Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/QGmBLSRvxSR7DVN1LOIx5HpyBtk.roa
File: QGmBLSRvxSR7DVN1LOIx5HpyBtk.roa (raw, json)
Hash identifier: lMfHqBMyB3qVbkQmBMilqjpX/AYRaJcLwLixEpa8Las=
Subject key identifier: 40:69:81:2D:24:6F:C5:24:7B:0D:53:75:2C:E2:31:E4:7A:72:06:D9
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0194D6483F66B5D3B20164BC5F4D80C3D1E4
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/QGmBLSRvxSR7DVN1LOIx5HpyBtk.roa
Signing time: Wed 05 Feb 2025 13:24:06 +0000
ROA not before: Wed 05 Feb 2025 13:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50461
IP address blocks: 91.108.225.0/24 maxlen: 24
91.108.237.0/24 maxlen: 24
91.108.239.0/24 maxlen: 24
91.108.248.0/24 maxlen: 24
91.108.249.0/24 maxlen: 24
91.108.250.0/24 maxlen: 24
91.108.251.0/24 maxlen: 24
91.108.252.0/24 maxlen: 24
91.108.253.0/24 maxlen: 24
91.108.254.0/24 maxlen: 24
91.108.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:48:3f:66:b5:d3:b2:01:64:bc:5f:4d:80:c3:d1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Feb 5 13:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4069812d246fc5247b0d53752ce231e47a7206d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:cd:30:02:49:51:c4:3e:ac:9a:17:54:66:
e7:d0:5e:a0:53:63:93:a7:f1:93:73:94:db:6d:97:
e9:39:51:df:bf:f2:ce:f3:ca:91:31:12:c6:0c:91:
71:75:14:04:e5:f0:04:e7:e8:11:a6:c2:38:9a:da:
f8:a4:0e:d0:4f:1d:82:ab:be:03:22:ab:1e:02:d2:
26:07:5d:c0:6c:ce:31:28:b3:a6:14:f4:74:99:44:
12:36:b6:72:56:50:24:55:9e:16:30:fc:85:a4:b4:
20:d5:54:89:20:e2:d3:e2:64:7c:f2:33:5b:3c:83:
d5:a6:79:63:2d:bd:1e:33:51:e5:53:e6:af:7c:76:
c8:a1:aa:de:24:09:6f:c9:7f:2c:c5:c1:73:17:63:
de:e9:a7:30:fe:0f:3b:97:51:aa:4b:e4:20:3a:db:
26:0b:bb:a9:56:9a:3c:9f:cd:e5:cc:14:41:c0:4e:
c7:94:f7:d6:2f:cc:6a:b0:32:68:54:92:24:e7:5c:
91:7d:b1:cd:fc:e6:79:6c:01:ce:eb:29:ec:46:f6:
f4:64:fd:0f:b5:57:55:91:61:e3:4c:10:7b:99:b6:
92:f2:5e:96:5b:7d:9c:20:3c:0e:32:46:76:bf:e7:
3d:6e:5a:96:d8:98:5b:84:d1:23:63:79:e3:49:41:
ba:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:81:2D:24:6F:C5:24:7B:0D:53:75:2C:E2:31:E4:7A:72:06:D9
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/QGmBLSRvxSR7DVN1LOIx5HpyBtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.225.0/24
91.108.237.0/24
91.108.239.0/24
91.108.248.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:68:25:83:3d:1c:c1:0a:32:c8:b2:e9:22:d2:72:43:79:22:
29:82:72:cb:6e:f2:ab:d4:97:18:ab:3c:01:0f:a7:2c:03:49:
09:63:46:5e:64:97:4e:a2:19:dd:02:6e:cc:00:f7:9d:60:3c:
7f:a2:b2:16:db:b7:5a:7c:07:dc:da:a8:51:e2:4b:03:70:a5:
58:54:e2:fa:a5:15:9a:77:a0:3a:9c:55:72:b4:48:97:35:9e:
13:ab:e6:77:e7:2a:d5:05:87:f3:8f:dd:68:69:43:0b:a0:31:
f6:51:b9:92:8b:f6:35:56:89:b1:8b:af:47:e5:8d:79:18:6b:
de:18:13:0a:7a:e1:6d:d8:76:2a:92:6c:1b:ae:6c:ef:58:ea:
1a:4b:58:e1:8d:40:b9:44:be:28:b7:b0:6b:36:c8:e9:70:b4:
07:10:d7:4c:dd:c1:32:07:30:ce:a5:4f:14:fa:72:c8:76:bd:
4b:fb:e3:1f:14:db:50:05:39:a5:bd:8e:6f:3b:87:0e:89:39:
40:41:46:63:59:5a:97:96:8d:30:7d:48:65:4f:05:1c:a3:be:
43:68:9f:89:ae:4f:e5:8d:0d:b6:c9:3f:73:df:21:17:5e:0c:
38:96:78:13:f8:1e:97:d1:f9:e1:64:c2:f6:48:04:b6:f2:93:
2b:32:f0:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTWSD9mtdOyAWS8X02Aw9HkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwMjA1MTMyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY5ODEyZDI0NmZjNTI0N2IwZDUzNzUyY2UyMzFlNDdhNzIwNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplTNMAJJUcQ+rJoXVGbn0F6gU2OT
p/GTc5TbbZfpOVHfv/LO88qRMRLGDJFxdRQE5fAE5+gRpsI4mtr4pA7QTx2Cq74D
IqseAtImB13AbM4xKLOmFPR0mUQSNrZyVlAkVZ4WMPyFpLQg1VSJIOLT4mR88jNb
PIPVpnljLb0eM1HlU+avfHbIoareJAlvyX8sxcFzF2Pe6acw/g87l1GqS+QgOtsm
C7upVpo8n83lzBRBwE7HlPfWL8xqsDJoVJIk51yRfbHN/OZ5bAHO6ynsRvb0ZP0P
tVdVkWHjTBB7mbaS8l6WW32cIDwOMkZ2v+c9blqW2JhbhNEjY3njSUG6wwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEBpgS0kb8Ukew1TdSziMeR6cgbZMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvUUdtQkxTUnZ4U1I3RFZOMUxPSXg1SHB5QnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW2zhAwQA
W2ztAwQAW2zvAwQDW2z4MA0GCSqGSIb3DQEBCwUAA4IBAQC0aCWDPRzBCjLIsuki
0nJDeSIpgnLLbvKr1JcYqzwBD6csA0kJY0ZeZJdOohndAm7MAPedYDx/orIW27da
fAfc2qhR4ksDcKVYVOL6pRWad6A6nFVytEiXNZ4Tq+Z35yrVBYfzj91oaUMLoDH2
UbmSi/Y1Vomxi69H5Y15GGveGBMKeuFt2HYqkmwbrmzvWOoaS1jhjUC5RL4ot7Br
NsjpcLQHENdM3cEyBzDOpU8U+nLIdr1L++MfFNtQBTmlvY5vO4cOiTlAQUZjWVqX
lo0wfUhlTwUco75DaJ+Jrk/ljQ22yT9z3yEXXgw4lngT+B6X0fnhZML2SAS28pMr
MvDz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:16 2025 by rpki-client