Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/QrmnbjgSygFDWHsO09VpW_iZC0c.roa
File: QrmnbjgSygFDWHsO09VpW_iZC0c.roa (raw, json)
Hash identifier: VHw1+Cgx8Es+YaWERxb3+M1gB2Ndwqk8aRAjsalZIcM=
Subject key identifier: 42:B9:A7:6E:38:12:CA:01:43:58:7B:0E:D3:D5:69:5B:F8:99:0B:47
Certificate issuer: /CN=dd189621d2fa872166e6a05ee47a7d756243e919
Certificate serial: 01941F8C2B81D6095EFDC80CF60B3D757AF0
Authority key identifier: DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/QrmnbjgSygFDWHsO09VpW_iZC0c.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15751
IP address blocks: 109.125.0.0/18 maxlen: 18
185.51.72.0/22 maxlen: 23
212.129.64.0/24 maxlen: 24
212.129.66.0/23 maxlen: 23
212.129.68.0/22 maxlen: 22
212.129.72.0/21 maxlen: 21
212.129.80.0/20 maxlen: 20
2a01:b340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2b:81:d6:09:5e:fd:c8:0c:f6:0b:3d:75:7a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd189621d2fa872166e6a05ee47a7d756243e919
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b9a76e3812ca0143587b0ed3d5695bf8990b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9c:75:43:92:ef:98:90:83:8d:3b:be:47:b0:
f1:7c:1e:ba:81:41:0b:81:ae:40:92:f6:10:bf:8b:
55:4b:e0:09:20:2a:e7:db:b7:5e:bf:73:e9:c6:3a:
0f:65:b6:29:27:30:71:14:29:46:6a:bc:c5:92:2a:
dc:f8:83:63:7c:81:78:ea:ac:35:b4:2d:53:73:09:
e6:ab:67:fc:78:28:64:e3:5e:e0:a0:0c:87:ce:cb:
15:74:f9:8f:2b:48:45:64:6b:b9:f2:12:40:25:ed:
91:e9:9e:fd:de:9b:18:c1:68:03:9b:9c:75:d2:c2:
fc:3b:1d:8b:6c:da:7a:d7:d2:01:ea:36:b3:9f:dc:
20:6f:1a:1a:5a:09:c1:09:21:14:0c:1b:79:1d:08:
5d:18:05:2c:83:3a:5f:6f:3c:73:c4:0d:be:49:2d:
00:44:89:a8:3d:87:81:bc:11:52:0f:59:4c:05:a8:
d8:4f:2a:ac:1b:c0:09:dc:15:9e:de:76:41:fd:d3:
c4:31:6d:db:ec:3a:1b:6a:f5:70:df:9e:05:ef:5c:
3a:97:11:4d:5d:52:f1:a1:63:bc:3a:1b:9b:e7:a6:
a7:cc:05:c2:50:c8:a5:05:3b:9d:a9:38:44:ae:1f:
07:5c:be:ff:43:d3:c4:24:4a:11:67:44:bd:1f:4d:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B9:A7:6E:38:12:CA:01:43:58:7B:0E:D3:D5:69:5B:F8:99:0B:47
X509v3 Authority Key Identifier:
keyid:DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/QrmnbjgSygFDWHsO09VpW_iZC0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.125.0.0/18
185.51.72.0/22
212.129.64.0/24
212.129.66.0-212.129.95.255
IPv6:
2a01:b340::/32
Signature Algorithm: sha256WithRSAEncryption
