Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/q0Eds_oIDCgE88gdpI6r4kp33h8.roa
File: q0Eds_oIDCgE88gdpI6r4kp33h8.roa (raw, json)
Hash identifier: sqISDzfU6JYm1UcY8Gcz5wDK5BeEeTVU67gC4Pg+KUk=
Subject key identifier: AB:41:1D:B3:FA:08:0C:28:04:F3:C8:1D:A4:8E:AB:E2:4A:77:DE:1F
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01942369032DA1C9EF2E956CF77C8D8BAE7B
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/q0Eds_oIDCgE88gdpI6r4kp33h8.roa
Signing time: Wed 01 Jan 2025 19:47:52 +0000
ROA not before: Wed 01 Jan 2025 19:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201071
IP address blocks: 92.249.5.0/24 maxlen: 24
217.147.120.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.122.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:03:2d:a1:c9:ef:2e:95:6c:f7:7c:8d:8b:ae:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 19:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab411db3fa080c2804f3c81da48eabe24a77de1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:95:36:2c:3e:cc:18:de:46:41:81:ca:82:
b2:7a:e8:a0:77:4b:38:61:d1:31:00:52:af:c9:4f:
f8:a5:3f:5e:d2:53:ff:39:2e:3d:a8:55:2d:c1:a4:
c1:06:b3:83:1f:c7:51:eb:f4:24:67:80:cb:a0:25:
c3:66:c9:d3:e9:9e:c2:b6:cf:7d:1c:f0:aa:3d:d4:
fe:c3:c2:af:1b:c1:45:9c:99:f3:ab:e3:5e:b1:4c:
d2:ed:d1:5c:93:3b:a2:d9:dc:46:b3:05:32:b5:58:
e0:cf:ae:b2:c3:93:85:b8:e9:36:50:9b:0b:9a:31:
fa:d6:cb:58:82:df:ab:26:25:2f:7c:0a:78:59:9d:
1a:cc:f4:d1:22:c2:76:aa:bc:60:b2:50:a4:1f:b4:
6c:3b:b7:55:c7:ad:b7:6c:46:2a:55:f1:b6:fc:b4:
c4:a7:65:1a:50:c6:23:ba:0c:25:36:16:c1:c6:44:
53:57:04:50:f3:b9:97:76:68:6b:77:62:ca:a7:58:
e4:14:42:06:e8:5c:5f:a0:80:23:c1:83:c4:a9:8f:
0f:d4:d8:52:9b:cf:c0:8c:58:64:99:85:f6:9d:2e:
c3:23:bc:95:0c:33:f1:b7:3a:43:6f:b0:aa:f3:d1:
9f:4a:f6:d7:4d:c9:28:14:af:b0:a8:ce:6d:f3:5b:
21:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:41:1D:B3:FA:08:0C:28:04:F3:C8:1D:A4:8E:AB:E2:4A:77:DE:1F
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/q0Eds_oIDCgE88gdpI6r4kp33h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.120.0-217.147.122.255
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:46:7e:de:d3:48:0b:18:03:1a:47:1a:84:45:5b:6a:10:24:
34:dc:e6:a9:44:06:8c:4f:98:41:8a:22:33:1d:5f:cc:1a:53:
1d:ba:a2:3c:af:ce:23:94:93:82:10:b7:c6:6f:9f:a8:0a:6d:
e8:9b:aa:c4:e3:76:c0:0c:20:12:1e:46:10:09:ce:64:81:23:
dd:09:2f:01:8c:a8:5a:f2:2f:6b:67:42:09:f1:9c:6a:bb:86:
ee:13:4b:ba:33:06:0f:fa:3b:2f:7b:c5:b1:76:1a:d9:f2:0d:
94:55:a6:82:c6:cd:2c:53:ed:41:42:cf:41:1d:35:12:8c:d7:
5d:fb:a1:f1:0a:bd:9b:eb:c0:c3:40:91:20:78:ce:7e:dc:9d:
05:00:59:4a:c5:1c:12:69:94:5c:3a:1a:e1:fc:4d:4c:24:61:
fd:3c:0d:21:8a:5d:e6:ec:3c:e2:8c:a4:1b:3e:4f:10:b7:a7:
6b:50:1c:85:12:d0:13:76:58:14:dc:b9:98:06:90:d0:ef:d9:
e1:ed:a0:08:61:82:23:3a:40:e4:2d:21:d2:8b:d0:10:80:a3:
bb:e0:fe:ed:47:00:53:41:5f:90:7b:fa:f2:2c:3e:89:b3:1b:
d0:34:f6:71:dc:88:f8:53:53:1e:3a:67:6a:46:28:13:3a:5c:
58:5c:db:6d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQjaQMtocnvLpVs93yNi657MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjUwMTAxMTk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQxMWRiM2ZhMDgwYzI4MDRmM2M4MWRhNDhlYWJlMjRhNzdkZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxziVNiw+zBjeRkGByoKyeuigd0s4
YdExAFKvyU/4pT9e0lP/OS49qFUtwaTBBrODH8dR6/QkZ4DLoCXDZsnT6Z7Cts99
HPCqPdT+w8KvG8FFnJnzq+NesUzS7dFckzui2dxGswUytVjgz66yw5OFuOk2UJsL
mjH61stYgt+rJiUvfAp4WZ0azPTRIsJ2qrxgslCkH7RsO7dVx623bEYqVfG2/LTE
p2UaUMYjugwlNhbBxkRTVwRQ87mXdmhrd2LKp1jkFEIG6FxfoIAjwYPEqY8P1NhS
m8/AjFhkmYX2nS7DI7yVDDPxtzpDb7Cq89GfSvbXTckoFK+wqM5t81shxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKtBHbP6CAwoBPPIHaSOq+JKd94fMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEvcTBFZHNfb0lEQ2dFODhnZHBJNnI0a3AzM2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXPkFMAwD
BAPZk3gDBADZk3oDBALZk3wwDQYJKoZIhvcNAQELBQADggEBALZGft7TSAsYAxpH
GoRFW2oQJDTc5qlEBoxPmEGKIjMdX8waUx26ojyvziOUk4IQt8Zvn6gKbeibqsTj
dsAMIBIeRhAJzmSBI90JLwGMqFryL2tnQgnxnGq7hu4TS7ozBg/6Oy97xbF2Gtny
DZRVpoLGzSxT7UFCz0EdNRKM1137ofEKvZvrwMNAkSB4zn7cnQUAWUrFHBJplFw6
GuH8TUwkYf08DSGKXebsPOKMpBs+TxC3p2tQHIUS0BN2WBTcuZgGkNDv2eHtoAhh
giM6QOQtIdKL0BCAo7vg/u1HAFNBX5B7+vIsPomzG9A09nHciPhTUx46Z2pGKBM6
XFhc220=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:48:09 2025 by rpki-client