Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/QALT4vP68jQK_Ar_borHkTlaA3c.roa
File: QALT4vP68jQK_Ar_borHkTlaA3c.roa (raw, json)
Hash identifier: sVdKC/vvWqKqYdfIyWzeWLHS2Hbp0xOgwsKlY4l69YU=
Subject key identifier: 40:02:D3:E2:F3:FA:F2:34:0A:FC:0A:FF:6E:8A:C7:91:39:5A:03:77
Certificate issuer: /CN=94306f68aea4bae124fac85f2c9aa3f5ae850113
Certificate serial: 0195CC958393B310C48372F4733B12E12376
Authority key identifier: 94:30:6F:68:AE:A4:BA:E1:24:FA:C8:5F:2C:9A:A3:F5:AE:85:01:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDBvaK6kuuEk-shfLJqj9a6FARM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/QALT4vP68jQK_Ar_borHkTlaA3c.roa
Signing time: Tue 25 Mar 2025 09:15:05 +0000
ROA not before: Tue 25 Mar 2025 09:15:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 194.76.192.0/24 maxlen: 24
194.76.218.0/24 maxlen: 24
194.76.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:95:83:93:b3:10:c4:83:72:f4:73:3b:12:e1:23:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94306f68aea4bae124fac85f2c9aa3f5ae850113
Validity
Not Before: Mar 25 09:15:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4002d3e2f3faf2340afc0aff6e8ac791395a0377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d1:47:6a:9d:e5:8f:51:13:86:dd:4d:96:07:
b8:eb:c8:36:a4:31:df:a7:54:a1:13:d7:6c:72:5f:
e9:80:40:9b:cc:ed:a7:85:46:a2:5e:b5:eb:ff:c3:
3a:55:62:b7:30:51:66:17:3b:da:8b:7d:60:a6:ab:
56:95:8d:96:01:1e:76:37:5a:c3:48:bb:a5:91:dc:
6d:35:bd:41:f5:75:73:46:99:42:cc:00:05:e8:fd:
db:2a:6c:9c:55:93:ac:f7:a4:e1:bf:4d:2d:40:40:
0a:b6:e9:14:96:92:04:27:5c:72:4a:a0:5c:a5:30:
78:21:21:0c:29:81:5b:42:a7:de:7b:49:d0:30:d8:
78:dd:dc:e2:c0:00:d8:d4:ab:60:9e:8c:e3:f5:9b:
8b:2d:c2:95:f7:23:19:75:ff:f8:df:da:da:f6:07:
47:ab:51:17:b5:c3:b3:49:f0:15:a6:ec:d3:4f:01:
1e:0d:bf:92:4b:93:1b:0e:0e:a3:f7:e5:f5:16:0f:
da:bd:58:e5:86:ba:98:44:ae:2b:ce:17:b7:be:5d:
e8:44:86:d9:cd:cf:14:cd:ef:30:fa:a6:5c:c0:f8:
c9:dd:0c:9d:3a:a2:c4:10:15:6d:e9:6a:b0:88:4c:
71:04:6b:9b:3e:63:68:e9:1a:0c:d1:b3:88:17:2d:
ef:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:02:D3:E2:F3:FA:F2:34:0A:FC:0A:FF:6E:8A:C7:91:39:5A:03:77
X509v3 Authority Key Identifier:
keyid:94:30:6F:68:AE:A4:BA:E1:24:FA:C8:5F:2C:9A:A3:F5:AE:85:01:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDBvaK6kuuEk-shfLJqj9a6FARM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/QALT4vP68jQK_Ar_borHkTlaA3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/lDBvaK6kuuEk-shfLJqj9a6FARM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.192.0/24
194.76.218.0/24
194.76.238.0/24
