Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QLaVXAeOTEqp5lbkJJN6uK-TMyo.roa
File: QLaVXAeOTEqp5lbkJJN6uK-TMyo.roa (raw, json)
Hash identifier: ITs2IXr1B5rInY1sEh7bRJHM1tqBHkCOisQXyJmrt0E=
Subject key identifier: 40:B6:95:5C:07:8E:4C:4A:A9:E6:56:E4:24:93:7A:B8:AF:93:33:2A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019447C5977E1098F77063E0BE7D9474CE2D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QLaVXAeOTEqp5lbkJJN6uK-TMyo.roa
Signing time: Wed 08 Jan 2025 21:15:19 +0000
ROA not before: Wed 08 Jan 2025 21:15:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 185.236.8.0/24 maxlen: 24
193.38.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:c5:97:7e:10:98:f7:70:63:e0:be:7d:94:74:ce:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 8 21:15:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40b6955c078e4c4aa9e656e424937ab8af93332a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6e:c9:2f:62:2c:51:48:d2:59:ab:f5:3c:ac:
41:88:6f:a1:26:b7:cc:79:b8:5b:29:a8:a0:00:78:
4c:5c:2b:db:4c:f2:c5:5b:61:d4:5f:fc:21:3b:22:
50:10:94:7d:a5:57:b8:71:cd:32:30:ff:79:7a:cd:
01:f0:12:b2:9a:86:5a:a4:c0:78:6d:04:99:5a:b5:
58:d7:92:e4:d0:cf:14:4c:b4:e9:cc:68:8a:f5:7c:
69:de:cd:be:96:66:2b:65:e4:93:f3:df:eb:78:9f:
cc:47:58:b9:a5:3b:c1:47:81:c6:1c:64:b4:9a:22:
9a:28:cf:59:f5:94:34:54:20:52:aa:3c:6a:41:63:
4b:6b:9d:50:a3:6b:ba:2e:16:6f:10:f7:1c:b1:f2:
83:7d:f2:c6:79:99:47:a7:ce:bc:95:bd:c6:67:09:
42:8d:05:43:35:10:92:aa:a3:7c:5e:ef:77:05:1b:
51:d6:c6:ce:b3:cb:60:5d:ff:f0:ee:e1:fb:9e:92:
37:21:b1:43:85:27:97:bf:71:7c:98:7c:e3:1e:33:
a4:a4:a3:e7:45:4e:af:ec:50:12:0d:fb:72:15:ac:
58:5f:e4:4d:91:de:b8:16:ef:ba:c7:8e:56:af:8c:
6e:07:fd:3f:ef:11:ad:c4:91:e7:f8:30:d4:2f:3f:
49:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B6:95:5C:07:8E:4C:4A:A9:E6:56:E4:24:93:7A:B8:AF:93:33:2A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/QLaVXAeOTEqp5lbkJJN6uK-TMyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.8.0/24
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a9:ac:3b:34:0d:21:17:7f:63:82:95:fe:61:71:bf:5e:df:
47:40:90:90:e2:5a:af:13:46:6e:2c:14:b5:50:36:13:a3:2a:
ec:5c:15:09:3c:31:e9:b7:cb:69:2b:cb:d9:15:6d:d0:8b:1c:
58:1e:19:1d:7f:a3:ee:8c:d9:f8:2d:59:29:94:d4:fe:05:1e:
56:4c:19:4e:96:2c:9c:27:c4:56:4a:44:52:dc:8d:a9:d7:14:
78:32:6c:7b:ba:b7:00:16:33:49:80:d8:f2:1e:6b:bb:c7:7c:
3a:4f:29:69:66:33:06:71:94:ae:2f:62:a3:5b:62:ce:f5:5b:
85:0a:92:a1:bc:90:3c:a0:97:a6:7e:33:42:10:df:3d:e2:a1:
26:9e:bc:96:94:b1:33:57:a0:4e:6e:61:8f:98:51:d3:7b:62:
4f:13:b7:6f:08:f4:47:2b:71:b1:1d:9e:6c:79:fe:6f:75:9a:
85:c1:32:6f:ea:5d:69:69:24:fc:e6:0a:8b:fc:d2:7a:1c:9d:
69:d1:29:83:34:29:86:f8:77:10:e4:f9:0b:a3:35:9e:5b:67:
c1:e6:04:f3:32:fe:18:82:32:9e:03:0d:e7:1e:91:67:f6:e3:
7e:68:46:42:6d:5c:1e:b6:d6:ca:9e:6c:c1:5e:0c:3e:4f:ef:
3d:9b:c1:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRHxZd+EJj3cGPgvn2UdM4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTA4MjExNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI2OTU1YzA3OGU0YzRhYTllNjU2ZTQyNDkzN2FiOGFmOTMzMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm7JL2IsUUjSWav1PKxBiG+hJrfM
ebhbKaigAHhMXCvbTPLFW2HUX/whOyJQEJR9pVe4cc0yMP95es0B8BKymoZapMB4
bQSZWrVY15Lk0M8UTLTpzGiK9Xxp3s2+lmYrZeST89/reJ/MR1i5pTvBR4HGHGS0
miKaKM9Z9ZQ0VCBSqjxqQWNLa51Qo2u6LhZvEPccsfKDffLGeZlHp868lb3GZwlC
jQVDNRCSqqN8Xu93BRtR1sbOs8tgXf/w7uH7npI3IbFDhSeXv3F8mHzjHjOkpKPn
RU6v7FASDftyFaxYX+RNkd64Fu+6x45Wr4xuB/0/7xGtxJHn+DDULz9JkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEC2lVwHjkxKqeZW5CSTerivkzMqMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvUUxhVlhBZU9URXFwNWxia0pKTjZ1Sy1UTXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewIAwQA
wSb5MA0GCSqGSIb3DQEBCwUAA4IBAQB2qaw7NA0hF39jgpX+YXG/Xt9HQJCQ4lqv
E0ZuLBS1UDYToyrsXBUJPDHpt8tpK8vZFW3QixxYHhkdf6PujNn4LVkplNT+BR5W
TBlOliycJ8RWSkRS3I2p1xR4Mmx7urcAFjNJgNjyHmu7x3w6TylpZjMGcZSuL2Kj
W2LO9VuFCpKhvJA8oJemfjNCEN894qEmnryWlLEzV6BObmGPmFHTe2JPE7dvCPRH
K3GxHZ5sef5vdZqFwTJv6l1paST85gqL/NJ6HJ1p0SmDNCmG+HcQ5PkLozWeW2fB
5gTzMv4YgjKeAw3nHpFn9uN+aEZCbVwettbKnmzBXgw+T+89m8FY
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:17 2025 by rpki-client