Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q-Oa70178e1SsQKvp2A_J3wu8T4.roa
File: Q-Oa70178e1SsQKvp2A_J3wu8T4.roa (raw, json)
Hash identifier: 6ls0y2fThHQpd9oaBiVUm8RC4lc65bix7sTlYI4iLho=
Subject key identifier: 43:E3:9A:EF:4D:7B:F1:ED:52:B1:02:AF:A7:60:3F:27:7C:2E:F1:3E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018D88C9631A3CEFEECC1510F9839C1302C4
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q-Oa70178e1SsQKvp2A_J3wu8T4.roa
Signing time: Thu 08 Feb 2024 12:55:15 +0000
ROA not before: Thu 08 Feb 2024 12:55:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 23
194.132.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:c9:63:1a:3c:ef:ee:cc:15:10:f9:83:9c:13:02:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 8 12:55:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43e39aef4d7bf1ed52b102afa7603f277c2ef13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:54:52:6b:c5:0b:a4:c7:09:b4:4c:ee:84:ba:
d6:95:9d:f8:f8:9b:3e:70:78:ff:10:36:c9:09:f9:
54:4f:96:63:60:f6:44:ad:66:7c:dd:3c:fe:8f:4e:
ac:59:86:cd:98:e8:5b:59:70:5d:ce:00:ec:4b:e1:
f4:75:1b:5a:34:99:d5:3b:bd:7f:62:e6:68:db:82:
ab:7e:98:ae:a6:f1:72:5c:be:24:7d:4f:b0:e3:61:
ca:e5:26:0e:b4:e0:40:c7:8c:0e:3e:cc:15:22:e9:
e7:25:f8:bd:f4:6c:83:b8:8b:83:1f:00:8a:21:23:
13:ac:6d:6c:51:ef:60:b8:0d:a0:75:d2:7d:a5:5b:
6c:98:8d:08:08:f4:a3:a3:a2:4b:dd:35:e7:6a:37:
79:f8:69:ec:61:15:9e:87:30:3e:18:ba:12:7e:db:
c4:5b:77:76:66:18:eb:81:be:d4:20:b5:51:1f:4a:
77:80:00:a0:1a:57:c8:ac:64:85:95:77:eb:cc:9d:
5a:bc:ae:fa:c4:b3:2c:1d:71:0b:1a:63:8c:63:d2:
a8:7e:88:1c:b4:56:6d:5c:42:92:3f:f4:b9:b3:dc:
01:1d:1a:bd:f3:92:10:e0:8f:5b:13:8c:a7:a5:c7:
9e:01:80:50:42:a8:9e:50:c0:08:0e:9c:5b:62:18:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:9A:EF:4D:7B:F1:ED:52:B1:02:AF:A7:60:3F:27:7C:2E:F1:3E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q-Oa70178e1SsQKvp2A_J3wu8T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/24
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:e8:d4:22:73:58:c0:d6:5c:92:39:ad:f2:15:e4:4d:7e:18:
1b:90:e3:9b:99:72:71:60:72:46:10:65:0a:28:b4:24:19:4d:
27:6a:2e:54:61:4f:4e:f6:66:2d:03:af:f0:84:c7:f2:cd:0b:
87:4f:e1:83:16:00:de:d4:4a:8d:5a:54:01:19:46:93:ed:c7:
9e:aa:48:68:7d:70:3e:6f:b1:47:07:a1:d6:38:5e:0e:35:9f:
79:ae:2c:94:7b:b7:98:f2:43:b9:e8:3f:f0:7e:21:c0:18:79:
92:98:39:78:9c:16:2e:d0:e9:d9:47:9e:e5:d6:cf:ad:54:14:
53:98:51:21:c0:89:2a:43:93:26:14:7a:04:69:be:54:2a:d8:
73:cc:56:76:c0:27:16:57:33:83:cc:b1:0a:0b:a9:91:06:a6:
c9:8f:bb:b4:66:ad:a5:ed:52:a5:35:e4:36:4a:46:6a:ce:ac:
49:87:fb:8c:f3:b3:bf:12:83:33:1c:2e:23:7a:55:58:b8:44:
8e:05:46:12:b0:49:92:43:c8:47:63:bb:1e:2c:3b:b2:02:c1:
0f:db:7e:90:a2:e0:1d:6f:49:09:15:78:c5:ff:c2:dc:d2:d0:
92:d3:6d:9c:a3:d4:35:dc:45:d8:37:97:2b:91:da:77:ce:99:
5c:4d:1c:96
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY2IyWMaPO/uzBUQ+YOcEwLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjA4MTI1NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UzOWFlZjRkN2JmMWVkNTJiMTAyYWZhNzYwM2YyNzdjMmVmMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFRSa8ULpMcJtEzuhLrWlZ34+Js+
cHj/EDbJCflUT5ZjYPZErWZ83Tz+j06sWYbNmOhbWXBdzgDsS+H0dRtaNJnVO71/
YuZo24KrfpiupvFyXL4kfU+w42HK5SYOtOBAx4wOPswVIunnJfi99GyDuIuDHwCK
ISMTrG1sUe9guA2gddJ9pVtsmI0ICPSjo6JL3TXnajd5+GnsYRWehzA+GLoSftvE
W3d2Zhjrgb7UILVRH0p3gACgGlfIrGSFlXfrzJ1avK76xLMsHXELGmOMY9Kofogc
tFZtXEKSP/S5s9wBHRq985IQ4I9bE4ynpceeAYBQQqieUMAIDpxbYhhcSQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFEPjmu9Ne/HtUrECr6dgPyd8LvE+MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUS1PYTcwMTc4ZTFTc1FLdnAyQV9KM3d1OFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBADA
JCUDBADARwUDBADARygDBADAR2EDBADAR54DBADAeWUDBADAeawDBADAecADBADA
pUEDBADApVYDBADAsKEDBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHB
t1wDBADBt2gDBADBt3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBAHCRDgDBADC
RGMDBADCRH4DBADCRxsDBADCR1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwDBADC
hK4wDQYJKoZIhvcNAQELBQADggEBAG7o1CJzWMDWXJI5rfIV5E1+GBuQ45uZcnFg
ckYQZQootCQZTSdqLlRhT072Zi0Dr/CEx/LNC4dP4YMWAN7USo1aVAEZRpPtx56q
SGh9cD5vsUcHodY4Xg41n3muLJR7t5jyQ7noP/B+IcAYeZKYOXicFi7Q6dlHnuXW
z61UFFOYUSHAiSpDkyYUegRpvlQq2HPMVnbAJxZXM4PMsQoLqZEGpsmPu7RmraXt
UqU15DZKRmrOrEmH+4zzs78SgzMcLiN6VVi4RI4FRhKwSZJDyEdjux4sO7ICwQ/b
fpCi4B1vSQkVeMX/wtzS0JLTbZyj1DXcRdg3lyuR2nfOmVxNHJY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:59 2025 by rpki-client