Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qZmRG_VWu8lO2c7Bp5gUBiTXHNQ.roa
File: qZmRG_VWu8lO2c7Bp5gUBiTXHNQ.roa (raw, json)
Hash identifier: XyL0covDSTYGg1NmjX52Im0w4Cl04taZ9HnHSSWg8zY=
Subject key identifier: A9:99:91:1B:F5:56:BB:C9:4E:D9:CE:C1:A7:98:14:06:24:D7:1C:D4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC71569B0F0433EB2FF7780E1B6DA0
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qZmRG_VWu8lO2c7Bp5gUBiTXHNQ.roa
Signing time: Thu 02 Jan 2025 07:48:08 +0000
ROA not before: Thu 02 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42532
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
188.253.16.0/21 maxlen: 24
188.253.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:71:56:9b:0f:04:33:eb:2f:f7:78:0e:1b:6d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a999911bf556bbc94ed9cec1a798140624d71cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:1f:0c:70:b7:3e:7e:3c:dd:21:e9:54:65:
ce:3c:9b:02:29:b4:ed:ce:5a:7c:51:6b:aa:1e:76:
ee:43:48:d1:bc:e3:ff:69:36:80:cf:92:3f:f6:f1:
0e:df:36:24:93:02:df:37:df:04:24:c1:75:f9:a9:
61:44:2d:20:73:2b:9b:97:eb:54:56:b9:07:c5:58:
91:e4:80:42:ae:94:55:62:e6:77:6c:5a:38:90:f9:
7f:fd:94:79:2d:6a:e5:48:b4:15:dd:43:59:89:68:
58:79:56:1f:eb:9d:97:9f:51:8f:cd:fe:2b:51:45:
1b:1b:15:9b:58:0d:af:25:3d:23:ec:97:92:c5:b8:
97:28:2d:cb:7c:3f:87:f1:77:cd:f6:3e:b1:e8:55:
d1:3d:b7:bb:43:d6:7e:9a:e4:1c:06:dc:70:db:e8:
e8:e5:56:bb:01:20:1d:db:1c:c4:a6:50:59:25:b0:
79:ab:ff:5a:d8:79:d3:b0:6f:2c:4d:88:c3:51:3a:
f6:eb:9f:96:a1:93:7b:fb:b5:d8:80:2d:1f:b2:b3:
08:93:ee:31:0e:90:58:e0:e6:6d:61:eb:e3:8b:b1:
96:f7:c6:01:7c:b8:32:f2:b7:43:d5:d7:5d:7c:bf:
8e:cf:1b:a7:6d:cc:a1:9c:47:a0:ae:eb:67:5b:f3:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:99:91:1B:F5:56:BB:C9:4E:D9:CE:C1:A7:98:14:06:24:D7:1C:D4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qZmRG_VWu8lO2c7Bp5gUBiTXHNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0/22
188.253.16.0-188.253.27.255
Signature Algorithm: sha256WithRSAEncryption
9f:ec:64:95:ac:49:d8:96:9a:3f:10:9c:d2:ff:d4:d4:d4:c1:
b2:a9:1a:f1:23:dd:04:6f:9b:a9:12:fb:6a:f3:2a:c5:72:54:
9f:7f:08:74:2d:7c:ed:c7:ac:43:74:54:50:ba:dc:35:b1:df:
74:92:e5:e9:f7:5b:ce:f9:52:eb:cb:ea:83:db:4d:7d:27:94:
f5:b3:4b:37:a7:95:31:92:da:c2:4d:4e:db:71:3b:94:59:5f:
21:a1:93:73:d7:ed:ab:61:fc:26:49:4f:c8:7b:e8:ed:ab:b4:
66:e3:9c:11:b6:3d:31:18:d6:30:4d:f6:76:0b:fc:51:c8:e9:
9b:43:43:68:cd:61:62:c0:56:ca:71:87:8f:e8:3d:a4:91:1a:
72:72:a4:f7:d4:c2:20:16:e4:df:0f:41:b3:ad:7b:58:28:b2:
11:3c:1b:42:8b:73:dc:c9:36:09:84:8f:9d:07:0f:b3:88:b0:
69:60:df:e0:10:00:0d:02:e5:3e:6d:26:33:e7:66:4f:e7:b7:
88:63:b9:50:fa:1f:b3:21:dc:2b:e5:57:5c:0d:7f:a4:22:fa:
55:76:cf:86:1f:18:00:e9:74:ea:25:2a:8a:12:51:fd:48:d6:
20:33:16:2f:f8:dd:31:96:72:6f:6e:aa:40:94:4b:ce:c6:77:
2e:d0:cc:5d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/HFWmw8EM+sv93gOG22gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk5OTExYmY1NTZiYmM5NGVkOWNlYzFhNzk4MTQwNjI0ZDcxY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIUfDHC3Pn483SHpVGXOPJsCKbTt
zlp8UWuqHnbuQ0jRvOP/aTaAz5I/9vEO3zYkkwLfN98EJMF1+alhRC0gcyubl+tU
VrkHxViR5IBCrpRVYuZ3bFo4kPl//ZR5LWrlSLQV3UNZiWhYeVYf652Xn1GPzf4r
UUUbGxWbWA2vJT0j7JeSxbiXKC3LfD+H8XfN9j6x6FXRPbe7Q9Z+muQcBtxw2+jo
5Va7ASAd2xzEplBZJbB5q/9a2HnTsG8sTYjDUTr265+WoZN7+7XYgC0fsrMIk+4x
DpBY4OZtYevji7GW98YBfLgy8rdD1dddfL+OzxunbcyhnEegrutnW/PTXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKmZkRv1VrvJTtnOwaeYFAYk1xzUMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcVptUkdfVld1OGxPMmM3QnA1Z1VCaVRYSE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDBSLQAwQC
UnMEMAwDBAS8/RADBAK8/RgwDQYJKoZIhvcNAQELBQADggEBAJ/sZJWsSdiWmj8Q
nNL/1NTUwbKpGvEj3QRvm6kS+2rzKsVyVJ9/CHQtfO3HrEN0VFC63DWx33SS5en3
W875UuvL6oPbTX0nlPWzSzenlTGS2sJNTttxO5RZXyGhk3PX7ath/CZJT8h76O2r
tGbjnBG2PTEY1jBN9nYL/FHI6ZtDQ2jNYWLAVspxh4/oPaSRGnJypPfUwiAW5N8P
QbOte1goshE8G0KLc9zJNgmEj50HD7OIsGlg3+AQAA0C5T5tJjPnZk/nt4hjuVD6
H7Mh3CvlV1wNf6Qi+lV2z4YfGADpdOolKooSUf1I1iAzFi/43TGWcm9uqkCUS87G
dy7QzF0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:39:22 2025 by rpki-client