Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/QhGwMDwYTSAujE5_XyX-bgJqps8.roa
File: QhGwMDwYTSAujE5_XyX-bgJqps8.roa (raw, json)
Hash identifier: j9xPLchxipXHbvr640eZhdyK4jnO4UPIf191WHHdjwk=
Subject key identifier: 42:11:B0:30:3C:18:4D:20:2E:8C:4E:7F:5F:25:FE:6E:02:6A:A6:CF
Certificate issuer: /CN=898df4e11514becc472a757e036b38087d0165ed
Certificate serial: 018BD7940D1EEF7C35AF81E3F8F4C1780329
Authority key identifier: 89:8D:F4:E1:15:14:BE:CC:47:2A:75:7E:03:6B:38:08:7D:01:65:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iY304RUUvsxHKnV-A2s4CH0BZe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/QhGwMDwYTSAujE5_XyX-bgJqps8.roa
Signing time: Thu 16 Nov 2023 10:01:25 +0000
ROA not before: Thu 16 Nov 2023 10:01:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.47.137.0/24 maxlen: 24
185.47.136.0/24 maxlen: 24
185.47.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:94:0d:1e:ef:7c:35:af:81:e3:f8:f4:c1:78:03:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898df4e11514becc472a757e036b38087d0165ed
Validity
Not Before: Nov 16 10:01:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4211b0303c184d202e8c4e7f5f25fe6e026aa6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a2:cd:95:f2:eb:67:43:71:35:58:3b:1a:54:
3a:18:20:04:87:b7:df:56:c9:38:5a:a7:ad:d4:f0:
fe:53:82:e5:07:42:a5:21:00:ce:35:9f:2b:b8:19:
a0:cd:c5:f3:c8:2d:3e:55:93:aa:e6:51:48:96:a7:
00:34:4f:ba:93:76:76:90:f7:59:d1:2b:3b:17:67:
f5:af:33:6c:9e:3d:69:a3:4f:63:ab:75:15:2b:92:
7a:d9:ed:ec:fc:8b:34:19:ea:01:3d:4c:d1:6a:1c:
e9:7d:8b:f9:88:5a:de:79:3d:7a:23:fc:44:e3:df:
bb:34:df:7c:b0:87:bb:6a:54:d3:c6:2c:15:26:ee:
f8:21:83:fb:86:bc:8f:76:32:d4:54:54:fa:6c:0f:
80:78:77:cb:7b:ee:2b:b6:50:88:51:be:ef:d7:bb:
3d:97:ff:95:c6:ce:12:43:f9:8d:5f:0f:d8:bb:5a:
12:74:1c:9e:a6:cb:9d:3e:f2:67:b1:87:da:90:68:
a4:49:ee:7e:62:32:71:df:7f:21:c0:e5:4b:d2:e3:
2f:83:6d:20:59:ee:4c:d9:74:34:47:9e:0a:fd:cf:
ba:54:7a:ff:ac:de:47:d0:ea:c1:db:ef:65:61:6b:
98:46:5a:2c:26:d4:4a:ee:1a:83:4a:3c:37:86:84:
61:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:11:B0:30:3C:18:4D:20:2E:8C:4E:7F:5F:25:FE:6E:02:6A:A6:CF
X509v3 Authority Key Identifier:
keyid:89:8D:F4:E1:15:14:BE:CC:47:2A:75:7E:03:6B:38:08:7D:01:65:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iY304RUUvsxHKnV-A2s4CH0BZe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/QhGwMDwYTSAujE5_XyX-bgJqps8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/dcbba6-19e0-45cd-b44d-3d33d374d01f/1/iY304RUUvsxHKnV-A2s4CH0BZe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.136.0/23
