Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/qgBogcawOdipS3Ld-oc_EXZp3qU.roa
File: qgBogcawOdipS3Ld-oc_EXZp3qU.roa (raw, json)
Hash identifier: 2YHY/a/2v6e2nc5ActohWn+5xwfcz+cCdFxFBc/gYJ8=
Subject key identifier: AA:00:68:81:C6:B0:39:D8:A9:4B:72:DD:FA:87:3F:11:76:69:DE:A5
Certificate issuer: /CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Certificate serial: 018A64F49FF26BBA8E86B941EEC0F738A449
Authority key identifier: 45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/qgBogcawOdipS3Ld-oc_EXZp3qU.roa
Signing time: Tue 05 Sep 2023 10:47:47 +0000
ROA not before: Tue 05 Sep 2023 10:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60822
IP address blocks: 46.23.205.0/24 maxlen: 24
46.23.204.0/24 maxlen: 24
46.23.206.0/24 maxlen: 24
46.23.200.0/22 maxlen: 22
46.23.207.0/24 maxlen: 24
195.137.144.0/22 maxlen: 22
195.137.140.0/22 maxlen: 22
195.137.150.0/24 maxlen: 24
195.137.152.0/24 maxlen: 24
195.137.151.0/24 maxlen: 24
195.137.149.0/24 maxlen: 24
195.137.148.0/24 maxlen: 24
195.137.154.0/24 maxlen: 24
195.137.153.0/24 maxlen: 24
195.137.155.0/24 maxlen: 24
46.23.192.0/21 maxlen: 21
185.85.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:f4:9f:f2:6b:ba:8e:86:b9:41:ee:c0:f7:38:a4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Validity
Not Before: Sep 5 10:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa006881c6b039d8a94b72ddfa873f117669dea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:12:98:5e:55:4a:59:74:9b:2c:d8:c9:21:e5:
4d:7e:cb:b4:9a:33:e3:03:43:e8:00:93:49:cf:59:
1d:2e:32:e2:1b:83:6d:27:2e:1b:5b:21:7c:ae:ad:
ec:ff:de:f0:b6:c4:81:49:1f:a9:6b:a5:a7:d6:00:
fe:8d:72:65:b4:92:1c:97:8b:a0:51:b1:6b:ac:82:
11:ce:55:8f:93:4f:db:20:44:e0:34:10:ee:ee:32:
18:ac:7c:eb:9b:32:46:7e:4f:ed:10:88:a6:bc:2a:
98:75:59:cb:7e:bd:aa:e0:44:08:08:93:0c:20:3c:
43:71:06:2f:12:9a:ed:61:19:49:07:27:27:fc:bd:
a6:d3:cb:03:af:06:c6:b9:31:34:39:39:9d:65:97:
f3:40:f6:2f:d9:98:62:9f:24:87:05:0e:bb:d2:67:
a8:52:3a:a2:d6:fb:a0:d3:15:76:39:f0:9e:e5:fc:
19:66:7b:e4:2d:7f:e1:5e:05:8c:ae:b3:9e:13:26:
41:13:01:a3:99:62:00:6a:ac:40:40:73:92:fc:ea:
ae:fd:d8:39:96:29:75:2e:e1:8f:d0:a7:6b:2d:53:
9c:e6:0e:c9:15:32:8e:70:17:1a:a3:cd:1e:30:55:
47:1a:d7:5f:d6:40:bd:a6:50:27:76:87:ba:ad:ab:
1e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:00:68:81:C6:B0:39:D8:A9:4B:72:DD:FA:87:3F:11:76:69:DE:A5
X509v3 Authority Key Identifier:
keyid:45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/qgBogcawOdipS3Ld-oc_EXZp3qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/RYg0xSq-MEJ_CiKqRv09CAntRYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.192.0/20
