Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/qmDrGumGDOW5sLdGxjK5ZVPdScI.roa
File: qmDrGumGDOW5sLdGxjK5ZVPdScI.roa (raw, json)
Hash identifier: pxjIJn6ld0n69osy4iN6fgrz9dhYKfwqt4Ocwx8tfiI=
Subject key identifier: AA:60:EB:1A:E9:86:0C:E5:B9:B0:B7:46:C6:32:B9:65:53:DD:49:C2
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 019426D9E5A3F6AA7EA6B77D5B42F90D6CAD
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/qmDrGumGDOW5sLdGxjK5ZVPdScI.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 83.136.104.0/21 maxlen: 24
94.198.96.0/21 maxlen: 24
94.198.101.0/24 maxlen: 24
95.141.32.0/20 maxlen: 24
158.58.168.0/21 maxlen: 24
158.58.172.0/23 maxlen: 24
2a02:29e0:2::/48 maxlen: 48
2a02:29e2::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e5:a3:f6:aa:7e:a6:b7:7d:5b:42:f9:0d:6c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa60eb1ae9860ce5b9b0b746c632b96553dd49c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7f:d1:02:f2:f2:5e:ac:7b:6b:f1:be:4c:eb:
71:f5:a7:cb:11:4a:c3:2c:27:91:ab:18:37:40:f6:
84:6e:13:b6:54:68:2b:58:8d:4e:41:a4:97:cb:9b:
4c:2c:69:27:19:da:c0:c1:25:1b:0e:ce:9d:9f:1e:
9b:1f:55:36:07:49:03:b7:26:c4:19:a5:02:60:9b:
b1:68:6a:5b:2d:7c:6d:f7:c4:82:79:c1:9c:da:7b:
a1:d3:42:b9:b6:bc:9f:88:ef:d6:65:de:f1:7f:ce:
d1:54:b3:a5:de:b4:f5:9b:82:10:13:4a:1b:35:66:
f3:9a:eb:95:5f:8c:f6:f9:2c:77:00:7d:4f:c1:cf:
da:cc:09:94:06:7a:d4:c4:46:b8:d8:7f:0b:90:f9:
9e:dc:4c:53:cf:3b:fb:56:1b:79:cd:d2:17:a1:23:
a0:1a:e6:22:4f:5d:26:50:a0:60:bf:7a:9a:d1:45:
ff:70:39:b0:21:3c:e8:e8:e1:45:6b:48:99:4b:78:
af:f8:67:95:70:24:55:7d:fa:d6:75:ac:b6:24:82:
34:a2:e1:b7:ba:69:68:03:b5:fa:f1:53:0a:90:b4:
81:5f:e5:3b:73:2f:fa:3e:dd:45:8c:0e:5e:94:e6:
ab:3e:66:48:87:b4:b3:ff:e8:eb:08:75:35:20:0d:
2c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:60:EB:1A:E9:86:0C:E5:B9:B0:B7:46:C6:32:B9:65:53:DD:49:C2
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/qmDrGumGDOW5sLdGxjK5ZVPdScI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.96.0/21
95.141.32.0/20
158.58.168.0/21
IPv6:
2a02:29e0:2::/48
2a02:29e2::/32
Signature Algorithm: sha256WithRSAEncryption
19:b8:d9:32:86:17:cd:6e:86:49:c1:70:b6:1f:11:28:49:d5:
15:47:37:a3:ad:67:84:78:92:ad:34:27:76:38:77:9b:d6:44:
3f:93:d2:85:1d:74:2d:dc:d8:46:57:19:2f:09:60:e2:73:2b:
c3:c5:a9:50:85:6f:c7:33:71:31:e1:59:5c:85:74:48:86:86:
1a:09:7c:38:9a:02:6a:bd:d4:1f:da:77:13:2e:9a:f4:c6:67:
16:a1:8b:9e:f5:e3:50:7b:9a:cf:dc:e9:d3:f1:92:7e:dd:8f:
f9:9a:98:fe:d4:3d:a6:8c:72:c1:6e:c2:5a:31:2d:02:2d:8f:
37:43:6d:b8:4d:ba:e4:a5:5d:01:25:2c:b5:81:34:39:f1:f4:
75:c5:c0:bf:25:0e:7a:e9:0a:df:78:3d:e2:81:37:98:93:57:
f7:6e:fb:72:da:05:d8:ab:57:b4:77:04:88:aa:21:ae:0a:a5:
3f:d5:56:e8:13:24:d5:3a:d8:08:54:e7:34:ff:bd:72:dd:1d:
30:e5:65:be:fe:bf:67:20:9e:27:85:85:27:13:a5:ff:af:e1:
b4:10:2e:37:9e:cd:27:13:48:36:b1:d0:82:5c:dd:3e:33:d0:
ed:24:a1:65:54:44:fe:82:63:fb:87:6c:d9:e3:9f:95:5a:16:
96:d7:8c:9a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQm2eWj9qp+prd9W0L5DWytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYwZWIxYWU5ODYwY2U1YjliMGI3NDZjNjMyYjk2NTUzZGQ0OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX/RAvLyXqx7a/G+TOtx9afLEUrD
LCeRqxg3QPaEbhO2VGgrWI1OQaSXy5tMLGknGdrAwSUbDs6dnx6bH1U2B0kDtybE
GaUCYJuxaGpbLXxt98SCecGc2nuh00K5tryfiO/WZd7xf87RVLOl3rT1m4IQE0ob
NWbzmuuVX4z2+Sx3AH1Pwc/azAmUBnrUxEa42H8LkPme3ExTzzv7Vht5zdIXoSOg
GuYiT10mUKBgv3qa0UX/cDmwITzo6OFFa0iZS3iv+GeVcCRVffrWday2JII0ouG3
umloA7X68VMKkLSBX+U7cy/6Pt1FjA5elOarPmZIh7Sz/+jrCHU1IA0sywIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKpg6xrphgzlubC3RsYyuWVT3UnCMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvcW1Eckd1bUdET1c1c0xkR3hqSzVaVlBkU2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDU4hoAwQD
XsZgAwQEX40gAwQDnjqoMBYEAgACMBADBwAqAingAAIDBQAqAiniMA0GCSqGSIb3
DQEBCwUAA4IBAQAZuNkyhhfNboZJwXC2HxEoSdUVRzejrWeEeJKtNCd2OHeb1kQ/
k9KFHXQt3NhGVxkvCWDicyvDxalQhW/HM3Ex4VlchXRIhoYaCXw4mgJqvdQf2ncT
Lpr0xmcWoYue9eNQe5rP3OnT8ZJ+3Y/5mpj+1D2mjHLBbsJaMS0CLY83Q224Tbrk
pV0BJSy1gTQ58fR1xcC/JQ566QrfeD3igTeYk1f3bvty2gXYq1e0dwSIqiGuCqU/
1VboEyTVOtgIVOc0/71y3R0w5WW+/r9nIJ4nhYUnE6X/r+G0EC43ns0nE0g2sdCC
XN0+M9DtJKFlVET+gmP7h2zZ45+VWhaW14ya
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:24 2025 by rpki-client