Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/QQ2dMhK3jUdsYqt0sqZBwj9s6ac.roa
File: QQ2dMhK3jUdsYqt0sqZBwj9s6ac.roa (raw, json)
Hash identifier: mGIsQc5zSqOGF80//ECnSvIfh1+VmEjVc4S4zaFStGM=
Subject key identifier: 41:0D:9D:32:12:B7:8D:47:6C:62:AB:74:B2:A6:41:C2:3F:6C:E9:A7
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01873CFEF65C6D7604DF48D7519E6EF59C92
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/QQ2dMhK3jUdsYqt0sqZBwj9s6ac.roa
Signing time: Sat 01 Apr 2023 13:25:54 +0000
ROA not before: Sat 01 Apr 2023 13:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.108.0/24 maxlen: 24
46.23.110.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3c:fe:f6:5c:6d:76:04:df:48:d7:51:9e:6e:f5:9c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 1 13:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=410d9d3212b78d476c62ab74b2a641c23f6ce9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cd:16:d9:b7:89:ae:72:2a:62:18:a1:59:f1:
a0:17:ef:af:2d:a9:27:dc:ca:84:4b:92:a6:59:b5:
4d:52:27:0d:c7:c0:15:ff:4d:ac:1b:e4:fa:a4:34:
db:37:a1:d2:4f:0e:78:3c:d6:ba:33:d5:fb:53:13:
89:df:03:5a:a7:49:4f:4b:a0:fa:05:18:9e:54:ba:
91:13:eb:3e:55:22:84:0f:e8:5a:8f:22:95:94:d1:
51:f0:ab:ea:87:73:d4:53:47:5a:83:97:27:77:9c:
42:d4:d1:ca:a6:14:a8:39:10:24:d7:83:f6:03:e1:
22:48:dc:f6:49:eb:e7:86:23:d1:54:6d:5e:84:1a:
14:9e:a9:68:ac:5a:38:2a:c5:72:21:02:d5:32:3f:
08:1d:55:40:bc:c6:d8:24:2f:a9:ad:de:9b:2d:f8:
e8:31:6c:4c:4d:c9:c7:87:3c:45:9d:ee:44:63:8c:
8a:11:c4:d2:97:57:0e:96:20:ce:a7:54:70:49:b9:
0b:5f:bb:83:a4:ac:d1:a7:c1:1f:d3:f0:b4:5a:ae:
8e:25:8a:7c:a0:6f:bd:82:9f:3d:82:cb:f9:ab:d7:
ed:bd:18:77:00:41:4a:1e:c1:02:8f:e3:b0:cf:5d:
d6:bf:0d:d6:b9:a2:1a:ea:3e:b1:7c:54:1c:5e:5a:
c3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0D:9D:32:12:B7:8D:47:6C:62:AB:74:B2:A6:41:C2:3F:6C:E9:A7
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/QQ2dMhK3jUdsYqt0sqZBwj9s6ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/23
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
46.23.108.0/24
46.23.110.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:8b:bb:4c:7b:bc:b1:d6:c2:f9:2c:ef:ea:73:82:c5:b1:d0:
f6:f2:7f:b4:08:00:66:f1:0c:12:b0:db:f7:0c:27:99:52:d5:
32:70:8f:29:c7:fe:32:9f:8f:1d:5e:e3:cf:4b:b4:fb:b9:88:
16:44:6b:ef:e9:89:14:a7:ed:ed:12:bb:d9:f7:5b:88:db:c3:
86:c0:41:90:ec:e8:76:47:c9:04:a4:0d:7a:2e:f2:4e:f7:f2:
8d:64:8a:08:0f:7a:7d:b0:d1:de:60:61:17:d9:c4:f8:1e:c9:
17:d7:bd:73:a7:54:f2:c1:c8:a0:f7:96:02:d2:8d:c0:07:9f:
3e:67:1d:48:ec:bf:92:87:3a:09:eb:90:ce:8b:67:f3:3d:94:
71:f5:b5:30:57:a0:2a:5c:a2:49:88:cc:c6:da:19:79:77:71:
59:22:34:b2:41:68:a4:9c:e4:17:03:f4:bc:cb:31:7d:04:25:
98:55:f7:94:d2:a6:f6:58:52:7a:83:ed:5f:17:ab:80:f7:1b:
d7:db:46:2a:0c:4d:be:0d:37:38:e6:b7:ff:5c:84:f7:d2:f5:
a7:fb:73:69:51:6d:f6:17:ca:2e:d0:62:72:ed:b2:fa:65:55:
a1:49:fc:e6:b0:86:45:20:f3:e8:08:8f:b2:9a:f6:83:2e:78:
00:ae:64:71
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYc8/vZcbXYE30jXUZ5u9ZySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDAxMTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTBkOWQzMjEyYjc4ZDQ3NmM2MmFiNzRiMmE2NDFjMjNmNmNlOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM0W2beJrnIqYhihWfGgF++vLakn
3MqES5KmWbVNUicNx8AV/02sG+T6pDTbN6HSTw54PNa6M9X7UxOJ3wNap0lPS6D6
BRieVLqRE+s+VSKED+hajyKVlNFR8Kvqh3PUU0dag5cnd5xC1NHKphSoORAk14P2
A+EiSNz2SevnhiPRVG1ehBoUnqlorFo4KsVyIQLVMj8IHVVAvMbYJC+prd6bLfjo
MWxMTcnHhzxFne5EY4yKEcTSl1cOliDOp1RwSbkLX7uDpKzRp8Ef0/C0Wq6OJYp8
oG+9gp89gsv5q9ftvRh3AEFKHsECj+Owz13Wvw3WuaIa6j6xfFQcXlrDgQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEENnTISt41HbGKrdLKmQcI/bOmnMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvUVEyZE1oSzNqVWRzWXF0MHNxWkJ3ajlzNmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbICAwQA
LhdgAwQALhdiAwQCLhdkAwQALhdsAwQALhduAwQAuVHZMA0GCSqGSIb3DQEBCwUA
A4IBAQBci7tMe7yx1sL5LO/qc4LFsdD28n+0CABm8QwSsNv3DCeZUtUycI8px/4y
n48dXuPPS7T7uYgWRGvv6YkUp+3tErvZ91uI28OGwEGQ7Oh2R8kEpA16LvJO9/KN
ZIoID3p9sNHeYGEX2cT4HskX171zp1Tywcig95YC0o3AB58+Zx1I7L+ShzoJ65DO
i2fzPZRx9bUwV6AqXKJJiMzG2hl5d3FZIjSyQWiknOQXA/S8yzF9BCWYVfeU0qb2
WFJ6g+1fF6uA9xvX20YqDE2+DTc45rf/XIT30vWn+3NpUW32F8ou0GJy7bL6ZVWh
SfzmsIZFIPPoCI+ymvaDLngArmRx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:17 2025 by rpki-client