Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/Qf0cAOk73br7c02Yp4LiYn6tSvI.roa
File: Qf0cAOk73br7c02Yp4LiYn6tSvI.roa (raw, json)
Hash identifier: Uq615z1vQ76UBbAOWh8ANumqrOuVi1i2JY2ord8ybMc=
Subject key identifier: 41:FD:1C:00:E9:3B:DD:BA:FB:73:4D:98:A7:82:E2:62:7E:AD:4A:F2
Certificate issuer: /CN=23e45164c572edde5df253917cc12a2dfd398b97
Certificate serial: 01941F8C03D242C31924839722D2AEC1D5DE
Authority key identifier: 23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/Qf0cAOk73br7c02Yp4LiYn6tSvI.roa
Signing time: Wed 01 Jan 2025 01:47:37 +0000
ROA not before: Wed 01 Jan 2025 01:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35826
IP address blocks: 37.1.96.0/21 maxlen: 22
80.248.176.0/20 maxlen: 21
94.229.128.0/20 maxlen: 21
185.113.204.0/22 maxlen: 22
185.229.48.0/22 maxlen: 22
2a02:700::/32 maxlen: 32
2a0d:c600::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:03:d2:42:c3:19:24:83:97:22:d2:ae:c1:d5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e45164c572edde5df253917cc12a2dfd398b97
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41fd1c00e93bddbafb734d98a782e2627ead4af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:08:64:20:f4:85:f6:c7:b8:1e:aa:a4:0c:
22:c5:34:cc:91:41:8d:f0:4a:cf:45:d4:84:17:45:
e3:06:66:23:60:c7:01:72:37:10:94:8b:cd:95:75:
4b:a4:0d:b1:48:ca:c9:d0:45:49:75:2b:61:c9:56:
dc:64:c7:e2:71:80:55:c3:30:ee:8d:99:55:32:86:
8c:9d:d6:3f:13:14:66:12:8c:fa:58:4f:92:d1:ec:
35:56:93:4a:28:31:78:4f:76:6a:8f:5c:da:4a:7d:
7f:b7:73:9a:de:21:57:c4:31:7c:cf:0a:8d:ad:de:
cf:58:31:be:45:b6:ef:14:3d:91:6a:14:da:b6:83:
7f:ad:fa:ab:b2:9f:05:63:62:e5:a6:a3:e1:1b:77:
b9:2c:0f:a6:65:71:5f:24:75:43:90:d0:7c:79:be:
90:74:98:1b:91:9c:3a:bd:95:9c:e3:df:bc:30:a7:
8b:21:a2:af:cf:81:c9:8b:4b:84:ea:95:fd:7d:ca:
09:7b:94:27:16:83:a8:2a:a2:e1:a8:22:79:f6:3f:
91:3c:ed:c4:6f:6e:cd:07:53:cc:97:4f:91:c4:c8:
40:ed:fa:47:4e:26:7b:c8:af:86:97:e9:ab:84:9d:
a6:57:f4:77:6c:5d:ba:db:f8:05:08:70:b6:13:d1:
de:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FD:1C:00:E9:3B:DD:BA:FB:73:4D:98:A7:82:E2:62:7E:AD:4A:F2
X509v3 Authority Key Identifier:
keyid:23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/Qf0cAOk73br7c02Yp4LiYn6tSvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/I-RRZMVy7d5d8lORfMEqLf05i5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.96.0/21
80.248.176.0/20
94.229.128.0/20
185.113.204.0/22
185.229.48.0/22
IPv6:
2a02:700::/32
