Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/0qda3zP6aWS1QmMsfKtgTS_B8vw.roa
File: 0qda3zP6aWS1QmMsfKtgTS_B8vw.roa (raw, json)
Hash identifier: NDD2ZMdGd4Vw1apZklWLmjHBzI7LGvrNZrE04O9xutU=
Subject key identifier: D2:A7:5A:DF:33:FA:69:64:B5:42:63:2C:7C:AB:60:4D:2F:C1:F2:FC
Certificate issuer: /CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140
Certificate serial: 019428234024B7A87F952DFB40184DC78590
Authority key identifier: 41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/0qda3zP6aWS1QmMsfKtgTS_B8vw.roa
Signing time: Thu 02 Jan 2025 17:49:46 +0000
ROA not before: Thu 02 Jan 2025 17:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60621
IP address blocks: 185.14.196.0/22 maxlen: 22
185.14.196.0/24 maxlen: 24
185.14.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:40:24:b7:a8:7f:95:2d:fb:40:18:4d:c7:85:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140
Validity
Not Before: Jan 2 17:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2a75adf33fa6964b542632c7cab604d2fc1f2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d3:ca:ce:dd:91:e4:8f:21:7a:b9:ec:9e:b0:
52:18:b2:de:4a:a2:fd:9a:a7:b5:4a:46:20:27:26:
5c:36:59:1d:de:94:0d:92:aa:b5:e2:67:2c:d6:02:
cf:8d:ea:21:a4:2d:bb:43:9b:c7:1b:3d:2a:43:53:
f3:3c:df:90:da:2a:96:bd:ca:f4:46:13:d4:c1:cb:
9a:30:8b:2a:97:e8:12:9d:bc:d9:d7:72:33:6c:98:
3a:d2:70:8e:f3:b0:d2:d2:8c:62:fa:9f:86:71:68:
46:8d:e7:4a:57:f6:6a:24:c4:c3:ae:9f:c7:06:59:
43:e3:22:df:d7:cf:e9:66:c4:96:3a:f0:69:92:3b:
1d:e1:7f:02:f3:99:29:91:8f:31:e6:b2:db:ef:ad:
a1:04:f3:d4:b5:64:14:0a:93:a7:0b:b9:e4:a8:3d:
c2:b3:fb:02:c6:c9:c6:3e:4c:da:09:f0:47:ad:34:
44:e5:76:1c:e1:a9:81:81:66:13:a3:d1:d6:8e:1f:
81:e6:bf:36:a2:df:18:1f:79:54:fe:c5:bc:a1:42:
8c:4b:65:68:3d:07:cc:42:0e:2c:4e:b4:61:3e:65:
79:77:b0:5a:dc:27:51:9e:a2:a4:61:0e:de:b4:13:
56:18:95:e3:e8:f4:e5:25:b8:57:0d:5d:ab:8f:8b:
54:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A7:5A:DF:33:FA:69:64:B5:42:63:2C:7C:AB:60:4D:2F:C1:F2:FC
X509v3 Authority Key Identifier:
keyid:41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/0qda3zP6aWS1QmMsfKtgTS_B8vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/QT_6EGrj_ua-h7rAaoe6V-0cEUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:86:19:b1:14:35:f7:15:e1:1f:b7:13:42:99:ec:24:63:a8:
16:f2:7d:34:7f:35:6d:a1:d8:51:7e:ba:93:81:b0:99:b6:ad:
98:6e:97:e3:fe:f3:a6:cd:ea:85:f7:90:40:fe:b5:91:f6:fc:
2b:00:93:f4:79:63:6c:91:33:a5:a3:9d:1f:db:e3:ed:e2:6c:
fa:75:8b:b8:fd:18:67:d2:74:b0:f4:06:aa:0c:35:f6:a2:f1:
f2:66:cb:ed:a6:23:72:30:7c:d8:ac:21:c5:7f:6c:14:db:65:
ce:3e:92:fd:7b:ab:d9:a3:d1:84:6d:73:ba:98:93:0d:3a:09:
bd:4d:9e:f0:51:af:47:a8:7f:28:e8:44:ad:f4:3d:c7:ac:db:
ac:a5:82:d2:12:45:c1:92:8c:7e:7a:59:e8:82:7d:23:c1:5e:
ff:f3:e3:72:cf:5b:cf:6d:65:26:7b:17:a9:0e:34:81:c9:a5:
41:69:66:94:f9:f8:7e:ff:b9:6d:74:f7:17:4b:f2:9e:1e:a2:
e4:de:9c:0e:2b:cf:13:91:ce:91:e3:84:aa:67:d4:d2:fc:fc:
c0:4b:3b:df:a2:fa:25:e3:e1:34:14:b6:7b:83:fa:b4:93:13:
ff:3f:9a:54:87:f4:c3:cf:b8:78:2a:f3:6e:c2:9a:72:b6:8c:
f4:6a:d8:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI0Akt6h/lS37QBhNx4WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2ZmYTEwNmFlM2ZlZTZiZTg3YmFjMDZhODdiYTU3ZWQx
YzExNDAwHhcNMjUwMTAyMTc0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE3NWFkZjMzZmE2OTY0YjU0MjYzMmM3Y2FiNjA0ZDJmYzFmMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndPKzt2R5I8hernsnrBSGLLeSqL9
mqe1SkYgJyZcNlkd3pQNkqq14mcs1gLPjeohpC27Q5vHGz0qQ1PzPN+Q2iqWvcr0
RhPUwcuaMIsql+gSnbzZ13IzbJg60nCO87DS0oxi+p+GcWhGjedKV/ZqJMTDrp/H
BllD4yLf18/pZsSWOvBpkjsd4X8C85kpkY8x5rLb762hBPPUtWQUCpOnC7nkqD3C
s/sCxsnGPkzaCfBHrTRE5XYc4amBgWYTo9HWjh+B5r82ot8YH3lU/sW8oUKMS2Vo
PQfMQg4sTrRhPmV5d7Ba3CdRnqKkYQ7etBNWGJXj6PTlJbhXDV2rj4tUUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKnWt8z+mlktUJjLHyrYE0vwfL8MB8GA1UdIwQY
MBaAFEE/+hBq4/7mvoe6wGqHulftHBFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMt
ZmEyNmVjMzlmYWJhLzEvMHFkYTN6UDZhV1MxUW1Nc2ZLdGdUU19COHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMtZmEyNmVjMzlmYWJh
LzEvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ7EMA0G
CSqGSIb3DQEBCwUAA4IBAQCihhmxFDX3FeEftxNCmewkY6gW8n00fzVtodhRfrqT
gbCZtq2Ybpfj/vOmzeqF95BA/rWR9vwrAJP0eWNskTOlo50f2+Pt4mz6dYu4/Rhn
0nSw9AaqDDX2ovHyZsvtpiNyMHzYrCHFf2wU22XOPpL9e6vZo9GEbXO6mJMNOgm9
TZ7wUa9HqH8o6ESt9D3HrNuspYLSEkXBkox+elnogn0jwV7/8+Nyz1vPbWUmexep
DjSByaVBaWaU+fh+/7ltdPcXS/KeHqLk3pwOK88Tkc6R44SqZ9TS/PzASzvfovol
4+E0FLZ7g/q0kxP/P5pUh/TDz7h4KvNuwppytoz0athb
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:23 2025 by rpki-client