Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/QCWBDKlG8Io2BeH0NId31fpN2YE.roa
File: QCWBDKlG8Io2BeH0NId31fpN2YE.roa (raw, json)
Hash identifier: 0NRY9EDUi1FWue8IN72u0GMUvyyjoroAoM3JlXroHao=
Subject key identifier: 40:25:81:0C:A9:46:F0:8A:36:05:E1:F4:34:87:77:D5:FA:4D:D9:81
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 019427B5F2D562023F011E73F08B268D2760
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/QCWBDKlG8Io2BeH0NId31fpN2YE.roa
Signing time: Thu 02 Jan 2025 15:50:22 +0000
ROA not before: Thu 02 Jan 2025 15:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 14.102.9.0/24 maxlen: 24
14.102.11.0/24 maxlen: 24
91.200.254.0/24 maxlen: 24
110.172.191.0/24 maxlen: 24
114.69.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f2:d5:62:02:3f:01:1e:73:f0:8b:26:8d:27:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 15:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4025810ca946f08a3605e1f4348777d5fa4dd981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:14:40:cd:68:09:56:a0:ff:f5:35:56:05:2c:
63:2f:9b:a3:fc:b5:f8:64:07:06:67:f3:25:5f:13:
4f:eb:6a:91:06:6c:18:fc:ce:69:ad:1f:3e:38:05:
69:00:7c:13:59:86:42:59:f3:14:40:86:fe:e1:17:
36:12:f2:28:a2:cc:b4:6d:3b:6c:0f:79:59:1a:4c:
43:83:6d:fa:90:7d:c3:4e:ab:aa:1c:29:80:7d:fc:
54:d5:b4:17:a5:e6:82:aa:71:18:e5:d7:e5:c1:37:
b9:f6:b0:65:25:69:d9:68:58:9b:76:7c:2d:93:16:
f9:43:6a:6e:2b:27:c2:4f:19:f0:ee:40:0f:af:9d:
86:1a:4e:7b:0e:95:3e:ff:6b:e6:6a:3b:91:fb:76:
f3:e4:9e:08:3b:e2:41:62:a3:04:b1:57:b1:91:05:
9e:e1:5e:3f:fc:74:cb:de:2f:23:f5:70:ce:6a:7b:
56:20:74:7e:00:7f:41:06:68:62:d5:ab:05:f2:a7:
5c:63:aa:6d:4a:b3:de:55:68:e8:0b:bd:1d:c7:d8:
39:1d:86:72:0f:99:7a:26:eb:bd:2b:dc:54:84:f3:
11:2a:c2:f4:54:03:3d:3c:a4:78:ce:ff:a0:ef:80:
51:8e:c6:d3:48:6f:92:5e:17:e9:47:d1:e5:e6:ef:
0d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:25:81:0C:A9:46:F0:8A:36:05:E1:F4:34:87:77:D5:FA:4D:D9:81
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/QCWBDKlG8Io2BeH0NId31fpN2YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.9.0/24
14.102.11.0/24
91.200.254.0/24
110.172.191.0/24
114.69.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f9:0d:7f:43:9c:a3:4f:cb:68:e8:9c:fa:8c:c5:8a:49:97:
19:cf:69:35:d2:63:57:e2:a8:d3:46:fb:85:cb:6f:5d:a7:15:
97:b2:a7:f1:a6:95:82:27:55:13:30:44:1f:5c:83:ef:0d:a3:
8a:7b:17:47:47:76:d1:1b:6e:44:a2:8a:e5:7e:ad:5a:93:cd:
22:0c:40:52:fc:63:49:a3:7e:ff:8d:11:07:01:74:58:96:6d:
dc:a5:02:30:6e:fd:bc:d7:a9:93:a5:f0:dd:c4:13:6a:9c:1f:
80:d8:7a:03:25:25:ad:b5:72:f4:23:62:49:c2:65:19:af:fe:
99:b6:e0:8a:9b:37:a5:2d:7c:05:81:79:2b:35:cb:e3:36:13:
aa:d1:3d:f9:17:bb:ba:9d:92:7f:30:e3:59:ea:42:8f:74:8a:
bb:2d:ae:70:5e:ec:bd:0f:45:e5:db:8f:dc:12:26:c0:f1:97:
b9:9e:65:85:03:d4:a3:2a:0a:b6:85:96:43:eb:51:11:6c:21:
26:d3:ff:57:6f:17:bc:e1:48:66:e2:60:af:e1:90:b2:c5:10:
81:9b:f6:c1:08:7c:83:39:ae:79:b9:6b:68:c4:d1:2a:3e:b8:
5f:8c:4d:25:17:f3:56:3e:ee:97:c8:19:6c:62:d4:d9:3c:40:
0d:22:6a:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntfLVYgI/AR5z8IsmjSdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMTAyMTU1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI1ODEwY2E5NDZmMDhhMzYwNWUxZjQzNDg3NzdkNWZhNGRkOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhRAzWgJVqD/9TVWBSxjL5uj/LX4
ZAcGZ/MlXxNP62qRBmwY/M5prR8+OAVpAHwTWYZCWfMUQIb+4Rc2EvIoosy0bTts
D3lZGkxDg236kH3DTquqHCmAffxU1bQXpeaCqnEY5dflwTe59rBlJWnZaFibdnwt
kxb5Q2puKyfCTxnw7kAPr52GGk57DpU+/2vmajuR+3bz5J4IO+JBYqMEsVexkQWe
4V4//HTL3i8j9XDOantWIHR+AH9BBmhi1asF8qdcY6ptSrPeVWjoC70dx9g5HYZy
D5l6Juu9K9xUhPMRKsL0VAM9PKR4zv+g74BRjsbTSG+SXhfpR9Hl5u8NnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEAlgQypRvCKNgXh9DSHd9X6TdmBMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvUUNXQkRLbEc4SW8yQmVIME5JZDMxZnBOMllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmYJAwQA
DmYLAwQAW8j+AwQAbqy/AwQAckX1MA0GCSqGSIb3DQEBCwUAA4IBAQCP+Q1/Q5yj
T8to6Jz6jMWKSZcZz2k10mNX4qjTRvuFy29dpxWXsqfxppWCJ1UTMEQfXIPvDaOK
exdHR3bRG25Eoorlfq1ak80iDEBS/GNJo37/jREHAXRYlm3cpQIwbv2816mTpfDd
xBNqnB+A2HoDJSWttXL0I2JJwmUZr/6ZtuCKmzelLXwFgXkrNcvjNhOq0T35F7u6
nZJ/MONZ6kKPdIq7La5wXuy9D0Xl24/cEibA8Ze5nmWFA9SjKgq2hZZD61ERbCEm
0/9Xbxe84Uhm4mCv4ZCyxRCBm/bBCHyDOa55uWtoxNEqPrhfjE0lF/NWPu6XyBls
YtTZPEANImqw
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:07 2025 by rpki-client