Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/QePjCCFm1FINIQleulFli9B8Eok.roa
File: QePjCCFm1FINIQleulFli9B8Eok.roa (raw, json)
Hash identifier: /guHrTHyVfudxkCaMQP2S3B+Z/m09hjKdZNM8RCBhu8=
Subject key identifier: 41:E3:E3:08:21:66:D4:52:0D:21:09:5E:BA:51:65:8B:D0:7C:12:89
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 019570ED39605885BC9F40EC645689963A10
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/QePjCCFm1FINIQleulFli9B8Eok.roa
Signing time: Fri 07 Mar 2025 14:05:49 +0000
ROA not before: Fri 07 Mar 2025 14:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207990
IP address blocks: 91.132.114.0/23 maxlen: 32
91.199.253.0/24 maxlen: 24
103.240.180.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
213.217.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:ed:39:60:58:85:bc:9f:40:ec:64:56:89:96:3a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Mar 7 14:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e3e3082166d4520d21095eba51658bd07c1289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6d:c1:ac:25:d2:54:c7:2e:5a:29:be:3e:40:
01:ec:be:7f:95:13:7e:07:2c:7a:18:60:cc:dc:7e:
5f:91:35:79:58:b2:5e:45:b4:8a:e3:4c:a2:37:c8:
13:35:01:7b:18:08:ad:69:4a:1a:67:ea:11:38:07:
15:a6:c8:fe:77:af:ee:ac:a8:36:55:8c:69:a8:39:
e0:3e:01:cd:b8:a7:fc:72:be:b6:de:cf:3f:d0:55:
f4:d5:47:26:db:55:61:45:f2:cc:82:a0:9b:a0:8e:
08:64:51:b7:31:14:9d:b5:b5:4b:5b:67:ba:3c:72:
7b:ca:a2:65:6c:cd:57:f8:3a:2f:a8:91:e9:58:ae:
87:0d:58:37:8a:e7:b2:2a:a1:47:bd:5c:cd:49:9b:
d9:38:c8:69:95:75:d8:7b:89:4c:07:cd:b9:64:b1:
0e:04:e6:e6:53:da:c4:3d:ac:28:8f:35:3a:12:0f:
32:47:00:b8:2d:e4:a1:15:e4:fd:83:24:1b:5c:45:
68:ea:9d:63:26:ce:ef:a4:91:6e:a9:cf:63:68:97:
c2:63:5c:2c:72:c8:8d:04:e7:52:0b:6d:fc:58:5d:
c3:1e:ab:40:61:0c:12:af:1f:3d:35:06:b3:87:1e:
70:8d:2d:7e:7b:3f:55:49:7f:2a:51:f0:6b:d3:1b:
3d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E3:E3:08:21:66:D4:52:0D:21:09:5E:BA:51:65:8B:D0:7C:12:89
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/QePjCCFm1FINIQleulFli9B8Eok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.114.0/23
91.199.253.0/24
103.240.180.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
213.217.10.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:39:1c:21:00:63:04:9b:b4:21:ea:b2:af:01:ca:20:8d:9a:
c9:af:74:e3:aa:7f:fb:df:68:d3:be:51:3b:9b:7c:a8:0d:55:
9c:c7:e8:b5:e0:5e:13:41:c1:e9:9d:e1:1d:c5:be:39:0c:21:
b7:df:47:a7:10:2e:a9:cc:64:5b:2f:14:b7:a2:3a:ae:f3:bb:
d7:04:25:c3:46:c1:00:3c:f1:b7:5f:ed:dc:ad:db:3d:93:1e:
f8:e5:89:43:4a:c0:e8:7b:a1:57:21:35:6f:eb:d8:17:97:bd:
e2:a1:12:23:3a:95:5f:52:89:ad:b1:8e:81:6f:e6:6a:92:cd:
de:a0:90:64:c1:16:fc:f8:15:bc:55:ee:5e:75:0f:96:11:b5:
6d:6c:30:33:af:d2:d8:72:41:cb:7a:9a:64:45:78:36:59:20:
ff:5a:85:b7:7f:14:65:63:70:a4:2f:f9:96:4e:c8:1b:22:a5:
2e:6d:f3:99:51:41:dc:0c:05:60:fd:cd:c0:82:64:dc:13:13:
cf:d4:19:59:75:9f:cd:df:ba:1d:a0:13:da:36:3a:a1:c4:85:
12:47:f5:45:40:f0:9f:e2:93:6e:96:3f:d0:f2:ba:07:68:17:
5f:fc:c6:8a:73:a5:f0:1a:1a:f1:af:0e:bd:b2:d7:8d:94:47:
5d:90:55:6b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZVw7TlgWIW8n0DsZFaJljoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjUwMzA3MTQwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUzZTMwODIxNjZkNDUyMGQyMTA5NWViYTUxNjU4YmQwN2MxMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW3BrCXSVMcuWim+PkAB7L5/lRN+
Byx6GGDM3H5fkTV5WLJeRbSK40yiN8gTNQF7GAitaUoaZ+oROAcVpsj+d6/urKg2
VYxpqDngPgHNuKf8cr623s8/0FX01Ucm21VhRfLMgqCboI4IZFG3MRSdtbVLW2e6
PHJ7yqJlbM1X+DovqJHpWK6HDVg3iueyKqFHvVzNSZvZOMhplXXYe4lMB825ZLEO
BObmU9rEPawojzU6Eg8yRwC4LeShFeT9gyQbXEVo6p1jJs7vpJFuqc9jaJfCY1ws
csiNBOdSC238WF3DHqtAYQwSrx89NQazhx5wjS1+ez9VSX8qUfBr0xs9+QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEHj4wghZtRSDSEJXrpRZYvQfBKJMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvUWVQakNDRm0xRklOSVFsZXVsRmxpOUI4RW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBW4RyAwQA
W8f9AwQCZ/C0AwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztAwQA1dkKMA0GCSqGSIb3
DQEBCwUAA4IBAQAfORwhAGMEm7Qh6rKvAcogjZrJr3Tjqn/732jTvlE7m3yoDVWc
x+i14F4TQcHpneEdxb45DCG330enEC6pzGRbLxS3ojqu87vXBCXDRsEAPPG3X+3c
rds9kx745YlDSsDoe6FXITVv69gXl73ioRIjOpVfUomtsY6Bb+Zqks3eoJBkwRb8
+BW8Ve5edQ+WEbVtbDAzr9LYckHLeppkRXg2WSD/WoW3fxRlY3CkL/mWTsgbIqUu
bfOZUUHcDAVg/c3AgmTcExPP1BlZdZ/N37odoBPaNjqhxIUSR/VFQPCf4pNulj/Q
8roHaBdf/MaKc6XwGhrxrw69steNlEddkFVr
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:10:09 2025 by rpki-client