlVZrqGtNOQW1VnZSkOsx0UyQxRLaHopWk
PKzQRJwGjpgmGfRXEbsMUEqeOe54EOx6jX2QUahqtndc9bftClmYdMZa3D+e+1qS
min/Y9rgFx9P6VDyx4gGAermEm9nY0UYzloNoNibluBD8L46nnExLkHkbD1jRTh6
lllmgNU5lH1Jf2nIJabOyvLajcvBK7BhxkpD
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:24 2025 by rpki-client