Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/qgTORgc2jktiJyvMUk6ZEhrMcSE.roa
File: qgTORgc2jktiJyvMUk6ZEhrMcSE.roa (raw, json)
Hash identifier: Hb4TaSeOpI0P2qVX09Xw6mBehAH0rxD+TK7XrVztvRk=
Subject key identifier: AA:04:CE:46:07:36:8E:4B:62:27:2B:CC:52:4E:99:12:1A:CC:71:21
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D9F2C8A85D8092964944457011907
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/qgTORgc2jktiJyvMUk6ZEhrMcSE.roa
Signing time: Wed 01 Jan 2025 15:48:14 +0000
ROA not before: Wed 01 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43391
IP address blocks: 212.252.24.0/24 maxlen: 24
212.252.25.0/24 maxlen: 24
212.252.26.0/24 maxlen: 24
212.252.27.0/24 maxlen: 24
212.252.36.0/24 maxlen: 24
212.252.45.0/24 maxlen: 24
212.252.46.0/24 maxlen: 24
213.74.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9f:2c:8a:85:d8:09:29:64:94:44:57:01:19:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa04ce4607368e4b62272bcc524e99121acc7121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:22:18:5d:58:39:4c:c3:1b:b0:60:5f:e9:30:
58:7f:bb:a4:6d:be:a4:5a:34:13:a5:7b:12:2a:ad:
4a:dc:96:c5:b8:b6:fb:ad:be:39:01:da:68:17:8a:
b6:10:c7:78:d4:c6:01:4e:c3:e3:5c:bd:18:50:6f:
17:a4:4f:40:20:1d:b5:93:e2:0d:9f:4b:50:dd:91:
55:fb:f1:4f:e4:db:91:d0:34:14:61:1e:df:fe:92:
96:90:fc:84:04:0d:15:1d:39:73:a6:99:89:b5:d1:
d0:64:3c:23:b3:b5:2a:db:9a:ca:4e:77:44:dc:71:
9a:58:9b:42:b3:03:dd:63:58:e1:ba:ca:8f:b2:4a:
0f:34:47:95:7d:80:b0:db:04:7a:7a:48:ce:96:d9:
83:38:fd:78:e5:f3:b4:fc:55:fd:78:d5:54:80:bd:
3c:20:26:cc:a1:98:49:36:20:d5:16:6e:8e:15:69:
ed:f6:92:28:a9:f6:f9:3c:38:23:84:e6:b0:24:84:
45:60:45:60:8e:1a:f2:5e:8e:e1:4a:4e:d2:ea:65:
7b:6e:99:cf:b8:35:61:03:c4:c5:e8:8f:da:07:07:
98:1d:08:f9:e7:05:03:15:3d:03:ca:1e:84:2f:b9:
aa:8f:1c:c1:9b:2b:12:2b:75:21:06:49:24:b6:9a:
03:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:04:CE:46:07:36:8E:4B:62:27:2B:CC:52:4E:99:12:1A:CC:71:21
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/qgTORgc2jktiJyvMUk6ZEhrMcSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.24.0/22
212.252.36.0/24
212.252.45.0-212.252.46.255
213.74.4.0/24
Signature Algorithm: sha256WithRSAEncryption
36:81:83:f3:d6:bb:b2:44:9d:7c:68:c8:6b:66:bb:55:17:05:
89:48:dd:99:86:d9:4c:7d:1d:a0:fe:22:a4:be:5a:a0:be:a2:
11:10:bb:fe:b9:a2:bf:6c:d1:d1:1c:2f:18:de:09:1b:7a:e3:
54:34:43:38:f6:c5:da:31:a8:0a:c0:73:eb:a6:30:e8:7d:68:
1c:d7:f6:c1:5a:21:21:3c:d4:fc:5c:f6:bd:e5:fd:29:e5:08:
f9:f9:08:f2:f4:73:9c:76:b9:e0:e5:2f:dd:f2:f1:a1:6a:1b:
7e:8b:bd:a7:c5:f9:21:06:ac:dc:89:61:6e:04:6d:25:2e:9d:
9b:08:88:a5:43:9e:90:cc:23:79:35:0a:7a:42:e7:42:b7:da:
44:5e:b2:13:9a:a2:97:19:63:db:5e:6c:bc:a6:1c:01:63:c4:
9e:d3:b8:a4:26:4d:96:c8:0e:77:b1:80:76:d4:be:85:4a:2f:
1a:75:a9:24:61:29:eb:1a:c7:e2:e1:c0:08:0a:a3:7c:59:6e:
c8:9f:cd:b1:15:13:36:b8:30:74:96:05:5e:5b:be:56:15:f8:
bd:65:dd:ca:d6:4d:01:7e:d1:43:ef:cb:02:c4:86:97:ea:7c:
2b:c4:52:47:34:70:c8:13:27:d9:6f:06:bc:c4:43:ef:a9:06:
92:5f:53:19
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQijZ8sioXYCSlklERXARkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA0Y2U0NjA3MzY4ZTRiNjIyNzJiY2M1MjRlOTkxMjFhY2M3MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyIYXVg5TMMbsGBf6TBYf7ukbb6k
WjQTpXsSKq1K3JbFuLb7rb45AdpoF4q2EMd41MYBTsPjXL0YUG8XpE9AIB21k+IN
n0tQ3ZFV+/FP5NuR0DQUYR7f/pKWkPyEBA0VHTlzppmJtdHQZDwjs7Uq25rKTndE
3HGaWJtCswPdY1jhusqPskoPNEeVfYCw2wR6ekjOltmDOP145fO0/FX9eNVUgL08
ICbMoZhJNiDVFm6OFWnt9pIoqfb5PDgjhOawJIRFYEVgjhryXo7hSk7S6mV7bpnP
uDVhA8TF6I/aBweYHQj55wUDFT0Dyh6EL7mqjxzBmysSK3UhBkkktpoDRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKoEzkYHNo5LYicrzFJOmRIazHEhMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvcWdUT1JnYzJqa3RpSnl2TVVrNlpFaHJNY1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQC1PwYAwQA
1PwkMAwDBADU/C0DBADU/C4DBADVSgQwDQYJKoZIhvcNAQELBQADggEBADaBg/PW
u7JEnXxoyGtmu1UXBYlI3ZmG2Ux9HaD+IqS+WqC+ohEQu/65or9s0dEcLxjeCRt6
41Q0Qzj2xdoxqArAc+umMOh9aBzX9sFaISE81Pxc9r3l/SnlCPn5CPL0c5x2ueDl
L93y8aFqG36LvafF+SEGrNyJYW4EbSUunZsIiKVDnpDMI3k1CnpC50K32kReshOa
opcZY9tebLymHAFjxJ7TuKQmTZbIDnexgHbUvoVKLxp1qSRhKesax+LhwAgKo3xZ
bsifzbEVEza4MHSWBV5bvlYV+L1l3crWTQF+0UPvywLEhpfqfCvEUkc0cMgTJ9lv
BrzEQ++pBpJfUxk=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:14:48 2025 by rpki-client