2a0d:c600::/29
Signature Algorithm: sha256WithRSAEncryption
8b:54:1b:01:c7:23:56:8b:a1:6c:e9:b9:63:fe:b4:94:99:66:
4b:14:45:dc:c9:26:ed:d1:14:d6:75:4b:13:47:33:5c:ac:45:
60:9d:7f:dd:74:fa:bb:2d:b7:de:10:6a:11:8d:69:53:6a:16:
97:95:ff:46:20:58:00:74:47:fd:62:47:c8:19:45:21:67:f9:
88:77:8c:97:5f:c6:64:a9:e2:da:fc:5e:98:0c:3a:53:98:8a:
40:e3:c3:19:4c:41:55:83:e5:5f:96:c6:32:c9:5d:81:b1:4f:
ff:69:07:25:15:42:3d:7a:70:40:1d:1c:88:30:ce:7c:03:44:
95:e3:56:7a:42:70:94:d9:7e:67:f7:cf:41:d6:3a:62:a9:fc:
56:9b:f4:c7:7e:87:9b:8c:ed:75:f4:c0:16:e3:61:fb:bf:cd:
5f:47:f8:60:23:d0:90:52:fd:4b:e4:c5:ec:73:cb:c3:6e:1c:
4c:02:fd:3a:75:cd:0a:83:8d:a2:a3:85:f2:de:8b:a3:24:18:
7e:cf:c6:19:00:b7:be:b6:19:e5:21:14:b2:3b:01:b9:9e:75:
ca:7a:bb:97:1a:e2:27:26:11:51:fa:d0:1c:85:ca:63:ad:7f:
9c:84:b8:12:b5:cc:fc:ce:0b:ea:28:29:9a:4c:21:6c:ac:93:
7f:06:05:a0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQfjAPSQsMZJIOXItKuwdXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTQ1MTY0YzU3MmVkZGU1ZGYyNTM5MTdjYzEyYTJkZmQz
OThiOTcwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZkMWMwMGU5M2JkZGJhZmI3MzRkOThhNzgyZTI2MjdlYWQ0YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIAIZCD0hfbHuB6qpAwixTTMkUGN
8ErPRdSEF0XjBmYjYMcBcjcQlIvNlXVLpA2xSMrJ0EVJdSthyVbcZMficYBVwzDu
jZlVMoaMndY/ExRmEoz6WE+S0ew1VpNKKDF4T3Zqj1zaSn1/t3Oa3iFXxDF8zwqN
rd7PWDG+RbbvFD2RahTatoN/rfqrsp8FY2LlpqPhG3e5LA+mZXFfJHVDkNB8eb6Q
dJgbkZw6vZWc49+8MKeLIaKvz4HJi0uE6pX9fcoJe5QnFoOoKqLhqCJ59j+RPO3E
b27NB1PMl0+RxMhA7fpHTiZ7yK+Gl+mrhJ2mV/R3bF262/gFCHC2E9HeXwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEH9HADpO926+3NNmKeC4mJ+rUryMB8GA1UdIwQY
MBaAFCPkUWTFcu3eXfJTkXzBKi39OYuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEt
NjZhYTJhMjMyMzllLzEvUWYwY0FPazczYnI3YzAyWXA0TGlZbjZ0U3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEtNjZhYTJhMjMyMzll
LzEvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJQFgAwQE
UPiwAwQEXuWAAwQCuXHMAwQCueUwMBQEAgACMA4DBQAqAgcAAwUDKg3GADANBgkq
hkiG9w0BAQsFAAOCAQEAi1QbAccjVouhbOm5Y/60lJlmSxRF3Mkm7dEU1nVLE0cz
XKxFYJ1/3XT6uy233hBqEY1pU2oWl5X/RiBYAHRH/WJHyBlFIWf5iHeMl1/GZKni
2vxemAw6U5iKQOPDGUxBVYPlX5bGMsldgbFP/2kHJRVCPXpwQB0ciDDOfANEleNW
ekJwlNl+Z/fPQdY6Yqn8Vpv0x36Hm4ztdfTAFuNh+7/NX0f4YCPQkFL9S+TF7HPL
w24cTAL9OnXNCoONoqOF8t6LoyQYfs/GGQC3vrYZ5SEUsjsBuZ51ynq7lxriJyYR
UfrQHIXKY61/nIS4ErXM/M4L6igpmkwhbKyTfwYFoA==
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:02:15 2025 by rpki-client