Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/qfFwvTio97FSRHjQYuRGTKpqDNg.roa
File: qfFwvTio97FSRHjQYuRGTKpqDNg.roa (raw, json)
Hash identifier: svdnZox06xTajQljreSGSixFuAOWPF1/7KNajKyZt9E=
Subject key identifier: A9:F1:70:BD:38:A8:F7:B1:52:44:78:D0:62:E4:46:4C:AA:6A:0C:D8
Certificate issuer: /CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Certificate serial: 0194266B7F7CA445AC2A1E71931396B886D7
Authority key identifier: F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/qfFwvTio97FSRHjQYuRGTKpqDNg.roa
Signing time: Thu 02 Jan 2025 09:49:26 +0000
ROA not before: Thu 02 Jan 2025 09:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212136
IP address blocks: 5.172.178.0/24 maxlen: 24
81.22.46.0/24 maxlen: 24
81.22.47.0/24 maxlen: 24
185.228.248.0/24 maxlen: 24
185.247.187.0/24 maxlen: 24
194.31.9.0/24 maxlen: 24
213.232.254.0/24 maxlen: 24
2a10:aa80::/30 maxlen: 30
2a10:aa84::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7f:7c:a4:45:ac:2a:1e:71:93:13:96:b8:86:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Validity
Not Before: Jan 2 09:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9f170bd38a8f7b1524478d062e4464caa6a0cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:5c:d7:ef:c1:33:de:5e:0a:d9:82:0b:43:
f4:89:59:25:84:80:83:e9:a7:a1:a7:34:0a:64:50:
63:ee:87:4d:d0:a1:c7:b3:9d:2a:1c:28:d5:2f:38:
46:15:7b:79:b2:56:5d:67:4b:08:26:fe:17:c6:50:
e8:7f:c2:94:46:c9:82:d0:e9:ad:7a:5d:bc:00:fe:
84:60:ea:fd:24:6b:6a:48:93:85:29:94:cc:34:a6:
c6:a8:e1:01:df:36:a7:98:c9:80:72:3c:21:9f:1a:
d3:73:e5:35:3a:54:53:dd:51:96:58:f0:e0:cb:11:
d0:d9:e0:af:14:45:ac:df:a1:4f:28:e6:d4:85:f9:
65:ce:a7:02:29:8d:dc:e3:f4:0d:e5:33:ed:b6:cb:
dc:f7:05:f1:c3:08:b7:c9:ef:07:7c:50:47:67:27:
a3:73:6b:5c:0e:82:87:b8:b2:4a:c6:29:15:de:5e:
80:c0:8c:94:eb:d9:1a:de:48:61:c8:ed:27:6c:b9:
1a:30:04:ec:52:bb:5c:d9:ee:ad:40:a3:d7:64:4a:
b6:99:55:78:75:b3:94:39:3d:c8:f9:38:e7:d4:2c:
e7:6a:ea:b5:72:44:bd:b7:02:ac:7f:71:65:63:5a:
fb:21:95:cd:43:5f:12:5c:f3:70:d0:7a:a3:df:30:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F1:70:BD:38:A8:F7:B1:52:44:78:D0:62:E4:46:4C:AA:6A:0C:D8
X509v3 Authority Key Identifier:
keyid:F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/qfFwvTio97FSRHjQYuRGTKpqDNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.178.0/24
81.22.46.0/23
185.228.248.0/24
185.247.187.0/24
194.31.9.0/24
213.232.254.0/24
IPv6:
