Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QT_qUTzCkxYFuS5r2ZX9llrw_bk.roa
File: QT_qUTzCkxYFuS5r2ZX9llrw_bk.roa (raw, json)
Hash identifier: +GQl8UYJs+2wM7Oeg+U9B83A7OCLbT+DjgV52FZWUuQ=
Subject key identifier: 41:3F:EA:51:3C:C2:93:16:05:B9:2E:6B:D9:95:FD:96:5A:F0:FD:B9
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01884A0336724BBC8337C69927C94675AF54
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QT_qUTzCkxYFuS5r2ZX9llrw_bk.roa
Signing time: Tue 23 May 2023 19:08:24 +0000
ROA not before: Tue 23 May 2023 19:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60118
IP address blocks: 176.126.252.0/22 maxlen: 22
185.233.149.0/24 maxlen: 24
185.233.148.0/24 maxlen: 24
185.57.83.0/24 maxlen: 24
185.57.82.0/24 maxlen: 24
185.57.80.0/24 maxlen: 24
185.57.81.0/24 maxlen: 24
176.126.236.0/22 maxlen: 22
2a02:59e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4a:03:36:72:4b:bc:83:37:c6:99:27:c9:46:75:af:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: May 23 19:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=413fea513cc2931605b92e6bd995fd965af0fdb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a6:4a:c2:1a:12:d1:f4:46:77:c6:90:34:f8:
f0:d0:1c:c4:b9:67:e4:c6:a3:82:06:f4:37:c8:b5:
cb:72:48:0b:b9:0f:04:c8:34:29:8a:f2:21:f8:b8:
5e:e1:25:a5:bb:96:e5:11:64:2f:4a:84:7b:6b:cc:
3f:ab:93:20:53:67:89:b3:1e:43:c5:eb:ef:74:35:
8d:15:b8:67:18:31:25:c6:0b:a0:51:09:3e:79:c3:
5f:aa:da:4d:f8:c9:78:6f:4a:50:ce:93:c3:49:5e:
71:8d:04:04:2c:56:9f:b2:e6:a7:08:21:b1:32:c6:
41:4e:3c:ca:b0:2f:78:c7:ed:2f:85:5b:c7:c6:62:
74:35:bb:3a:f5:64:d6:de:42:6a:f4:16:69:4e:b0:
1c:1e:c0:fc:e5:57:b7:64:2c:24:f9:0a:ba:6c:de:
e9:03:e8:54:c3:ad:d4:da:35:6b:6f:89:2a:de:1c:
75:49:21:3b:43:dd:b7:36:98:80:e6:26:f5:3b:c9:
36:55:00:bd:5d:12:f8:15:da:6f:73:e8:7b:d9:ed:
e9:c4:3b:f1:5b:a2:bb:47:10:33:f0:bc:56:71:08:
06:c7:8e:6e:05:bf:d6:a2:85:f5:97:97:23:65:8a:
19:2f:87:f3:50:ec:75:58:d4:b5:b4:41:97:2c:53:
7f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3F:EA:51:3C:C2:93:16:05:B9:2E:6B:D9:95:FD:96:5A:F0:FD:B9
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QT_qUTzCkxYFuS5r2ZX9llrw_bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.236.0/22
176.126.252.0/22
185.57.80.0/22
185.233.148.0/23
IPv6:
2a02:59e0::/48
Signature Algorithm: sha256WithRSAEncryption
70:bd:22:ba:00:b6:93:00:08:f8:3b:6c:e6:75:98:fa:67:a1:
bf:a1:3b:c7:d1:7d:e8:e4:88:b3:c1:b9:13:58:bf:c5:9f:89:
a8:ef:74:74:ce:73:aa:5d:eb:3d:5a:cf:fb:f2:f3:9d:c0:e6:
3a:d8:64:36:66:70:4e:16:ec:79:db:a7:b1:9e:3f:26:f4:bf:
1e:f6:e0:26:65:a4:fe:e1:71:78:29:df:d0:83:bb:76:e4:50:
23:b8:57:34:08:b3:68:9d:68:20:ee:2e:00:44:cf:6f:7c:d7:
73:c3:49:18:fb:bd:14:62:5b:59:83:5c:99:5b:df:63:48:94:
ff:05:59:78:81:7f:8e:ef:81:80:81:8d:e2:2a:7f:88:5e:8d:
77:6e:ac:62:0a:2d:ee:35:32:08:1e:c1:d9:00:25:0a:24:6a:
5d:5d:6b:46:a0:b4:d8:e4:fe:7f:cf:ef:bf:8a:b0:91:d2:9c:
9d:52:df:f1:7c:7f:31:3e:c9:91:94:15:b6:57:26:37:bb:6d:
a3:fc:7d:36:d5:b6:8a:94:a1:f8:a4:48:79:13:4e:55:ec:ae:
79:fc:c5:d8:c5:34:d5:e4:50:48:bf:a1:9c:46:b0:30:ad:a1:
6d:0e:eb:df:ba:6c:88:4d:37:01:e9:57:65:7e:2d:4f:d4:d5:
4c:cb:45:03
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYhKAzZyS7yDN8aZJ8lGda9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwNTIzMTkwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNmZWE1MTNjYzI5MzE2MDViOTJlNmJkOTk1ZmQ5NjVhZjBmZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ZKwhoS0fRGd8aQNPjw0BzEuWfk
xqOCBvQ3yLXLckgLuQ8EyDQpivIh+Lhe4SWlu5blEWQvSoR7a8w/q5MgU2eJsx5D
xevvdDWNFbhnGDElxgugUQk+ecNfqtpN+Ml4b0pQzpPDSV5xjQQELFafsuanCCGx
MsZBTjzKsC94x+0vhVvHxmJ0Nbs69WTW3kJq9BZpTrAcHsD85Ve3ZCwk+Qq6bN7p
A+hUw63U2jVrb4kq3hx1SSE7Q923NpiA5ib1O8k2VQC9XRL4Fdpvc+h72e3pxDvx
W6K7RxAz8LxWcQgGx45uBb/WooX1l5cjZYoZL4fzUOx1WNS1tEGXLFN/BwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEE/6lE8wpMWBbkua9mV/ZZa8P25MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvUVRfcVVUekNreFlGdVM1cjJaWDlsbHJ3X2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCsH7sAwQC
sH78AwQCuTlQAwQBuemUMA8EAgACMAkDBwAqAlngAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHC9IroAtpMACPg7bOZ1mPpnob+hO8fRfejkiLPBuRNYv8WfiajvdHTOc6pd
6z1az/vy853A5jrYZDZmcE4W7Hnbp7GePyb0vx724CZlpP7hcXgp39CDu3bkUCO4
VzQIs2idaCDuLgBEz29813PDSRj7vRRiW1mDXJlb32NIlP8FWXiBf47vgYCBjeIq
f4hejXdurGIKLe41MggewdkAJQokal1da0agtNjk/n/P77+KsJHSnJ1S3/F8fzE+
yZGUFbZXJje7baP8fTbVtoqUofikSHkTTlXsrnn8xdjFNNXkUEi/oZxGsDCtoW0O
69+6bIhNNwHpV2V+LU/U1UzLRQM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:23 2025 by rpki-client