Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/QdRtulPYA_zDc4znnfo8VDyGsV8.roa
File: QdRtulPYA_zDc4znnfo8VDyGsV8.roa (raw, json)
Hash identifier: toKO7MAdAjPO2V/jOtgvqpA9E2CEXAoW/lZxIsWvwKg=
Subject key identifier: 41:D4:6D:BA:53:D8:03:FC:C3:73:8C:E7:9D:FA:3C:54:3C:86:B1:5F
Certificate issuer: /CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Certificate serial: 018CC7957DEC867BB2D90E7DF00202C5C505
Authority key identifier: B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/QdRtulPYA_zDc4znnfo8VDyGsV8.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30893
IP address blocks: 185.84.241.0/24 maxlen: 24
185.9.166.0/23 maxlen: 23
2a03:4bc0:2000::/48 maxlen: 48
2a03:4bc0:2100::/48 maxlen: 48
2a03:4bc0:2200::/48 maxlen: 48
2a03:4bc0:2900::/48 maxlen: 48
2a03:4bc0:2300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7d:ec:86:7b:b2:d9:0e:7d:f0:02:02:c5:c5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41d46dba53d803fcc3738ce79dfa3c543c86b15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:df:b1:19:69:46:15:9f:e7:2f:d5:1e:f6:
98:94:23:0e:29:8d:5d:8d:6e:6b:6c:64:e5:c8:9e:
17:4d:44:0f:c8:c9:20:c3:92:87:7b:bb:eb:5a:85:
32:e1:41:fb:7e:db:74:5f:11:a8:da:0b:cb:28:61:
9e:5a:e8:6e:56:30:bf:1f:6c:d0:d9:7c:69:0d:f4:
1f:06:78:25:04:14:d1:4b:44:3e:ee:12:1b:98:c1:
07:22:ea:7b:43:1c:36:32:55:e9:98:7e:b5:44:68:
fc:91:09:6d:f3:a0:ae:f9:e7:17:33:4f:dc:8d:62:
cc:61:36:73:9e:77:7c:34:64:24:9b:48:75:22:63:
2f:67:da:df:df:db:6b:23:37:48:11:33:dc:7f:f2:
b2:4a:4d:ca:5d:c8:1f:c1:45:2f:6b:89:22:97:7c:
d3:60:01:bc:fd:e4:3c:45:4a:c7:64:41:25:9d:c7:
ca:bb:47:88:6a:a0:10:16:7d:9c:8f:e7:6c:b3:08:
af:86:12:a8:81:e1:08:e9:71:0c:dd:04:24:41:94:
62:f9:03:5c:8c:d8:70:cc:63:71:48:1e:72:79:f7:
63:79:59:32:d1:d1:2c:e3:bd:a8:cc:8f:63:8a:07:
8f:11:b6:40:b1:b2:f8:c0:6b:47:03:3d:d7:90:c0:
e0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D4:6D:BA:53:D8:03:FC:C3:73:8C:E7:9D:FA:3C:54:3C:86:B1:5F
X509v3 Authority Key Identifier:
keyid:B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/QdRtulPYA_zDc4znnfo8VDyGsV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.166.0/23
185.84.241.0/24
IPv6:
2a03:4bc0:2000::/48
2a03:4bc0:2100::/48
2a03:4bc0:2200::/48
2a03:4bc0:2300::/48
2a03:4bc0:2900::/48
Signature Algorithm: sha256WithRSAEncryption
02:b4:ea:28:33:71:fe:94:14:55:30:db:f3:7b:2a:fe:0b:e6:
af:df:43:f9:69:51:e8:fd:59:07:c5:a3:e4:0e:cf:8d:5b:dc:
e8:7b:0f:a5:3e:88:8b:6d:e7:6c:2b:8e:60:5d:a1:bd:2e:c5:
26:b5:cd:ec:ba:fd:33:64:6c:6c:db:de:d8:82:15:8a:40:a2:
bd:49:34:09:7c:ef:e8:ee:4d:c4:9b:70:e9:2f:86:27:44:0d:
3a:58:8f:c4:e0:74:72:5e:c8:eb:b4:8b:34:81:81:19:44:0e:
2c:5f:77:13:25:f6:98:bb:68:ef:be:b5:09:27:1c:b5:42:e4:
f7:f1:43:87:b2:b7:af:10:de:4d:c3:ef:9f:16:9d:6d:ae:d9:
ff:ff:5d:42:fd:4b:73:ff:a6:ca:3d:50:43:0b:c6:cb:f7:f4:
79:b7:2c:b6:fd:ab:41:0b:25:ad:ce:b0:f0:8b:54:82:30:95:
93:ff:eb:31:3c:c8:a9:02:f2:31:bd:b4:96:4f:00:fb:6b:07:
70:12:cc:53:a0:d1:67:ff:19:62:30:e6:9a:b4:c9:2e:40:f1:
5b:10:a6:4f:83:77:56:cb:c2:1c:85:38:b1:54:1d:23:d4:ee:
8b:27:74:c9:ca:d7:9c:5e:84:65:b2:f6:17:0c:47:35:b1:72:
2c:ae:16:14
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzHlX3shnuy2Q598AICxcUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDA3NGFhODQ0OTgzMGRhOWIyMGIzYWZiMDY4MmQzYzAz
MmY5ZmUwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ0NmRiYTUzZDgwM2ZjYzM3MzhjZTc5ZGZhM2M1NDNjODZiMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXTfsRlpRhWf5y/VHvaYlCMOKY1d
jW5rbGTlyJ4XTUQPyMkgw5KHe7vrWoUy4UH7ftt0XxGo2gvLKGGeWuhuVjC/H2zQ
2XxpDfQfBnglBBTRS0Q+7hIbmMEHIup7Qxw2MlXpmH61RGj8kQlt86Cu+ecXM0/c
jWLMYTZznnd8NGQkm0h1ImMvZ9rf39trIzdIETPcf/KySk3KXcgfwUUva4kil3zT
YAG8/eQ8RUrHZEElncfKu0eIaqAQFn2cj+dsswivhhKogeEI6XEM3QQkQZRi+QNc
jNhwzGNxSB5yefdjeVky0dEs472ozI9jigePEbZAsbL4wGtHAz3XkMDg9wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFEHUbbpT2AP8w3OM5536PFQ8hrFfMB8GA1UdIwQY
MBaAFLZAdKqESYMNqbILOvsGgtPAMvn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEt
MzUxNzFhZWRkMzEzLzEvUWRSdHVsUFlBX3pEYzR6bm5mbzhWRHlHc1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEtMzUxNzFhZWRkMzEz
LzEvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQBuQmmAwQA
uVTxMDMEAgACMC0DBwAqA0vAIAADBwAqA0vAIQADBwAqA0vAIgADBwAqA0vAIwAD
BwAqA0vAKQAwDQYJKoZIhvcNAQELBQADggEBAAK06igzcf6UFFUw2/N7Kv4L5q/f
Q/lpUej9WQfFo+QOz41b3Oh7D6U+iItt52wrjmBdob0uxSa1zey6/TNkbGzb3tiC
FYpAor1JNAl87+juTcSbcOkvhidEDTpYj8TgdHJeyOu0izSBgRlEDixfdxMl9pi7
aO++tQknHLVC5PfxQ4eyt68Q3k3D758WnW2u2f//XUL9S3P/pso9UEMLxsv39Hm3
LLb9q0ELJa3OsPCLVIIwlZP/6zE8yKkC8jG9tJZPAPtrB3ASzFOg0Wf/GWIw5pq0
yS5A8VsQpk+Dd1bLwhyFOLFUHSPU7osndMnK15xehGWy9hcMRzWxciyuFhQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:58:36 2025 by rpki-client