56:b5:d1:aa:ba:9f:3a:14:be:f9:ef:e5:7e:19:6d:cd:28:e3:
be:9a:d5:3e:36:f8:3b:a1:68:5f:5d:eb:f9:c3:f7:d8:10:c9:
0d:2f:14:fb:53:ad:c0:11:be:82:42:e4:9f:97:28:cd:b9:cf:
0b:6a:d7:be:e8:fa:3a:73:ca:f9:48:66:35:43:e0:2f:2c:4b:
22:0e:5f:eb:21:7d:24:c8:25:ff:f4:aa:dd:fd:a5:f0:c6:f4:
0b:26:5f:f5:43:34:7d:af:04:5a:06:5a:a4:a8:fc:02:41:32:
c5:37:73:64:12:09:a1:d1:8e:f2:91:4a:0b:9b:ac:ca:09:29:
3e:32:50:17:4f:d5:ed:63:a4:ee:68:08:1f:0a:92:a2:74:50:
7a:8f:af:c7:9b:d2:5e:e5:35:ed:5d:b9:64:1d:60:c4:26:6e:
9b:0c:d2:20:c0:af:43:a3:1f:94:76:cf:6f:32:f0:a7:c0:c2:
78:f2:d0:9a:eb:b1:d1:2c:6a:e9:8d:0a:59:91:89:57:b2:5a:
08:bc:9b:34:5a:29:d8:0f:a1:47:11:b0:c4:4b:fc:21:8a:50:
b3:3d:8d:32:09:09:05:9b:1c:8e:09:87:0c:71:11:2d:be:c2:
06:ca:2e:45:d6:2d:4a:45:39:ca:91:50:46:05:1a:d9:d4:9c:
c7:de:d3:b8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQfjCuB1gle/cgM9gs9dXrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTg5NjIxZDJmYTg3MjE2NmU2YTA1ZWU0N2E3ZDc1NjI0
M2U5MTkwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI5YTc2ZTM4MTJjYTAxNDM1ODdiMGVkM2Q1Njk1YmY4OTkwYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZx1Q5LvmJCDjTu+R7DxfB66gUEL
ga5AkvYQv4tVS+AJICrn27dev3PpxjoPZbYpJzBxFClGarzFkirc+INjfIF46qw1
tC1Tcwnmq2f8eChk417goAyHzssVdPmPK0hFZGu58hJAJe2R6Z793psYwWgDm5x1
0sL8Ox2LbNp619IB6jazn9wgbxoaWgnBCSEUDBt5HQhdGAUsgzpfbzxzxA2+SS0A
RImoPYeBvBFSD1lMBajYTyqsG8AJ3BWe3nZB/dPEMW3b7DobavVw354F71w6lxFN
XVLxoWO8Ohub56anzAXCUMilBTudqThErh8HXL7/Q9PEJEoRZ0S9H00QvwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEK5p244EsoBQ1h7DtPVaVv4mQtHMB8GA1UdIwQY
MBaAFN0YliHS+ochZuagXuR6fXViQ+kZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUt
NDQzMTFmOWNiODU2LzEvUXJtbmJqZ1N5Z0ZEV0hzTzA5VnBXX2laQzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUtNDQzMTFmOWNiODU2
LzEvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGbX0AAwQC
uTNIAwQA1IFAMAwDBAHUgUIDBAXUgUAwDQQCAAIwBwMFACoBs0AwDQYJKoZIhvcN
AQELBQADggEBAFa10aq6nzoUvvnv5X4Zbc0o476a1T42+DuhaF9d6/nD99gQyQ0v
FPtTrcARvoJC5J+XKM25zwtq177o+jpzyvlIZjVD4C8sSyIOX+shfSTIJf/0qt39
pfDG9AsmX/VDNH2vBFoGWqSo/AJBMsU3c2QSCaHRjvKRSgubrMoJKT4yUBdP1e1j
pO5oCB8KkqJ0UHqPr8eb0l7lNe1duWQdYMQmbpsM0iDAr0OjH5R2z28y8KfAwnjy
0JrrsdEsaumNClmRiVeyWgi8mzRaKdgPoUcRsMRL/CGKULM9jTIJCQWbHI4Jhwxx
ES2+wgbKLkXWLUpFOcqRUEYFGtnUnMfe07g=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:34 2025 by rpki-client