Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/QSxGBmqZalE-aKQ14SSsflBRve4.roa
File: QSxGBmqZalE-aKQ14SSsflBRve4.roa (raw, json)
Hash identifier: DecTle3e/x6AnMazncTygb5zw3uC46m0/TyUkkLXoiE=
Subject key identifier: 41:2C:46:06:6A:99:6A:51:3E:68:A4:35:E1:24:AC:7E:50:51:BD:EE
Certificate issuer: /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial: 0194264386E963CF4846553DC79D5B09D6DB
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/QSxGBmqZalE-aKQ14SSsflBRve4.roa
Signing time: Thu 02 Jan 2025 09:05:47 +0000
ROA not before: Thu 02 Jan 2025 09:05:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199366
IP address blocks: 2.56.60.0/24 maxlen: 24
2.56.61.0/24 maxlen: 24
2.56.62.0/24 maxlen: 24
185.19.92.0/24 maxlen: 24
185.19.93.0/24 maxlen: 24
185.19.94.0/24 maxlen: 24
185.19.95.0/24 maxlen: 24
185.59.28.0/24 maxlen: 24
185.59.30.0/24 maxlen: 24
185.59.31.0/24 maxlen: 24
185.114.193.0/24 maxlen: 24
185.114.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:43:86:e9:63:cf:48:46:55:3d:c7:9d:5b:09:d6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Validity
Not Before: Jan 2 09:05:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=412c46066a996a513e68a435e124ac7e5051bdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0c:38:41:93:f6:aa:c8:9c:c5:26:69:2f:99:
e2:c7:3b:c0:a2:d0:41:86:66:8b:2b:0b:5d:6a:72:
c3:4a:e0:e7:64:4c:6c:a1:f2:b0:4d:d8:04:ec:0c:
3d:86:c8:80:64:20:e8:8f:09:a7:cf:8c:c5:66:3a:
95:4f:21:1a:6d:c4:d6:11:bd:67:98:de:01:4e:48:
6c:7a:19:d2:69:fc:ce:b9:ab:29:0e:a1:b1:82:44:
5a:57:42:7b:9e:6a:f3:ba:00:bc:63:48:81:a6:c6:
b3:7d:b9:8e:82:a5:a3:68:a6:54:48:bb:95:40:b2:
1f:19:01:01:40:34:68:36:e7:88:32:2d:6b:9b:75:
fd:1f:97:f5:bf:b0:fd:aa:54:95:a0:3b:ad:41:c2:
aa:e3:e8:b6:5b:57:ad:a4:70:49:0f:93:b6:e4:b1:
67:fd:2b:ba:b0:57:a2:d6:25:f0:14:0d:b5:43:2f:
9a:ca:e3:36:36:1c:5d:b1:6f:fa:90:d2:c9:04:82:
97:d3:93:9e:f6:2c:ab:cf:4c:0c:be:44:68:26:f4:
1c:34:12:0a:fd:96:dc:41:3d:7e:ed:e8:4f:02:82:
81:84:19:00:43:14:9f:06:85:19:c4:90:29:e1:5f:
4b:1a:3b:95:b1:95:10:06:40:1e:23:ec:03:9b:59:
b4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2C:46:06:6A:99:6A:51:3E:68:A4:35:E1:24:AC:7E:50:51:BD:EE
X509v3 Authority Key Identifier:
keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/QSxGBmqZalE-aKQ14SSsflBRve4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.60.0-2.56.62.255
185.19.92.0/22
185.59.28.0/24
185.59.30.0/23
185.114.193.0/24