Signature Algorithm: sha256WithRSAEncryption
01:de:b0:0a:3d:0b:b2:bf:a1:01:6e:63:60:81:99:67:06:92:
bd:6c:64:af:d4:43:74:9b:43:2d:56:8e:eb:d6:fb:1c:89:03:
7f:15:5c:62:0d:28:ec:ad:cc:28:e4:81:30:a5:8d:da:83:e6:
c9:fa:ee:11:2a:ea:ff:f1:b2:58:9f:21:fe:53:73:eb:41:df:
72:d2:16:11:cd:45:9f:e9:69:56:b8:90:02:c9:26:29:4f:36:
28:c2:65:82:ef:9a:94:1b:e6:98:52:c4:60:ab:25:d1:61:84:
4e:a5:bf:3d:b2:a4:d0:9a:80:83:f5:b6:0c:93:3d:7a:92:05:
30:41:e9:ca:ce:1d:1f:4e:94:0d:6a:2b:b2:12:5e:4d:2e:3f:
23:17:1a:80:0d:28:e7:17:bc:af:c6:e7:91:ff:1d:06:d0:1a:
ab:d7:a6:71:21:71:9d:2f:48:a6:cc:54:62:a0:1d:56:53:0e:
fd:f6:72:1e:ab:d7:a6:fd:4e:6f:6c:4e:53:b7:c4:27:f9:9b:
7c:fd:73:62:ad:a6:a4:a9:e5:ae:40:9e:b9:4e:e2:d0:8d:ef:
9d:38:f9:23:47:ec:91:f4:a7:4b:96:63:01:7b:82:f9:d5:fd:
31:4f:39:81:cd:eb:2a:eb:16:41:e4:11:e4:1e:78:a1:52:3a:
c3:4a:d8:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXMlYOTsxDEg3L0czsS4SN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MzA2ZjY4YWVhNGJhZTEyNGZhYzg1ZjJjOWFhM2Y1YWU4
NTAxMTMwHhcNMjUwMzI1MDkxNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAyZDNlMmYzZmFmMjM0MGFmYzBhZmY2ZThhYzc5MTM5NWEwMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdFHap3lj1ETht1Nlge468g2pDHf
p1ShE9dscl/pgECbzO2nhUaiXrXr/8M6VWK3MFFmFzvai31gpqtWlY2WAR52N1rD
SLulkdxtNb1B9XVzRplCzAAF6P3bKmycVZOs96Thv00tQEAKtukUlpIEJ1xySqBc
pTB4ISEMKYFbQqfee0nQMNh43dziwADY1Ktgnozj9ZuLLcKV9yMZdf/439ra9gdH
q1EXtcOzSfAVpuzTTwEeDb+SS5MbDg6j9+X1Fg/avVjlhrqYRK4rzhe3vl3oRIbZ
zc8Uze8w+qZcwPjJ3QydOqLEEBVt6WqwiExxBGubPmNo6RoM0bOIFy3veQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEAC0+Lz+vI0CvwK/26Kx5E5WgN3MB8GA1UdIwQY
MBaAFJQwb2iupLrhJPrIXyyao/WuhQETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbERCdmFLNmt1dUVrLXNoZkxKcWo5YTZGQVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81ZmQ4OGUtZmZiNi00NjUyLWE5OTAt
M2Q4YmM4OWI0NDI3LzEvUUFMVDR2UDY4alFLX0FyX2JvckhrVGxhQTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81ZmQ4OGUtZmZiNi00NjUyLWE5OTAtM2Q4YmM4OWI0NDI3
LzEvbERCdmFLNmt1dUVrLXNoZkxKcWo5YTZGQVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwkzAAwQA
wkzaAwQAwkzuMA0GCSqGSIb3DQEBCwUAA4IBAQAB3rAKPQuyv6EBbmNggZlnBpK9
bGSv1EN0m0MtVo7r1vsciQN/FVxiDSjsrcwo5IEwpY3ag+bJ+u4RKur/8bJYnyH+
U3PrQd9y0hYRzUWf6WlWuJACySYpTzYowmWC75qUG+aYUsRgqyXRYYROpb89sqTQ
moCD9bYMkz16kgUwQenKzh0fTpQNaiuyEl5NLj8jFxqADSjnF7yvxueR/x0G0Bqr
16ZxIXGdL0imzFRioB1WUw799nIeq9em/U5vbE5Tt8Qn+Zt8/XNiraakqeWuQJ65
TuLQje+dOPkjR+yR9KdLlmMBe4L51f0xTzmBzesq6xZB5BHkHnihUjrDStiO
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:16:19 2025 by rpki-client