185.47.139.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:1d:75:e4:60:f4:76:88:32:1a:76:d5:4d:cb:73:52:b5:be:
3a:b4:16:a8:a0:aa:6a:21:78:85:7d:6f:ae:4a:42:06:ec:6a:
62:ad:5a:d7:f9:13:6a:d1:c7:e2:09:78:fe:0d:89:0b:8b:83:
4a:3f:7e:1f:5a:21:d6:74:d2:b2:49:cf:03:a7:e0:33:9f:2f:
18:e3:68:d4:c9:1a:10:d1:96:97:c6:fe:70:f4:8e:7c:a6:e8:
51:17:29:3d:db:9f:68:68:b0:3b:04:d7:0e:d2:4e:76:fb:bb:
65:4c:a4:47:97:ef:c0:d6:35:af:2f:f5:8c:a3:57:ee:0e:b1:
51:7d:94:cc:d1:34:66:43:b3:92:7b:bd:15:f9:c0:89:08:7c:
49:66:80:30:d3:31:52:79:86:0c:38:03:bf:df:40:97:1c:b1:
ab:b7:24:3d:b0:e7:0a:ea:80:0e:f7:c3:07:c5:52:d9:0c:9c:
6f:fe:8a:7c:ef:f2:63:60:6a:8e:ff:83:4e:60:df:d9:40:18:
cc:c3:81:1e:3b:92:0a:44:12:73:6a:c3:1f:82:7e:c8:06:a2:
b4:25:2a:6b:aa:6d:1b:d7:0b:6c:07:cf:86:08:6d:f7:72:43:
a4:51:09:5b:0c:ba:d6:e1:ba:31:be:19:e9:89:34:37:0e:89:
65:ac:bd:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvXlA0e73w1r4Hj+PTBeAMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OGRmNGUxMTUxNGJlY2M0NzJhNzU3ZTAzNmIzODA4N2Qw
MTY1ZWQwHhcNMjMxMTE2MTAwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjExYjAzMDNjMTg0ZDIwMmU4YzRlN2Y1ZjI1ZmU2ZTAyNmFhNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaLNlfLrZ0NxNVg7GlQ6GCAEh7ff
Vsk4Wqet1PD+U4LlB0KlIQDONZ8ruBmgzcXzyC0+VZOq5lFIlqcANE+6k3Z2kPdZ
0Ss7F2f1rzNsnj1po09jq3UVK5J62e3s/Is0GeoBPUzRahzpfYv5iFreeT16I/xE
49+7NN98sIe7alTTxiwVJu74IYP7hryPdjLUVFT6bA+AeHfLe+4rtlCIUb7v17s9
l/+Vxs4SQ/mNXw/Yu1oSdByepsudPvJnsYfakGikSe5+YjJx338hwOVL0uMvg20g
We5M2XQ0R54K/c+6VHr/rN5H0OrB2+9lYWuYRlosJtRK7hqDSjw3hoRhcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIRsDA8GE0gLoxOf18l/m4CaqbPMB8GA1UdIwQY
MBaAFImN9OEVFL7MRyp1fgNrOAh9AWXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVkzMDRSVVV2c3hIS25WLUEyczRDSDBCWmUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kY2JiYTYtMTllMC00NWNkLWI0NGQt
M2QzM2QzNzRkMDFmLzEvUWhHd01Ed1lUU0F1akU1X1h5WC1iZ0pxcHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kY2JiYTYtMTllMC00NWNkLWI0NGQtM2QzM2QzNzRkMDFm
LzEvaVkzMDRSVVV2c3hIS25WLUEyczRDSDBCWmUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuS+IAwQA
uS+LMA0GCSqGSIb3DQEBCwUAA4IBAQCKHXXkYPR2iDIadtVNy3NStb46tBaooKpq
IXiFfW+uSkIG7GpirVrX+RNq0cfiCXj+DYkLi4NKP34fWiHWdNKySc8Dp+Azny8Y
42jUyRoQ0ZaXxv5w9I58puhRFyk9259oaLA7BNcO0k52+7tlTKRHl+/A1jWvL/WM
o1fuDrFRfZTM0TRmQ7OSe70V+cCJCHxJZoAw0zFSeYYMOAO/30CXHLGrtyQ9sOcK
6oAO98MHxVLZDJxv/op87/JjYGqO/4NOYN/ZQBjMw4EeO5IKRBJzasMfgn7IBqK0
JSprqm0b1wtsB8+GCG33ckOkUQlbDLrW4boxvhnpiTQ3DollrL27
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:16:03 2025 by rpki-client