Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/QRUglKPTcG_HxDcrijF-MYNTxhA.roa
File: QRUglKPTcG_HxDcrijF-MYNTxhA.roa (raw, json)
Hash identifier: Gpr7CM40brfLLpxS/V4qt5iLjl8Mm2dVyNzc+WzpCFg=
Subject key identifier: 41:15:20:94:A3:D3:70:6F:C7:C4:37:2B:8A:31:7E:31:83:53:C6:10
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 01856DD409EF6547FABF5CE53D70D2BAA162
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/QRUglKPTcG_HxDcrijF-MYNTxhA.roa
Signing time: Sun 01 Jan 2023 14:54:50 +0000
ROA not before: Sun 01 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 94.198.26.0/23 maxlen: 24
94.198.28.0/22 maxlen: 24
85.158.160.0/22 maxlen: 24
85.158.164.0/22 maxlen: 24
185.113.52.0/24 maxlen: 24
185.113.196.0/22 maxlen: 24
94.198.24.0/23 maxlen: 24
213.214.96.0/24 maxlen: 24
213.214.103.0/24 maxlen: 24
213.214.101.0/24 maxlen: 24
213.214.99.0/24 maxlen: 24
213.214.112.0/23 maxlen: 24
213.214.107.0/24 maxlen: 24
213.214.116.0/23 maxlen: 24
213.214.114.0/24 maxlen: 24
213.214.114.0/23 maxlen: 24
213.171.128.0/20 maxlen: 24
213.214.120.0/22 maxlen: 24
213.214.124.0/22 maxlen: 24
2a02:2858:200::/40 maxlen: 48
2a02:2858:400::/40 maxlen: 48
2a00:1bd8::/32 maxlen: 64
2a02:2858::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:09:ef:65:47:fa:bf:5c:e5:3d:70:d2:ba:a1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Jan 1 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41152094a3d3706fc7c4372b8a317e318353c610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0b:15:db:83:5b:e6:dc:b8:26:f8:ca:84:a9:
8c:4d:1d:8f:e4:cb:0a:cf:c8:db:d6:b0:a7:17:27:
fe:d4:db:08:9c:c4:2b:de:1d:35:5d:49:66:a7:ee:
0f:8d:d0:28:03:14:74:84:15:d0:f2:bf:bb:fd:90:
8c:dd:9c:4f:e2:79:e4:c5:fd:44:ea:b7:7a:df:3c:
30:03:a3:97:04:8b:6e:a5:53:05:7e:d1:9e:a8:8a:
ed:c6:7b:12:be:cc:e3:39:7f:18:e9:36:7f:de:16:
39:85:dc:cc:21:fd:20:fb:0e:a5:90:9a:07:c6:7c:
c2:0e:77:90:df:39:a1:1f:d7:79:d8:3c:8b:f1:65:
2e:c6:cb:a3:8b:b1:6d:ac:eb:cd:28:e0:ad:ff:83:
02:80:db:88:a1:94:9d:10:1b:d9:c1:bd:ef:5e:ee:
9e:8c:ea:69:2c:03:2d:3f:ac:e6:b6:8d:5b:9a:dd:
85:39:b9:cf:1f:fb:02:2f:a0:38:8a:75:3f:44:be:
92:24:0c:76:8c:4a:4a:6c:2d:f5:89:52:c8:7f:33:
1b:cc:cc:c1:08:50:74:ed:e5:2e:a5:ac:08:93:14:
c6:e2:ec:d1:bb:6f:e5:09:71:e3:75:69:46:66:a3:
21:15:80:cb:ff:4b:c8:1e:3d:70:81:aa:4d:8c:34:
7e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:15:20:94:A3:D3:70:6F:C7:C4:37:2B:8A:31:7E:31:83:53:C6:10
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/QRUglKPTcG_HxDcrijF-MYNTxhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.160.0/21