185.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
60:07:4e:cb:e5:19:f9:67:ac:d0:00:0e:6e:41:5b:70:ea:88:
06:44:fe:2b:78:65:ef:e7:6e:30:b4:1d:05:07:6d:db:9d:9d:
4f:d6:69:ed:2d:20:62:2d:48:af:7e:e0:4e:42:79:ec:a3:e8:
b6:a5:ee:b0:27:3d:22:a0:a4:22:3e:40:af:b3:5e:ee:85:5e:
ce:0b:01:7e:f9:26:d8:77:37:75:b2:23:cb:81:06:75:6b:7a:
9d:59:9c:b8:36:54:09:91:66:1d:a4:16:25:6d:5d:98:e0:39:
a8:01:80:c5:a5:d1:20:ba:99:75:ce:83:6f:f6:df:98:8c:08:
19:56:c2:43:98:df:80:bc:a2:2e:87:1d:0a:a7:d3:9f:ab:3b:
29:be:65:b8:b5:bd:f0:f4:8f:f9:51:82:6a:b1:95:75:d8:2d:
e8:2c:12:70:46:f9:20:43:40:a3:c3:11:33:92:29:96:dc:73:
ab:6e:25:64:f2:5b:96:75:cc:dc:d3:0f:76:cd:ae:31:c9:0c:
5e:92:7a:1f:f2:f8:19:b5:20:bd:f1:38:c3:1b:fb:ba:e3:19:
ff:85:01:3c:5c:83:c1:52:6a:6a:75:2a:1e:53:64:ac:c6:ed:
88:74:57:cc:0d:52:27:27:93:81:39:5b:0e:a2:b0:a9:ee:bf:
90:71:cf:8e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQmQ4bpY89IRlU9x51bCdbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjllZTY2MTY0ZDNjYjQxZGJkMmRmNTQxNzgxN2MzMmY0
Y2VhMDUwHhcNMjUwMTAyMDkwNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJjNDYwNjZhOTk2YTUxM2U2OGE0MzVlMTI0YWM3ZTUwNTFiZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgw4QZP2qsicxSZpL5nixzvAotBB
hmaLKwtdanLDSuDnZExsofKwTdgE7Aw9hsiAZCDojwmnz4zFZjqVTyEabcTWEb1n
mN4BTkhsehnSafzOuaspDqGxgkRaV0J7nmrzugC8Y0iBpsazfbmOgqWjaKZUSLuV
QLIfGQEBQDRoNueIMi1rm3X9H5f1v7D9qlSVoDutQcKq4+i2W1etpHBJD5O25LFn
/Su6sFei1iXwFA21Qy+ayuM2NhxdsW/6kNLJBIKX05Oe9iyrz0wMvkRoJvQcNBIK
/ZbcQT1+7ehPAoKBhBkAQxSfBoUZxJAp4V9LGjuVsZUQBkAeI+wDm1m0UQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEEsRgZqmWpRPmikNeEkrH5QUb3uMB8GA1UdIwQY
MBaAFLhp7mYWTTy0Hb0t9UF4F8MvTOoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODkt
Y2QxZmE0ODQ0MTFiLzEvUVN4R0JtcVphbEUtYUtRMTRTU3NmbEJSdmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODktY2QxZmE0ODQ0MTFi
LzEvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAICODwD
BAACOD4DBAK5E1wDBAC5OxwDBAG5Ox4DBAC5csEDBAC5csMwDQYJKoZIhvcNAQEL
BQADggEBAGAHTsvlGflnrNAADm5BW3DqiAZE/it4Ze/nbjC0HQUHbdudnU/Wae0t
IGItSK9+4E5Ceeyj6Lal7rAnPSKgpCI+QK+zXu6FXs4LAX75Jth3N3WyI8uBBnVr
ep1ZnLg2VAmRZh2kFiVtXZjgOagBgMWl0SC6mXXOg2/235iMCBlWwkOY34C8oi6H
HQqn05+rOym+Zbi1vfD0j/lRgmqxlXXYLegsEnBG+SBDQKPDETOSKZbcc6tuJWTy
W5Z1zNzTD3bNrjHJDF6Seh/y+Bm1IL3xOMMb+7rjGf+FATxcg8FSamp1Kh5TZKzG
7Yh0V8wNUicnk4E5Ww6isKnuv5Bxz44=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:40 2025 by rpki-client