Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QE1AruCgiCx9mTl3wqR2063AG3k.roa
File: QE1AruCgiCx9mTl3wqR2063AG3k.roa (raw, json)
Hash identifier: FbVBM2wE45D6tHbB6BPwqcG84ZonkjHCyJ+c269ZSjk=
Subject key identifier: 40:4D:40:AE:E0:A0:88:2C:7D:99:39:77:C2:A4:76:D3:AD:C0:1B:79
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C128788CA7D7FC6C20C421E2EE6895CC3
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QE1AruCgiCx9mTl3wqR2063AG3k.roa
Signing time: Mon 27 Nov 2023 20:45:21 +0000
ROA not before: Mon 27 Nov 2023 20:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.240.83.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:87:88:ca:7d:7f:c6:c2:0c:42:1e:2e:e6:89:5c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 27 20:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=404d40aee0a0882c7d993977c2a476d3adc01b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:df:78:18:c4:b9:77:f6:34:94:f0:c8:3c:
fa:06:88:b6:ed:6f:bc:3d:44:42:8f:0b:ee:6e:b0:
33:3f:e1:ca:04:f6:01:47:20:29:d5:ee:db:f0:2a:
d3:b2:a7:82:6e:f1:5f:cb:d8:96:11:57:d8:57:63:
c6:6b:75:e3:5f:a4:e2:d1:f2:2b:c1:9e:49:38:15:
c1:c5:fa:89:ba:d6:dd:69:7c:21:c4:4e:52:b9:95:
fb:55:4b:18:aa:f1:6d:d3:b5:1c:d4:ea:7b:fb:3f:
f4:33:94:8c:bc:2c:ae:88:77:57:9a:39:14:5c:64:
52:8d:83:c5:a3:62:1c:57:59:bf:1c:1f:dc:d5:ab:
a6:2b:41:ee:b9:c0:5e:d3:6c:a6:f6:8e:3a:88:d2:
5c:ac:45:96:f1:51:5e:37:6c:1c:2c:d9:90:ef:00:
38:c2:06:2e:b5:e4:b5:43:7b:b4:c4:9f:b3:f5:eb:
41:3c:bb:6b:56:1e:ac:48:5b:2b:a4:1e:c9:45:d5:
bd:51:28:c2:5d:3a:a2:88:e7:9e:aa:bf:04:5c:7d:
ae:f2:5f:c3:98:ec:a7:00:5c:35:ef:57:7b:79:e1:
d7:fb:43:15:af:79:e0:eb:62:ed:40:bb:85:a1:c9:
2f:19:be:2b:34:b0:40:64:e3:79:0e:05:ef:f5:9b:
be:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4D:40:AE:E0:A0:88:2C:7D:99:39:77:C2:A4:76:D3:AD:C0:1B:79
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QE1AruCgiCx9mTl3wqR2063AG3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
62.112.30.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.37.128.0/24
89.40.43.0/24
89.42.40.0/24
89.42.213.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
176.223.190.0/24
188.211.249.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
36:db:90:30:00:03:8f:6b:f2:fb:e8:d4:10:3d:82:ff:b9:49:
e1:54:d1:d6:35:11:db:49:fe:16:77:ab:e2:d0:8c:1d:61:a2:
78:b1:78:1f:6e:d7:f6:61:ff:c4:3a:fc:6a:4d:df:f7:d1:8d:
18:97:72:1f:d6:b3:3e:fd:db:2a:d1:e7:37:ee:62:98:b3:35:
9e:03:03:98:03:a9:5b:b6:1f:c6:54:06:79:c9:38:7e:14:f9:
61:56:55:6d:e9:05:ed:e7:97:60:a5:dd:9b:d7:79:82:a3:a7:
74:3a:86:7d:61:26:a6:95:db:e3:6d:f4:52:1d:c3:cf:10:3d:
13:71:02:84:f7:cc:85:c6:00:85:24:5c:27:5e:41:0a:0c:c0:
a2:78:ed:b4:90:d9:c6:9f:f9:b2:9b:77:dc:8e:15:44:4a:1f:
ef:a6:53:2d:dd:1d:ff:4d:06:29:db:7e:d7:3c:f0:1f:40:74:
2e:50:21:28:3d:4a:5d:0f:a1:33:e3:53:89:16:55:81:73:44:
7b:ff:7b:0e:3a:6b:80:12:27:4d:4e:a6:e3:ac:c4:71:4c:93:
ea:cf:97:fa:3c:95:38:e4:6e:59:34:68:0c:59:31:d8:05:23:
72:4f:d0:ed:68:68:10:64:c5:9b:c6:76:2c:28:2e:71:1f:f4:
e5:fe:ce:cf
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYwSh4jKfX/GwgxCHi7miVzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTI3MjA0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRkNDBhZWUwYTA4ODJjN2Q5OTM5NzdjMmE0NzZkM2FkYzAxYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GbfeBjEuXf2NJTwyDz6Boi27W+8
PURCjwvubrAzP+HKBPYBRyAp1e7b8CrTsqeCbvFfy9iWEVfYV2PGa3XjX6Ti0fIr
wZ5JOBXBxfqJutbdaXwhxE5SuZX7VUsYqvFt07Uc1Op7+z/0M5SMvCyuiHdXmjkU
XGRSjYPFo2IcV1m/HB/c1aumK0HuucBe02ym9o46iNJcrEWW8VFeN2wcLNmQ7wA4
wgYuteS1Q3u0xJ+z9etBPLtrVh6sSFsrpB7JRdW9USjCXTqiiOeeqr8EXH2u8l/D
mOynAFw171d7eeHX+0MVr3ng62LtQLuFockvGb4rNLBAZON5DgXv9Zu+9QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFEBNQK7goIgsfZk5d8KkdtOtwBt5MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUUUxQXJ1Q2dpQ3g5bVRsM3dxUjIwNjNBRzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALmauAwQA
PnAeAwQAVPcUAwQAWSKrAwQAWSTnAwQAWSVqAwQAWSWAAwQAWSgrAwQAWSooAwQA
WSrVAwQAXXJFAwQAXrFxAwQAXrF2AwQAsN++AwQAvNP5AwQAvPBTMA0GCSqGSIb3
DQEBCwUAA4IBAQA225AwAAOPa/L76NQQPYL/uUnhVNHWNRHbSf4Wd6vi0IwdYaJ4
sXgfbtf2Yf/EOvxqTd/30Y0Yl3If1rM+/dsq0ec37mKYszWeAwOYA6lbth/GVAZ5
yTh+FPlhVlVt6QXt55dgpd2b13mCo6d0OoZ9YSamldvjbfRSHcPPED0TcQKE98yF
xgCFJFwnXkEKDMCieO20kNnGn/mym3fcjhVESh/vplMt3R3/TQYp237XPPAfQHQu
UCEoPUpdD6Ez41OJFlWBc0R7/3sOOmuAEidNTqbjrMRxTJPqz5f6PJU45G5ZNGgM
WTHYBSNyT9DtaGgQZMWbxnYsKC5xH/Tl/s7P
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:04 2025 by rpki-client