Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/9e169d-8177-4009-89ea-27756023f76f/1/QZC3QLMTcAI3-G5N1KHIcTDdMTw.roa
File: QZC3QLMTcAI3-G5N1KHIcTDdMTw.roa (raw, json)
Hash identifier: gxGQ9TFYQLLjH4dm7C9cos+KOP/HoRdbi+RAxcYn/zY=
Subject key identifier: 41:90:B7:40:B3:13:70:02:37:F8:6E:4D:D4:A1:C8:71:30:DD:31:3C
Certificate issuer: /CN=257c4d61757da42fed43b1220e3f595104fcb215
Certificate serial: 34F2EFAA
Authority key identifier: 25:7C:4D:61:75:7D:A4:2F:ED:43:B1:22:0E:3F:59:51:04:FC:B2:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXxNYXV9pC_tQ7EiDj9ZUQT8shU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/9e169d-8177-4009-89ea-27756023f76f/1/QZC3QLMTcAI3-G5N1KHIcTDdMTw.roa
Signing time: Sat 01 Jan 2022 12:56:04 +0000
ROA not before: Sat 01 Jan 2022 12:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197077
IP address blocks: 185.137.140.0/22 maxlen: 24
176.98.212.0/22 maxlen: 24
217.198.192.0/20 maxlen: 23
2a04:a450::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888336298 (0x34f2efaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257c4d61757da42fed43b1220e3f595104fcb215
Validity
Not Before: Jan 1 12:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4190b740b313700237f86e4dd4a1c87130dd313c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fa:2a:ab:88:08:35:59:fc:68:a0:bc:1b:fd:
16:2c:82:2c:b0:de:4b:71:80:72:e1:ce:35:2f:15:
41:1f:30:10:a8:7a:61:bc:f8:90:42:8a:a4:6f:63:
c8:27:1d:53:d6:f8:1e:16:e3:9b:4c:e4:8f:23:d6:
3b:7b:2a:99:94:b7:2b:b3:2f:b2:d8:c5:85:17:b1:
1e:fc:bb:05:b8:7d:e8:9c:1d:bd:cf:04:83:80:38:
8b:7a:b0:b4:b9:56:53:4e:3a:ed:63:f9:da:0a:ff:
cc:b6:b3:37:eb:8a:cd:a6:f2:ad:ba:71:e0:04:56:
d4:80:36:71:b2:54:73:6b:02:a5:79:23:e3:38:8a:
e5:cf:ac:af:21:7d:b6:14:a1:f1:44:86:b7:0b:0d:
0b:6a:a6:c9:5e:00:73:2c:d3:4c:5d:64:0d:be:32:
3e:c5:09:d6:a9:51:f1:6f:f5:95:0a:09:9e:9f:fa:
2a:ed:1f:fb:a9:d5:25:68:5a:9f:b3:e0:a1:35:26:
09:e6:93:42:14:79:3b:7e:7c:ab:af:97:75:e7:bd:
f0:9b:b9:b7:70:72:75:ad:9f:15:45:3f:7e:31:bb:
8d:b3:fb:40:ab:e3:09:99:e7:b1:4f:e3:3a:28:95:
16:90:ac:f4:06:52:26:b6:7e:64:81:6f:c2:d7:21:
93:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:B7:40:B3:13:70:02:37:F8:6E:4D:D4:A1:C8:71:30:DD:31:3C
X509v3 Authority Key Identifier:
keyid:25:7C:4D:61:75:7D:A4:2F:ED:43:B1:22:0E:3F:59:51:04:FC:B2:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXxNYXV9pC_tQ7EiDj9ZUQT8shU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e169d-8177-4009-89ea-27756023f76f/1/QZC3QLMTcAI3-G5N1KHIcTDdMTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e169d-8177-4009-89ea-27756023f76f/1/JXxNYXV9pC_tQ7EiDj9ZUQT8shU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.212.0/22
