Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/quVY_P3Kwsw_4ebGwN1YZLG493c.roa
File: quVY_P3Kwsw_4ebGwN1YZLG493c.roa (raw, json)
Hash identifier: qPTxzuOakWGRaRxIS7HTKmLp8BUYxXOojXd10VSZEgE=
Subject key identifier: AA:E5:58:FC:FD:CA:C2:CC:3F:E1:E6:C6:C0:DD:58:64:B1:B8:F7:77
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A109843417A66EF1C9D71A3CA756
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/quVY_P3Kwsw_4ebGwN1YZLG493c.roa
Signing time: Wed 01 Jan 2025 07:47:38 +0000
ROA not before: Wed 01 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9180
IP address blocks: 194.3.190.0/24 maxlen: 24
194.206.120.0/24 maxlen: 24
194.250.118.0/24 maxlen: 24
195.101.64.0/24 maxlen: 24
195.101.188.0/24 maxlen: 24
195.101.189.0/24 maxlen: 24
217.109.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a1:09:84:34:17:a6:6e:f1:c9:d7:1a:3c:a7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aae558fcfdcac2cc3fe1e6c6c0dd5864b1b8f777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:dc:59:0c:d8:55:d0:c0:5c:41:fc:18:22:
35:fd:3c:2d:35:b5:1c:66:6f:c6:b0:c8:b0:c8:09:
91:d0:23:11:69:90:18:7d:07:31:c8:dd:09:33:92:
72:9f:f3:3d:73:a6:59:83:d1:fd:39:23:f4:b6:eb:
6e:98:c2:dc:3c:a5:8b:26:ec:c1:25:b1:8f:41:cc:
26:c3:38:c2:ce:b7:a0:62:e8:4d:24:20:c7:7d:ff:
3a:ac:4a:b2:40:c2:8e:42:7d:88:bf:5f:a3:b9:a4:
cb:78:ae:c6:b2:02:72:9d:70:9c:1a:4b:7c:65:97:
67:5c:fe:8b:cc:94:9e:63:f6:cd:3b:46:ca:43:00:
6b:22:32:30:62:92:45:9f:1f:12:ec:76:0a:ac:67:
29:f4:27:86:8a:ae:2a:f9:08:24:00:0a:f7:46:2c:
1d:26:8e:f3:2e:33:21:37:fa:3d:1c:4c:51:fe:e3:
7c:b3:1e:87:b7:5d:ba:b3:a5:3f:7b:42:dc:b3:47:
2c:05:85:96:14:5f:b9:25:f5:ab:cb:3d:b7:75:a6:
ef:03:6d:d4:e2:c3:21:0f:68:3d:57:7e:d2:ca:89:
2c:05:96:e6:e7:0d:50:49:9c:99:fc:a3:0a:99:2c:
75:70:7d:e9:b8:91:1e:85:2b:38:68:19:8c:c7:88:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E5:58:FC:FD:CA:C2:CC:3F:E1:E6:C6:C0:DD:58:64:B1:B8:F7:77
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/quVY_P3Kwsw_4ebGwN1YZLG493c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.3.190.0/24
194.206.120.0/24
194.250.118.0/24
195.101.64.0/24
195.101.188.0/23
217.109.127.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:31:68:8a:87:db:22:52:65:37:cc:1e:67:bb:54:85:17:56:
84:cc:6f:94:76:2e:9a:4a:18:f2:88:3c:f6:3d:21:50:a6:0d:
b6:b8:25:fe:60:98:14:c7:62:82:3e:76:16:db:c0:0b:04:8a:
28:58:74:49:8c:74:e3:21:77:03:60:16:f7:9e:d9:7b:54:21:
1b:20:c4:fc:27:79:ed:f2:75:16:3a:2b:9e:76:14:60:5d:89:
42:1e:30:cb:ab:03:6b:5a:b1:16:b3:48:e3:10:2b:60:b8:68:
4f:d6:42:4d:c8:3f:2f:c7:64:ff:e3:99:91:91:58:27:6e:53:
7b:fb:17:3c:a0:11:98:ff:4a:d1:6f:74:07:02:97:6a:d7:72:
f6:07:87:2c:eb:70:98:d5:82:1f:08:61:65:57:cf:5c:7e:6b:
4c:b8:80:ae:4d:59:94:3b:70:43:77:25:14:82:e2:b8:e8:72:
f9:ac:d9:66:b4:9a:b1:41:25:ce:ff:60:da:18:18:05:11:02:
22:4e:00:91:7c:b8:59:aa:a7:39:69:f5:9c:73:6c:14:0b:6e:
70:4a:54:81:db:7c:37:13:2a:40:ea:ea:83:bc:58:2e:8e:8a:
3c:45:40:c9:c2:32:85:38:02:1a:14:f1:d1:cc:f1:08:82:74:
fd:5b:31:8a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1aEJhDQXpm7xydcaPKdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU1NThmY2ZkY2FjMmNjM2ZlMWU2YzZjMGRkNTg2NGIxYjhmNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP7cWQzYVdDAXEH8GCI1/TwtNbUc
Zm/GsMiwyAmR0CMRaZAYfQcxyN0JM5Jyn/M9c6ZZg9H9OSP0tutumMLcPKWLJuzB
JbGPQcwmwzjCzregYuhNJCDHff86rEqyQMKOQn2Iv1+juaTLeK7GsgJynXCcGkt8
ZZdnXP6LzJSeY/bNO0bKQwBrIjIwYpJFnx8S7HYKrGcp9CeGiq4q+QgkAAr3Riwd
Jo7zLjMhN/o9HExR/uN8sx6Ht126s6U/e0Lcs0csBYWWFF+5JfWryz23dabvA23U
4sMhD2g9V37SyoksBZbm5w1QSZyZ/KMKmSx1cH3puJEehSs4aBmMx4jhtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKrlWPz9ysLMP+HmxsDdWGSxuPd3MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcXVWWV9QM0t3c3dfNGViR3dOMVlaTEc0OTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwgO+AwQA
ws54AwQAwvp2AwQAw2VAAwQBw2W8AwQA2W1/MA0GCSqGSIb3DQEBCwUAA4IBAQCc
MWiKh9siUmU3zB5nu1SFF1aEzG+Udi6aShjyiDz2PSFQpg22uCX+YJgUx2KCPnYW
28ALBIooWHRJjHTjIXcDYBb3ntl7VCEbIMT8J3nt8nUWOiuedhRgXYlCHjDLqwNr
WrEWs0jjECtguGhP1kJNyD8vx2T/45mRkVgnblN7+xc8oBGY/0rRb3QHApdq13L2
B4cs63CY1YIfCGFlV89cfmtMuICuTVmUO3BDdyUUguK46HL5rNlmtJqxQSXO/2Da
GBgFEQIiTgCRfLhZqqc5afWcc2wUC25wSlSB23w3EypA6uqDvFgujoo8RUDJwjKF
OAIaFPHRzPEIgnT9WzGK
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:23:34 2025 by rpki-client