Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tqommh7ZCQVkzMljhJcO5WGPzY8.roa
File: tqommh7ZCQVkzMljhJcO5WGPzY8.roa (raw, json)
Hash identifier: ZRh13cXEpOpozEYaVeNDZPdHzuWnjoqtnIpC0guE2S4=
Subject key identifier: B6:AA:26:9A:1E:D9:09:05:64:CC:C9:63:84:97:0E:E5:61:8F:CD:8F
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018A0F99620F05FB24B17BF64DC3238D58F1
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tqommh7ZCQVkzMljhJcO5WGPzY8.roa
Signing time: Sat 19 Aug 2023 21:00:24 +0000
ROA not before: Sat 19 Aug 2023 21:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.46.248.0/22 maxlen: 24
109.94.144.0/20 maxlen: 24
94.24.64.0/21 maxlen: 24
91.245.216.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
37.251.200.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
192.64.44.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0f:99:62:0f:05:fb:24:b1:7b:f6:4d:c3:23:8d:58:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Aug 19 21:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6aa269a1ed9090564ccc96384970ee5618fcd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:89:84:1a:f3:99:ff:91:15:00:ab:18:a7:bd:
bd:97:4b:c9:0d:65:3d:fd:9e:91:2e:7a:2c:37:99:
8e:f0:20:1d:26:1b:8e:a7:c5:45:ef:20:d5:5f:33:
e8:2a:4c:1d:36:5d:fe:be:58:9b:bb:2f:78:8f:ed:
7f:96:dd:6e:47:b5:95:6a:1a:8e:8b:c0:d9:ff:9f:
82:4c:43:c1:3e:6f:f9:ed:61:e2:b0:7c:4e:b7:d7:
0f:b9:fd:43:e2:bd:fa:68:24:07:05:3d:63:af:0e:
80:59:5e:51:45:61:f0:14:de:6d:36:5d:e4:ab:fd:
42:33:33:1c:47:d3:73:29:8f:83:e7:eb:6a:ac:43:
2d:67:da:cc:83:c2:13:b9:0f:80:01:ba:02:9f:50:
bb:d7:4c:64:46:74:5e:72:29:12:e5:fa:63:41:34:
e1:77:08:7f:d2:77:dc:40:b9:5f:e4:a2:ca:94:36:
b3:77:40:39:59:ed:71:3a:49:fa:fc:2d:3a:c6:1e:
ee:19:dd:bd:28:6e:e1:f2:df:45:18:0f:05:4a:2c:
c2:e0:4b:c4:70:5a:6f:41:83:7a:4d:78:73:1a:66:
38:18:f1:42:e4:00:76:6d:66:8c:4a:0a:bc:8d:66:
99:94:2e:e4:3a:6c:f0:87:2a:f8:9b:62:4b:89:fe:
0a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AA:26:9A:1E:D9:09:05:64:CC:C9:63:84:97:0E:E5:61:8F:CD:8F
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tqommh7ZCQVkzMljhJcO5WGPzY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.200.0/21
62.122.40.0/21
89.46.248.0/22
91.245.216.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
192.64.44.0/23
Signature Algorithm: sha256WithRSAEncryption
30:84:0d:a4:19:92:73:90:cc:33:7b:a1:d0:18:71:e2:a4:f1:
47:b3:3b:63:e3:1e:92:91:cf:ad:b5:69:66:c2:9a:03:82:19:
23:71:c3:5b:0b:4e:47:4c:55:df:31:b5:25:65:1a:df:08:19:
53:1f:3d:f7:fc:9c:14:4b:7e:c8:23:4d:7c:6b:8b:81:d4:1a:
44:fa:30:68:60:e8:ec:03:a2:44:3b:9f:fa:9c:b4:bd:51:39:
f3:e8:d1:91:01:31:a5:f7:ca:14:94:d9:b6:4c:e6:b7:2a:e0:
6b:d0:80:ad:f0:a9:94:35:8a:7d:fb:6a:5d:13:08:c8:49:d9:
e9:ec:e3:f2:e6:18:17:11:7f:97:40:e6:ac:f5:22:21:89:12:
e1:db:36:c1:97:25:8c:b3:ad:41:9c:b4:5a:33:97:96:aa:95:
c2:b3:29:ca:42:f7:16:52:43:15:8f:a8:3c:8d:33:10:26:12:
e2:60:a1:a7:db:2d:59:b4:12:26:86:85:ae:cb:37:96:c6:ff:
b8:19:9c:a8:f4:54:45:f3:7e:1b:e9:a6:82:66:f5:79:26:a6:
e9:72:0b:11:48:38:db:cd:79:f6:24:ea:75:e0:33:87:64:7b:
54:ad:c8:7f:74:23:3f:f8:12:63:12:ec:b8:bd:93:3e:0e:1a:
07:29:09:54
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYoPmWIPBfsksXv2TcMjjVjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwODE5MjEwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFhMjY5YTFlZDkwOTA1NjRjY2M5NjM4NDk3MGVlNTYxOGZjZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhImEGvOZ/5EVAKsYp729l0vJDWU9
/Z6RLnosN5mO8CAdJhuOp8VF7yDVXzPoKkwdNl3+vlibuy94j+1/lt1uR7WVahqO
i8DZ/5+CTEPBPm/57WHisHxOt9cPuf1D4r36aCQHBT1jrw6AWV5RRWHwFN5tNl3k
q/1CMzMcR9NzKY+D5+tqrEMtZ9rMg8ITuQ+AAboCn1C710xkRnRecikS5fpjQTTh
dwh/0nfcQLlf5KLKlDazd0A5We1xOkn6/C06xh7uGd29KG7h8t9FGA8FSizC4EvE
cFpvQYN6TXhzGmY4GPFC5AB2bWaMSgq8jWaZlC7kOmzwhyr4m2JLif4KOQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLaqJpoe2QkFZMzJY4SXDuVhj82PMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvdHFvbW1oN1pDUVZrek1samhKY081V0dQelk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDJfvIAwQD
PnooAwQCWS74AwQBW/XYAwQDXhhAAwQBXhoYAwQEbV6QAwQBwEAsMA0GCSqGSIb3
DQEBCwUAA4IBAQAwhA2kGZJzkMwze6HQGHHipPFHsztj4x6Skc+ttWlmwpoDghkj
ccNbC05HTFXfMbUlZRrfCBlTHz33/JwUS37II018a4uB1BpE+jBoYOjsA6JEO5/6
nLS9UTnz6NGRATGl98oUlNm2TOa3KuBr0ICt8KmUNYp9+2pdEwjISdnp7OPy5hgX
EX+XQOas9SIhiRLh2zbBlyWMs61BnLRaM5eWqpXCsynKQvcWUkMVj6g8jTMQJhLi
YKGn2y1ZtBImhoWuyzeWxv+4GZyo9FRF834b6aaCZvV5JqbpcgsRSDjbzXn2JOp1
4DOHZHtUrch/dCM/+BJjEuy4vZM+DhoHKQlU
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:41:25 2025 by rpki-client