Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/QV_KHSRk0F1p49xmdU8Cjw9F95k.roa
File: QV_KHSRk0F1p49xmdU8Cjw9F95k.roa (raw, json)
Hash identifier: bXFoeKrbp3I/mSHJx/SNzgxE/ZuKpJd2GAhpkwSz+z4=
Subject key identifier: 41:5F:CA:1D:24:64:D0:5D:69:E3:DC:66:75:4F:02:8F:0F:45:F7:99
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 01942143FFC5A37E8A205D296DCC93248571
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/QV_KHSRk0F1p49xmdU8Cjw9F95k.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142146
IP address blocks: 185.191.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ff:c5:a3:7e:8a:20:5d:29:6d:cc:93:24:85:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=415fca1d2464d05d69e3dc66754f028f0f45f799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:45:a2:4d:25:f6:dc:2d:c1:42:d9:d8:b5:17:
a1:58:18:d1:96:32:73:65:b4:15:ec:71:37:0f:ac:
2b:c9:73:80:fa:f5:44:48:2e:7f:05:27:2a:9c:48:
03:3e:a5:b3:14:6c:b3:a5:b7:65:58:b1:1f:d7:28:
43:f0:76:77:57:45:1a:65:bc:6c:cc:0e:50:ec:68:
fb:25:c8:1c:d6:bf:51:9c:54:b2:65:83:ee:10:cc:
b6:40:72:2d:e5:e7:d7:65:c3:16:49:1d:0a:a0:c1:
c2:d5:23:42:e2:d7:1a:66:ae:b5:e1:cf:d7:df:69:
74:d7:03:7d:40:50:9b:ee:f9:63:1e:0c:34:38:0a:
ae:40:39:25:ff:70:26:df:a0:1e:86:d8:59:ad:11:
f8:d0:56:bb:80:a7:05:e5:49:e1:6b:5f:7e:d5:24:
53:1f:bc:e6:e3:94:49:9c:72:e2:82:f8:2f:fa:ea:
03:ee:f6:c7:45:19:fa:de:46:cb:d9:57:8f:cb:09:
be:06:64:02:ab:f6:25:02:55:06:fe:48:01:e6:7e:
9f:21:b9:40:8f:ac:61:94:a5:f3:ff:d9:6a:6a:ba:
d8:8b:db:50:62:18:e5:fd:0e:c3:96:4e:07:7e:72:
d5:01:c6:2e:ed:d5:68:61:37:26:58:ef:3f:46:e9:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5F:CA:1D:24:64:D0:5D:69:E3:DC:66:75:4F:02:8F:0F:45:F7:99
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/QV_KHSRk0F1p49xmdU8Cjw9F95k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.145.0/24
Signature Algorithm: sha256WithRSAEncryption
80:24:ce:be:ac:41:c0:24:2c:f3:20:9f:dc:77:84:aa:c7:5e:
d8:42:e6:62:dc:1f:36:04:be:39:dd:d2:58:48:8f:cd:a4:11:
f0:17:6e:56:db:a4:a5:e7:d4:15:10:c5:5a:d3:cf:a8:bb:36:
44:88:23:24:0a:eb:67:1a:e8:b4:14:12:c7:fd:bd:09:88:d4:
39:50:e6:ed:bc:16:40:5c:92:aa:bb:0b:7e:3b:a3:9f:4a:36:
f5:9f:30:4e:2d:80:34:99:e0:0a:45:1a:54:95:3b:88:2b:18:
91:c6:de:1f:bc:58:29:2d:45:f9:cf:12:98:e2:77:4d:35:0d:
48:a7:02:6d:af:1f:e7:f7:c1:2c:d7:6d:7c:68:b8:e5:14:80:
90:c0:fe:80:73:bf:5b:9c:15:d1:1c:77:6a:a5:8a:2b:a6:b4:
8b:eb:bb:e3:ce:b1:c1:2a:71:ad:5e:09:52:3a:64:1d:d0:ab:
48:24:6b:b1:6d:a9:9d:37:94:66:84:1a:91:12:96:c9:1a:69:
b3:4a:58:69:e3:1b:03:3f:20:67:c9:87:c0:9b:e9:6f:74:a7:
0c:60:57:0c:ea:ab:90:b4:58:16:df:38:b0:ef:78:3b:ac:9d:
e1:2b:a4:03:25:57:9d:23:23:4d:b9:d5:37:55:11:96:2a:c9:
d2:67:d6:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ//Fo36KIF0pbcyTJIVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVmY2ExZDI0NjRkMDVkNjllM2RjNjY3NTRmMDI4ZjBmNDVmNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0WiTSX23C3BQtnYtRehWBjRljJz
ZbQV7HE3D6wryXOA+vVESC5/BScqnEgDPqWzFGyzpbdlWLEf1yhD8HZ3V0UaZbxs
zA5Q7Gj7Jcgc1r9RnFSyZYPuEMy2QHIt5efXZcMWSR0KoMHC1SNC4tcaZq614c/X
32l01wN9QFCb7vljHgw0OAquQDkl/3Am36AehthZrRH40Fa7gKcF5Unha19+1SRT
H7zm45RJnHLigvgv+uoD7vbHRRn63kbL2VePywm+BmQCq/YlAlUG/kgB5n6fIblA
j6xhlKXz/9lqarrYi9tQYhjl/Q7Dlk4HfnLVAcYu7dVoYTcmWO8/Ruk4AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFfyh0kZNBdaePcZnVPAo8PRfeZMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvUVZfS0hTUmswRjFwNDl4bWRVOENqdzlGOTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQCAJM6+rEHAJCzzIJ/cd4Sqx17YQuZi3B82BL453dJY
SI/NpBHwF25W26Sl59QVEMVa08+ouzZEiCMkCutnGui0FBLH/b0JiNQ5UObtvBZA
XJKquwt+O6OfSjb1nzBOLYA0meAKRRpUlTuIKxiRxt4fvFgpLUX5zxKY4ndNNQ1I
pwJtrx/n98Es1218aLjlFICQwP6Ac79bnBXRHHdqpYorprSL67vjzrHBKnGtXglS
OmQd0KtIJGuxbamdN5RmhBqREpbJGmmzSlhp4xsDPyBnyYfAm+lvdKcMYFcM6quQ
tFgW3ziw73g7rJ3hK6QDJVedIyNNudU3VRGWKsnSZ9Zm
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:23:26 2025 by rpki-client