2a10:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
80:6f:63:1c:3d:8d:b2:d5:93:8b:e0:ec:ea:ad:7e:9b:49:16:
bc:25:74:31:4d:38:65:02:ea:f9:53:9d:db:84:d0:d4:28:3e:
63:bd:f9:58:0d:27:b9:b3:ba:59:58:5e:b2:51:aa:6d:9c:2d:
db:c2:f7:a8:25:82:ab:92:d8:0f:75:83:21:f1:fd:5e:7b:3a:
bf:6b:0b:6d:b8:f3:e8:17:53:fd:cd:31:d9:ff:c1:3f:72:2f:
2d:bc:d6:1d:4d:16:b7:09:6c:fb:96:3d:10:fd:cb:fd:a8:87:
5c:60:5a:f3:b7:5b:48:98:a5:0e:76:71:2b:0b:d8:b3:a0:22:
e4:ac:ed:fe:22:16:46:32:16:f1:c9:f1:2c:58:7f:b9:45:97:
2f:38:ed:15:83:d5:5c:d1:24:78:cc:2d:9b:d5:94:9e:a2:6d:
ff:06:28:73:c1:7b:dd:b2:a5:bb:44:0b:e9:9e:51:7a:7b:58:
45:bd:1f:b7:f8:26:24:4a:a0:2f:b0:5b:fe:d1:00:9c:d6:c9:
70:be:19:66:ac:ae:b8:95:38:28:4c:96:44:e2:6a:f8:ea:67:
98:3f:35:eb:3c:eb:ac:21:39:ca:21:af:fc:95:27:0b:fa:e3:
ff:93:d8:9f:30:8b:6f:ea:a4:42:79:b8:c8:3f:5a:56:2c:77:
ef:13:7f:81
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQma398pEWsKh5xkxOWuIbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzZiN2RkNTE3NWJlOGRiN2EwNTIyZjdkNGU0MWM1YzQy
YzZiMjkwHhcNMjUwMTAyMDk0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYxNzBiZDM4YThmN2IxNTI0NDc4ZDA2MmU0NDY0Y2FhNmEwY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRJc1+/BM95eCtmCC0P0iVklhICD
6aehpzQKZFBj7odN0KHHs50qHCjVLzhGFXt5slZdZ0sIJv4XxlDof8KURsmC0Omt
el28AP6EYOr9JGtqSJOFKZTMNKbGqOEB3zanmMmAcjwhnxrTc+U1OlRT3VGWWPDg
yxHQ2eCvFEWs36FPKObUhfllzqcCKY3c4/QN5TPttsvc9wXxwwi3ye8HfFBHZyej
c2tcDoKHuLJKxikV3l6AwIyU69ka3khhyO0nbLkaMATsUrtc2e6tQKPXZEq2mVV4
dbOUOT3I+Tjn1Cznauq1ckS9twKsf3FlY1r7IZXNQ18SXPNw0Hqj3zC6pQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKnxcL04qPexUkR40GLkRkyqagzYMB8GA1UdIwQY
MBaAFPTGt91Rdb6Nt6BSL31OQcXELGspMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGIt
OWIyMWI2ZjY2NzlhLzEvcWZGd3ZUaW85N0ZTUkhqUVl1UkdUS3BxRE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGItOWIyMWI2ZjY2Nzlh
LzEvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABayyAwQB
URYuAwQAueT4AwQAufe7AwQAwh8JAwQA1ej+MA0EAgACMAcDBQMqEKqAMA0GCSqG
SIb3DQEBCwUAA4IBAQCAb2McPY2y1ZOL4OzqrX6bSRa8JXQxTThlAur5U53bhNDU
KD5jvflYDSe5s7pZWF6yUaptnC3bwveoJYKrktgPdYMh8f1eezq/awttuPPoF1P9
zTHZ/8E/ci8tvNYdTRa3CWz7lj0Q/cv9qIdcYFrzt1tImKUOdnErC9izoCLkrO3+
IhZGMhbxyfEsWH+5RZcvOO0Vg9Vc0SR4zC2b1ZSeom3/BihzwXvdsqW7RAvpnlF6
e1hFvR+3+CYkSqAvsFv+0QCc1slwvhlmrK64lTgoTJZE4mr46meYPzXrPOusITnK
Ia/8lScL+uP/k9ifMItv6qRCebjIP1pWLHfvE3+B
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:45 2025 by rpki-client