185.137.140.0/22
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
6f:7a:de:04:1a:03:b0:de:8a:3f:cb:b9:e9:18:d4:8e:f6:03:
7c:42:a2:82:85:32:29:31:e9:1a:b2:3a:72:89:cf:16:0b:74:
e4:69:b9:9c:c0:05:16:9e:e3:31:bf:7e:a5:34:9e:0e:4a:1d:
8e:8b:33:2d:9b:7a:68:18:8d:95:7a:0a:f1:0d:e5:7d:96:f4:
9b:a2:26:42:3a:ef:aa:52:ff:f4:d9:bd:76:29:b0:59:c8:45:
f4:af:74:cb:fe:9a:34:35:fa:fe:22:92:aa:6a:31:19:a9:83:
6f:cf:67:cc:55:29:11:0c:a1:81:01:9f:d0:1a:87:bd:dd:25:
3a:eb:9e:d1:ce:7b:1e:51:3e:0b:1a:0f:ee:76:f1:cc:86:bb:
44:55:3f:17:55:ca:51:cc:e6:6d:af:5c:df:1b:9f:45:a7:2b:
ad:2b:86:48:9c:e6:8f:dd:aa:b3:33:86:09:ff:1a:fe:3d:65:
ee:87:82:09:0b:e5:c4:ee:95:00:15:54:31:8b:5f:07:5b:bd:
eb:5e:b9:44:d4:e0:a6:83:17:4a:16:c3:cc:7e:01:f9:0f:38:
77:65:c2:33:c0:c1:72:30:13:3a:dd:fa:e3:30:74:1e:d0:58:
c9:9e:f2:21:fe:9e:7f:6d:5f:84:fd:47:5d:1b:d3:4a:1b:c2:
26:67:61:bc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENPLvqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTdjNGQ2MTc1N2RhNDJmZWQ0M2IxMjIwZTNmNTk1MTA0ZmNiMjE1MB4XDTIyMDEw
MTEyNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE5MGI3NDBiMzEz
NzAwMjM3Zjg2ZTRkZDRhMWM4NzEzMGRkMzEzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANH6KquICDVZ/GigvBv9FiyCLLDeS3GAcuHONS8VQR8wEKh6
Ybz4kEKKpG9jyCcdU9b4Hhbjm0zkjyPWO3sqmZS3K7MvstjFhRexHvy7Bbh96Jwd
vc8Eg4A4i3qwtLlWU0467WP52gr/zLazN+uKzabyrbpx4ARW1IA2cbJUc2sCpXkj
4ziK5c+sryF9thSh8USGtwsNC2qmyV4AcyzTTF1kDb4yPsUJ1qlR8W/1lQoJnp/6
Ku0f+6nVJWhan7PgoTUmCeaTQhR5O358q6+Xdee98Ju5t3Byda2fFUU/fjG7jbP7
QKvjCZnnsU/jOiiVFpCs9AZSJrZ+ZIFvwtchkwkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRBkLdAsxNwAjf4bk3UochxMN0xPDAfBgNVHSMEGDAWgBQlfE1hdX2kL+1D
sSIOP1lRBPyyFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pYeE5ZWFY5cENfdFE3RWlEajlaVVFUOHNoVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOWUxNjlkLTgxNzctNDAwOS04OWVhLTI3NzU2MDIzZjc2Zi8x
L1FaQzNRTE1UY0FJMy1HNU4xS0hJY1REZE1Udy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OWUxNjlkLTgxNzctNDAwOS04OWVhLTI3NzU2MDIzZjc2Zi8xL0pYeE5ZWFY5cENf
dFE3RWlEajlaVVFUOHNoVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArBi1AMEArmJjAMEBNnGwDANBAIA
AjAHAwUBKgSkUDANBgkqhkiG9w0BAQsFAAOCAQEAb3reBBoDsN6KP8u56RjUjvYD
fEKigoUyKTHpGrI6conPFgt05Gm5nMAFFp7jMb9+pTSeDkodjoszLZt6aBiNlXoK
8Q3lfZb0m6ImQjrvqlL/9Nm9dimwWchF9K90y/6aNDX6/iKSqmoxGamDb89nzFUp
EQyhgQGf0BqHvd0lOuue0c57HlE+CxoP7nbxzIa7RFU/F1XKUczmba9c3xufRacr
rSuGSJzmj92qszOGCf8a/j1l7oeCCQvlxO6VABVUMYtfB1u96165RNTgpoMXShbD
zH4B+Q84d2XCM8DBcjATOt364zB0HtBYyZ7yIf6ef21fhP1HXRvTShvCJmdhvA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-ams.rpki-client.org