Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/5e1167-cced-4846-a2c9-75bd1cc5ef3d/1/Ka3QryPXnQ_fZMqqZWfqNPbqUls.roa
File: Ka3QryPXnQ_fZMqqZWfqNPbqUls.roa (raw, json)
Hash identifier: 0lnFLoYN86XNuYiHDCwVfXkTkFoknByzvk7m2jqfZQk=
Subject key identifier: 29:AD:D0:AF:23:D7:9D:0F:DF:64:CA:AA:65:67:EA:34:F6:EA:52:5B
Certificate issuer: /CN=41e9a4d7f9fefd732ec040fb361261587487c07e
Certificate serial: 018572BA36BD563A45B4C79F8870B408064B
Authority key identifier: 41:E9:A4:D7:F9:FE:FD:73:2E:C0:40:FB:36:12:61:58:74:87:C0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qemk1_n-_XMuwED7NhJhWHSHwH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/5e1167-cced-4846-a2c9-75bd1cc5ef3d/1/Ka3QryPXnQ_fZMqqZWfqNPbqUls.roa
Signing time: Mon 02 Jan 2023 13:44:44 +0000
ROA not before: Mon 02 Jan 2023 13:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201502
IP address blocks: 185.25.139.0/24 maxlen: 24
185.25.138.0/24 maxlen: 24
185.25.137.0/24 maxlen: 24
185.25.136.0/24 maxlen: 24
188.208.19.0/24 maxlen: 24
185.203.172.0/24 maxlen: 24
185.203.175.0/24 maxlen: 24
185.203.174.0/24 maxlen: 24
185.203.173.0/24 maxlen: 24
46.255.240.0/24 maxlen: 24
46.255.246.0/24 maxlen: 24
46.255.245.0/24 maxlen: 24
46.255.244.0/24 maxlen: 24
46.255.243.0/24 maxlen: 24
46.255.242.0/24 maxlen: 24
46.255.241.0/24 maxlen: 24
46.255.247.0/24 maxlen: 24
188.214.82.0/24 maxlen: 24
188.214.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:36:bd:56:3a:45:b4:c7:9f:88:70:b4:08:06:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e9a4d7f9fefd732ec040fb361261587487c07e
Validity
Not Before: Jan 2 13:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29add0af23d79d0fdf64caaa6567ea34f6ea525b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:61:24:35:87:1e:ef:4b:f4:06:2b:2b:14:d9:
75:50:90:a0:60:88:5a:60:cf:78:3b:38:ce:6e:18:
46:d1:50:39:4e:1a:a4:f6:96:34:9f:6e:98:a0:32:
b5:a6:29:9b:8d:46:1f:75:bd:d6:bd:a1:81:ea:c7:
02:e8:78:c5:c3:bf:ec:6c:05:f4:7f:ab:4d:74:40:
c8:eb:d4:4d:41:8e:d0:67:f4:4b:13:61:32:2e:de:
09:fe:b9:2a:21:99:a3:b9:e7:04:99:a3:2d:46:dd:
21:20:72:42:43:ac:29:39:53:bb:4a:86:ed:a5:1a:
52:8f:51:5e:67:4f:bc:c2:ca:a6:cd:e7:59:22:92:
fb:48:49:82:57:9b:54:70:42:9e:53:70:e6:c0:70:
86:75:d2:8f:da:b2:12:28:82:a9:9e:dd:88:fe:c1:
2a:eb:6b:fa:8e:7e:05:6e:65:30:9a:21:8f:df:26:
8c:73:c3:5f:af:6d:57:e6:b1:71:0c:f3:38:f1:be:
1b:2a:b0:0a:36:a2:24:0e:02:00:03:75:34:c4:71:
d7:1c:c4:b0:eb:0a:32:dc:96:19:cb:96:7e:48:7e:
87:c0:da:1c:dd:7b:43:c0:39:e6:1e:93:e2:2e:81:
cd:e2:14:91:69:7e:32:9f:72:22:ee:ba:68:f6:99:
ea:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AD:D0:AF:23:D7:9D:0F:DF:64:CA:AA:65:67:EA:34:F6:EA:52:5B
X509v3 Authority Key Identifier:
keyid:41:E9:A4:D7:F9:FE:FD:73:2E:C0:40:FB:36:12:61:58:74:87:C0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qemk1_n-_XMuwED7NhJhWHSHwH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e1167-cced-4846-a2c9-75bd1cc5ef3d/1/Ka3QryPXnQ_fZMqqZWfqNPbqUls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e1167-cced-4846-a2c9-75bd1cc5ef3d/1/Qemk1_n-_XMuwED7NhJhWHSHwH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.240.0/21
185.25.136.0/22
185.203.172.0/22
188.208.19.0/24
188.214.82.0/23
Signature Algorithm: sha256WithRSAEncryption
65:53:08:76:58:50:b6:03:ac:35:3d:77:2f:83:f8:f1:53:49:
c0:44:57:c1:0d:31:ef:5d:ae:bf:41:ce:aa:19:4a:04:bd:16:
6f:25:96:10:70:7e:5e:ab:f8:47:17:9b:1c:da:91:e3:5a:dc:
f2:32:8e:f8:66:87:c8:e9:c2:25:e6:11:59:5c:05:28:70:a8:
85:8d:2c:db:2e:93:7d:03:e8:60:f9:71:d3:29:30:9b:2d:0b:
7d:b2:13:b4:1d:6e:f3:15:43:1e:6a:14:ff:bb:ec:44:6c:e9:
ad:7e:46:10:f4:a5:ea:5a:cf:70:f1:ce:cd:d6:81:93:df:38:
93:30:55:40:54:4a:9b:a7:f6:cd:7c:f3:d9:13:bf:be:7a:6f:
ae:0e:1a:38:a1:15:69:1a:3a:47:d5:41:f2:91:17:e7:c9:c8:
c6:a3:d1:3e:c5:68:c3:b7:39:c3:27:af:b0:f7:7b:89:50:68:
ad:40:49:12:25:f6:eb:66:35:90:53:f7:9b:81:a2:25:2a:5d:
be:59:9e:b7:51:ed:b3:b2:80:38:2c:a7:4b:29:52:40:ab:f9:
1a:ab:21:81:3b:7e:17:f5:a2:ab:05:b2:ff:96:ce:21:53:57:
fa:7d:1c:de:2a:ff:49:89:3f:05:73:3e:cd:5d:f7:13:81:d2:
0c:7e:86:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyuja9VjpFtMefiHC0CAZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTlhNGQ3ZjlmZWZkNzMyZWMwNDBmYjM2MTI2MTU4NzQ4
N2MwN2UwHhcNMjMwMTAyMTM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFkZDBhZjIzZDc5ZDBmZGY2NGNhYWE2NTY3ZWEzNGY2ZWE1MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmEkNYce70v0BisrFNl1UJCgYIha
YM94OzjObhhG0VA5Thqk9pY0n26YoDK1pimbjUYfdb3WvaGB6scC6HjFw7/sbAX0
f6tNdEDI69RNQY7QZ/RLE2EyLt4J/rkqIZmjuecEmaMtRt0hIHJCQ6wpOVO7Sobt
pRpSj1FeZ0+8wsqmzedZIpL7SEmCV5tUcEKeU3DmwHCGddKP2rISKIKpnt2I/sEq
62v6jn4FbmUwmiGP3yaMc8Nfr21X5rFxDPM48b4bKrAKNqIkDgIAA3U0xHHXHMSw
6woy3JYZy5Z+SH6HwNoc3XtDwDnmHpPiLoHN4hSRaX4yn3Ii7rpo9pnqSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCmt0K8j150P32TKqmVn6jT26lJbMB8GA1UdIwQY
MBaAFEHppNf5/v1zLsBA+zYSYVh0h8B+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVtazFfbi1fWE11d0VEN05oSmhXSFNId0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC81ZTExNjctY2NlZC00ODQ2LWEyYzkt
NzViZDFjYzVlZjNkLzEvS2EzUXJ5UFhuUV9mWk1xcVpXZnFOUGJxVWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC81ZTExNjctY2NlZC00ODQ2LWEyYzktNzViZDFjYzVlZjNk
LzEvUWVtazFfbi1fWE11d0VEN05oSmhXSFNId0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLv/wAwQC
uRmIAwQCucusAwQAvNATAwQBvNZSMA0GCSqGSIb3DQEBCwUAA4IBAQBlUwh2WFC2
A6w1PXcvg/jxU0nARFfBDTHvXa6/Qc6qGUoEvRZvJZYQcH5eq/hHF5sc2pHjWtzy
Mo74ZofI6cIl5hFZXAUocKiFjSzbLpN9A+hg+XHTKTCbLQt9shO0HW7zFUMeahT/
u+xEbOmtfkYQ9KXqWs9w8c7N1oGT3ziTMFVAVEqbp/bNfPPZE7++em+uDho4oRVp
GjpH1UHykRfnycjGo9E+xWjDtznDJ6+w93uJUGitQEkSJfbrZjWQU/ebgaIlKl2+
WZ63Ue2zsoA4LKdLKVJAq/kaqyGBO34X9aKrBbL/ls4hU1f6fRzeKv9JiT8Fcz7N
XfcTgdIMfobY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:55 2023 by rpki-client on console-fra.rpki-client.org