94.198.24.0/21
185.113.52.0/24
185.113.196.0/22
213.171.128.0/20
213.214.96.0/24
213.214.99.0/24
213.214.101.0/24
213.214.103.0/24
213.214.107.0/24
213.214.112.0-213.214.117.255
213.214.120.0/21
IPv6:
2a00:1bd8::/32
2a02:2858::/29
Signature Algorithm: sha256WithRSAEncryption
15:86:d0:e1:77:e7:f6:16:23:96:97:49:e0:3a:20:47:7e:7e:
3f:fb:42:2f:36:51:ea:2b:f0:96:08:cb:67:6e:b5:08:a1:c5:
1d:0c:27:84:0c:80:7e:39:a0:99:73:79:68:42:eb:5e:4b:25:
e2:c2:b5:d3:32:42:69:1f:bb:34:62:71:87:30:bc:04:a5:23:
1b:87:71:ec:cc:00:10:82:a4:09:98:87:56:e8:c9:86:af:66:
d0:7c:33:fb:09:aa:21:46:49:7e:ba:b5:da:b3:1c:17:64:4c:
75:94:77:b9:0c:c3:0c:e0:b7:7d:e9:de:51:dd:58:63:d3:2e:
82:10:15:ea:cf:7f:6a:d9:bd:de:ee:53:78:42:a8:2c:fa:bb:
89:a6:27:52:5f:59:08:4b:ab:48:fe:f0:6b:ef:19:29:03:1f:
ad:a5:d3:48:55:f1:5e:5a:ee:6e:00:e6:9f:b4:3d:7c:d6:50:
8b:56:b6:40:b6:00:fb:a5:f6:1f:e0:bb:10:df:67:f3:1a:11:
e9:9d:77:3d:c6:7b:4d:7e:b1:c3:90:94:2c:ea:d8:0f:30:4c:
b0:c0:fa:4a:7f:62:ec:d1:4d:a6:92:fe:ec:6c:c5:89:ae:8d:
bb:78:5f:1f:a8:78:71:43:1f:8b:27:67:33:ac:27:4f:63:6e:
63:19:1b:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVt1AnvZUf6v1zlPXDSuqFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE1MjA5NGEzZDM3MDZmYzdjNDM3MmI4YTMxN2UzMTgzNTNjNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAsV24Nb5ty4JvjKhKmMTR2P5MsK
z8jb1rCnFyf+1NsInMQr3h01XUlmp+4PjdAoAxR0hBXQ8r+7/ZCM3ZxP4nnkxf1E
6rd63zwwA6OXBItupVMFftGeqIrtxnsSvszjOX8Y6TZ/3hY5hdzMIf0g+w6lkJoH
xnzCDneQ3zmhH9d52DyL8WUuxsuji7FtrOvNKOCt/4MCgNuIoZSdEBvZwb3vXu6e
jOppLAMtP6zmto1bmt2FObnPH/sCL6A4inU/RL6SJAx2jEpKbC31iVLIfzMbzMzB
CFB07eUupawIkxTG4uzRu2/lCXHjdWlGZqMhFYDL/0vIHj1wgapNjDR+TQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEEVIJSj03Bvx8Q3K4oxfjGDU8YQMB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEvUVJVZ2xLUFRjR19IeERjcmlqRi1NWU5UeGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQDVZ6gAwQD
XsYYAwQAuXE0AwQCuXHEAwQE1auAAwQA1dZgAwQA1dZjAwQA1dZlAwQA1dZnAwQA
1dZrMAwDBATV1nADBAHV1nQDBAPV1ngwFAQCAAIwDgMFACoAG9gDBQMqAihYMA0G
CSqGSIb3DQEBCwUAA4IBAQAVhtDhd+f2FiOWl0ngOiBHfn4/+0IvNlHqK/CWCMtn
brUIocUdDCeEDIB+OaCZc3loQuteSyXiwrXTMkJpH7s0YnGHMLwEpSMbh3HszAAQ
gqQJmIdW6MmGr2bQfDP7CaohRkl+urXasxwXZEx1lHe5DMMM4Ld96d5R3Vhj0y6C
EBXqz39q2b3e7lN4Qqgs+ruJpidSX1kIS6tI/vBr7xkpAx+tpdNIVfFeWu5uAOaf
tD181lCLVrZAtgD7pfYf4LsQ32fzGhHpnXc9xntNfrHDkJQs6tgPMEywwPpKf2Ls
0U2mkv7sbMWJro27eF8fqHhxQx+LJ2czrCdPY25jGRsy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org