185.85.212.0/22
195.137.140.0-195.137.155.255
Signature Algorithm: sha256WithRSAEncryption
5d:94:8f:c5:51:58:0d:59:4f:d9:f8:f5:50:e8:4e:77:8b:ab:
34:d7:5e:ae:d7:d4:89:b3:a5:17:37:8e:eb:27:23:9b:1e:c4:
51:b4:48:a1:0f:65:e1:e7:87:d6:dc:d2:e7:67:dc:5a:ef:f0:
18:f8:e8:b4:26:f1:5d:d1:a4:29:2b:33:f3:c8:a9:64:09:28:
19:20:89:83:80:6a:5e:d9:cf:9f:4f:39:4e:4b:0c:eb:e2:7e:
c7:31:c3:8b:f3:a6:9c:1b:28:16:b6:6c:24:2a:05:2f:9c:e1:
65:03:45:08:d2:9b:1d:b9:63:fd:d5:54:72:fe:02:f3:54:19:
e1:5a:4d:27:4b:08:d7:88:6d:cf:bf:01:7f:cb:4e:ba:2a:01:
b2:08:6c:45:b0:02:c3:67:d8:72:55:95:39:7a:d3:0c:1f:90:
ff:38:e5:a1:e8:ea:a4:f0:71:75:d7:7b:ae:dd:7b:6b:c6:73:
4d:f4:6e:10:f5:e1:87:e4:b5:79:e9:ce:d7:1c:ac:28:34:d9:
d0:85:8e:3b:b4:71:6a:47:00:93:57:47:24:34:76:fe:6d:6b:
ff:0d:3d:38:74:37:3b:1e:7a:4c:1a:6d:0a:99:6b:31:41:f2:
f0:ce:d7:ce:28:c7:f7:e9:3a:de:25:ef:75:4c:8f:7c:e1:6c:
b2:c4:70:e3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpk9J/ya7qOhrlB7sD3OKRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODgzNGM1MmFiZTMwNDI3ZjBhMjJhYTQ2ZmQzZDA4MDll
ZDQ1ODUwHhcNMjMwOTA1MTA0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTAwNjg4MWM2YjAzOWQ4YTk0YjcyZGRmYTg3M2YxMTc2NjlkZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hKYXlVKWXSbLNjJIeVNfsu0mjPj
A0PoAJNJz1kdLjLiG4NtJy4bWyF8rq3s/97wtsSBSR+pa6Wn1gD+jXJltJIcl4ug
UbFrrIIRzlWPk0/bIETgNBDu7jIYrHzrmzJGfk/tEIimvCqYdVnLfr2q4EQICJMM
IDxDcQYvEprtYRlJBycn/L2m08sDrwbGuTE0OTmdZZfzQPYv2ZhinySHBQ670meo
Ujqi1vug0xV2OfCe5fwZZnvkLX/hXgWMrrOeEyZBEwGjmWIAaqxAQHOS/Oqu/dg5
lil1LuGP0KdrLVOc5g7JFTKOcBcao80eMFVHGtdf1kC9plAndoe6rasehwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKoAaIHGsDnYqUty3fqHPxF2ad6lMB8GA1UdIwQY
MBaAFEWINMUqvjBCfwoiqkb9PQgJ7UWFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGIt
YTMxMTQzNDYzYmU5LzEvcWdCb2djYXdPZGlwUzNMZC1vY19FWFpwM3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGItYTMxMTQzNDYzYmU5
LzEvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQELhfAAwQC
uVXUMAwDBALDiYwDBALDiZgwDQYJKoZIhvcNAQELBQADggEBAF2Uj8VRWA1ZT9n4
9VDoTneLqzTXXq7X1ImzpRc3jusnI5sexFG0SKEPZeHnh9bc0udn3Frv8Bj46LQm
8V3RpCkrM/PIqWQJKBkgiYOAal7Zz59POU5LDOvifscxw4vzppwbKBa2bCQqBS+c
4WUDRQjSmx25Y/3VVHL+AvNUGeFaTSdLCNeIbc+/AX/LTroqAbIIbEWwAsNn2HJV
lTl60wwfkP845aHo6qTwcXXXe67de2vGc030bhD14YfktXnpztccrCg02dCFjju0
cWpHAJNXRyQ0dv5ta/8NPTh0NzseekwabQqZazFB8vDO184ox/fpOt4l73VMj3zh
bLLEcOM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:40 2025 by rpki-client