Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/Qh3mzL9VUkWkolAH9jB_GpWhLg0.roa
File: Qh3mzL9VUkWkolAH9jB_GpWhLg0.roa (raw, json)
Hash identifier: LSjP0eVYXjK72XpL0ynKNA9slIHH17di2BQFA3XHSqk=
Subject key identifier: 42:1D:E6:CC:BF:55:52:45:A4:A2:50:07:F6:30:7F:1A:95:A1:2E:0D
Certificate issuer: /CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Certificate serial: 0194258F28DA8B4CAC7A496D9B3683DA87FC
Authority key identifier: AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/Qh3mzL9VUkWkolAH9jB_GpWhLg0.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199708
IP address blocks: 185.48.200.0/23 maxlen: 23
185.48.201.0/24 maxlen: 24
185.48.202.0/23 maxlen: 23
185.48.203.0/24 maxlen: 24
2a04:b280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:28:da:8b:4c:ac:7a:49:6d:9b:36:83:da:87:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=421de6ccbf555245a4a25007f6307f1a95a12e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a3:fb:2c:92:ef:24:04:31:ee:ca:ab:17:26:
44:59:6b:98:44:f4:10:7e:b0:f0:33:39:fe:44:15:
03:24:b0:1f:dc:f9:d7:22:e2:64:2e:63:61:5d:19:
0f:3b:c9:1f:9e:e1:16:90:11:f5:40:5d:c7:aa:e2:
24:44:2d:9c:e1:66:c8:17:7e:26:c1:b0:40:97:bc:
d2:8e:2a:ab:b4:bd:02:db:41:72:06:43:1c:8b:8c:
4c:0f:0a:7d:db:58:0f:5e:0c:c7:6b:8e:35:49:36:
40:9b:9e:e0:1c:40:50:0a:66:76:5d:6d:59:bc:5d:
f5:17:f6:9a:bd:d8:e7:5b:93:58:8c:ec:3d:6c:8f:
58:c5:ab:44:7f:c7:51:45:e7:9a:73:1b:33:65:35:
e9:bb:c4:c2:69:fa:0d:cb:a5:31:62:d0:21:40:e5:
7d:ee:b4:7e:2e:e2:e9:b6:dc:0a:8f:b5:5b:5e:2a:
21:18:9a:d5:11:44:28:d0:9f:f1:91:0f:5d:ed:5d:
b1:a5:af:90:5f:63:2d:7d:13:d1:36:25:c5:37:0a:
95:99:74:85:ea:e9:85:bb:22:ed:d0:51:46:e6:ff:
0f:09:06:1c:7f:a2:e7:09:78:c3:e4:2a:d2:4b:28:
f3:5c:2d:f2:fc:53:2a:4a:fd:42:6a:6b:1f:ad:fa:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1D:E6:CC:BF:55:52:45:A4:A2:50:07:F6:30:7F:1A:95:A1:2E:0D
X509v3 Authority Key Identifier:
keyid:AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/Qh3mzL9VUkWkolAH9jB_GpWhLg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/rEvdnpfyEDcMwwElesFfrrj6Uk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.200.0/22
IPv6:
2a04:b280::/29
Signature Algorithm: sha256WithRSAEncryption
60:11:96:c6:4e:aa:84:4a:97:65:a5:39:6f:70:66:aa:28:a2:
29:1d:55:71:50:d6:3c:1b:bc:53:cf:00:5f:44:d2:bf:9d:77:
7c:6b:52:d1:0b:f5:bc:8c:14:b8:f5:fa:41:3f:21:01:aa:57:
da:fc:dc:98:9c:9b:fa:5e:20:10:e1:29:59:46:dc:b9:8e:c0:
7f:28:85:89:cd:97:d2:7c:63:7f:cb:e6:aa:8b:53:dd:a5:62:
10:c2:7d:a9:c4:82:d3:29:9e:7b:6a:66:54:a2:81:14:fc:d3:
51:b1:3a:2f:04:11:a5:d1:24:38:37:a8:8c:5a:38:87:ee:6b:
29:f0:d6:5d:fe:c9:20:76:68:16:f6:74:7c:b3:be:c8:60:fd:
a7:85:77:e5:04:b2:32:f6:9e:1e:d1:54:80:3f:1e:3d:13:85:
e6:92:19:00:53:b6:c8:67:d7:0a:e1:c2:f6:3a:9f:0f:03:08:
53:4b:fe:e6:44:89:d5:eb:ff:e8:5d:82:8b:24:b3:b3:ed:c8:
da:f3:43:e7:51:a7:a2:3a:a3:11:62:f5:c1:4a:75:36:3e:e8:
9c:66:88:84:d7:cf:0c:fc:5d:ae:52:cb:72:31:6f:46:7c:36:
68:ec:25:62:33:4e:42:63:b7:47:ce:39:63:dd:97:76:2c:d2:
80:d1:99:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljyjai0ysekltmzaD2of8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNGJkZDllOTdmMjEwMzcwY2MzMDEyNTdhYzE1ZmFlYjhm
YTUyNGUwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjFkZTZjY2JmNTU1MjQ1YTRhMjUwMDdmNjMwN2YxYTk1YTEyZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaP7LJLvJAQx7sqrFyZEWWuYRPQQ
frDwMzn+RBUDJLAf3PnXIuJkLmNhXRkPO8kfnuEWkBH1QF3HquIkRC2c4WbIF34m
wbBAl7zSjiqrtL0C20FyBkMci4xMDwp921gPXgzHa441STZAm57gHEBQCmZ2XW1Z
vF31F/aavdjnW5NYjOw9bI9YxatEf8dRReeacxszZTXpu8TCafoNy6UxYtAhQOV9
7rR+LuLpttwKj7VbXiohGJrVEUQo0J/xkQ9d7V2xpa+QX2MtfRPRNiXFNwqVmXSF
6umFuyLt0FFG5v8PCQYcf6LnCXjD5CrSSyjzXC3y/FMqSv1CamsfrfqozQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEId5sy/VVJFpKJQB/YwfxqVoS4NMB8GA1UdIwQY
MBaAFKxL3Z6X8hA3DMMBJXrBX664+lJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQt
MTRiMGU4YzRlOGU3LzEvUWgzbXpMOVZVa1drb2xBSDlqQl9HcFdoTGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQtMTRiMGU4YzRlOGU3
LzEvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDIMA0E
AgACMAcDBQMqBLKAMA0GCSqGSIb3DQEBCwUAA4IBAQBgEZbGTqqESpdlpTlvcGaq
KKIpHVVxUNY8G7xTzwBfRNK/nXd8a1LRC/W8jBS49fpBPyEBqlfa/NyYnJv6XiAQ
4SlZRty5jsB/KIWJzZfSfGN/y+aqi1PdpWIQwn2pxILTKZ57amZUooEU/NNRsTov
BBGl0SQ4N6iMWjiH7msp8NZd/skgdmgW9nR8s77IYP2nhXflBLIy9p4e0VSAPx49
E4XmkhkAU7bIZ9cK4cL2Op8PAwhTS/7mRInV6//oXYKLJLOz7cja80PnUaeiOqMR
YvXBSnU2PuicZoiE188M/F2uUstyMW9GfDZo7CViM05CY7dHzjlj3Zd2LNKA0Zlc
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:44 2025 by rpki-client