Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/QFSVeDq1epR2B-cHpjlozBO3ocI.roa
File: QFSVeDq1epR2B-cHpjlozBO3ocI.roa (raw, json)
Hash identifier: iTCal74oQdwW9uQJuhQCWg6av2cdFSN2Hzxn0oSQ9UI=
Subject key identifier: 40:54:95:78:3A:B5:7A:94:76:07:E7:07:A6:39:68:CC:13:B7:A1:C2
Certificate issuer: /CN=483fb37d1fb0ccd216dadec40009561a844aa83b
Certificate serial: 0194236A0760BB77972308FC404F7E0F4D55
Authority key identifier: 48:3F:B3:7D:1F:B0:CC:D2:16:DA:DE:C4:00:09:56:1A:84:4A:A8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SD-zfR-wzNIW2t7EAAlWGoRKqDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/QFSVeDq1epR2B-cHpjlozBO3ocI.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47625
IP address blocks: 91.206.182.0/23 maxlen: 23
188.64.184.0/23 maxlen: 23
188.64.186.0/23 maxlen: 23
188.64.188.0/23 maxlen: 23
188.64.190.0/23 maxlen: 23
195.216.196.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:07:60:bb:77:97:23:08:fc:40:4f:7e:0f:4d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=483fb37d1fb0ccd216dadec40009561a844aa83b
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=405495783ab57a947607e707a63968cc13b7a1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:7f:0a:1f:ec:bf:74:d0:09:fe:5c:5d:2c:
7f:24:e8:df:01:19:60:e9:de:45:78:dd:87:97:0a:
a0:a0:79:f2:08:25:b2:1e:e0:75:a2:6d:95:7c:a3:
a7:bb:00:e3:6d:49:da:b2:da:81:f4:14:b2:81:c0:
6e:8f:8b:28:7e:38:70:39:82:f4:fe:7d:47:09:a1:
43:4a:c8:9f:05:21:2f:c3:dd:73:ac:ba:d2:2d:90:
00:44:88:12:9f:c6:48:ab:23:e4:ac:08:34:20:81:
46:11:b3:7a:9e:39:79:19:a2:08:33:5a:57:50:72:
b5:1a:1a:88:9c:8d:14:4b:48:96:48:72:e8:cb:62:
ff:76:a1:1b:15:fe:c2:dd:9e:3a:52:01:3c:5b:3d:
9f:90:48:c7:0f:91:41:ec:24:ee:c4:02:06:03:8c:
82:57:02:60:46:bd:24:53:53:44:d8:05:28:10:d6:
a2:6b:2e:80:09:ba:8e:c9:0d:04:2d:5d:67:63:d6:
4f:31:58:e5:77:80:5a:72:43:55:b6:33:30:64:65:
3c:b1:8c:0f:de:2a:60:68:25:0a:1e:80:a5:f5:37:
b1:77:2f:e2:4d:82:aa:49:81:d3:dc:6a:14:1e:0e:
41:3f:dd:a2:33:1d:60:fa:bb:99:d2:0e:1e:59:17:
ee:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:54:95:78:3A:B5:7A:94:76:07:E7:07:A6:39:68:CC:13:B7:A1:C2
X509v3 Authority Key Identifier:
keyid:48:3F:B3:7D:1F:B0:CC:D2:16:DA:DE:C4:00:09:56:1A:84:4A:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SD-zfR-wzNIW2t7EAAlWGoRKqDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/QFSVeDq1epR2B-cHpjlozBO3ocI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/SD-zfR-wzNIW2t7EAAlWGoRKqDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.182.0/23
188.64.184.0/21
195.216.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:40:14:0e:b2:7d:f4:45:e7:79:e7:0f:2c:db:d8:0f:44:ff:
fd:2b:96:98:d9:5a:44:ff:df:68:9a:c1:61:26:9c:98:6a:f0:
6a:ac:62:66:c3:fd:c5:f2:37:7f:11:68:c8:2c:ed:0c:28:64:
fc:27:08:8a:72:c0:64:8d:45:9e:ee:d5:f8:1d:74:dc:b3:09:
c3:b6:5a:9a:dc:91:83:2d:77:98:29:3a:b2:c2:b1:c6:39:8a:
bd:2b:4b:1c:46:e4:3e:84:50:38:62:d4:82:1e:06:79:07:24:
f2:19:ad:82:97:8f:7e:fa:53:b3:7a:e9:aa:91:12:6e:f4:29:
15:d9:02:42:66:fe:90:79:56:6c:a0:3c:b8:7f:4f:eb:9e:b3:
5a:be:67:4d:d2:b2:e4:83:99:a1:21:6c:5e:77:8e:23:51:53:
db:b3:33:7e:1c:1e:b7:07:3f:ff:f3:74:f0:df:1a:7c:24:a3:
28:22:46:49:f2:64:12:9d:97:5a:bc:c0:6b:6d:f8:db:fc:c8:
dd:1d:e8:ef:3c:5b:52:87:e5:7b:e1:3c:da:37:3d:d7:e6:ad:
52:f1:ef:c0:b4:e3:05:16:a2:95:73:43:f3:da:69:b9:c8:8e:
a3:f2:ee:88:0c:52:5f:89:c2:49:46:a8:1e:12:3a:fd:5b:39:
d7:5e:a9:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjagdgu3eXIwj8QE9+D01VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4M2ZiMzdkMWZiMGNjZDIxNmRhZGVjNDAwMDk1NjFhODQ0
YWE4M2IwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU0OTU3ODNhYjU3YTk0NzYwN2U3MDdhNjM5NjhjYzEzYjdhMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2R/Ch/sv3TQCf5cXSx/JOjfARlg
6d5FeN2HlwqgoHnyCCWyHuB1om2VfKOnuwDjbUnastqB9BSygcBuj4sofjhwOYL0
/n1HCaFDSsifBSEvw91zrLrSLZAARIgSn8ZIqyPkrAg0IIFGEbN6njl5GaIIM1pX
UHK1GhqInI0US0iWSHLoy2L/dqEbFf7C3Z46UgE8Wz2fkEjHD5FB7CTuxAIGA4yC
VwJgRr0kU1NE2AUoENaiay6ACbqOyQ0ELV1nY9ZPMVjld4BackNVtjMwZGU8sYwP
3ipgaCUKHoCl9Texdy/iTYKqSYHT3GoUHg5BP92iMx1g+ruZ0g4eWRfu8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEBUlXg6tXqUdgfnB6Y5aMwTt6HCMB8GA1UdIwQY
MBaAFEg/s30fsMzSFtrexAAJVhqESqg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0QtemZSLXd6TklXMnQ3RUFBbFdHb1JLcURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMWViNjYtY2M4Ny00YTkwLTljNWQt
ZWUzY2E3NGJiYjc5LzEvUUZTVmVEcTFlcFIyQi1jSHBqbG96Qk8zb2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMWViNjYtY2M4Ny00YTkwLTljNWQtZWUzY2E3NGJiYjc5
LzEvU0QtemZSLXd6TklXMnQ3RUFBbFdHb1JLcURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW862AwQD
vEC4AwQBw9jEMA0GCSqGSIb3DQEBCwUAA4IBAQCgQBQOsn30Red55w8s29gPRP/9
K5aY2VpE/99omsFhJpyYavBqrGJmw/3F8jd/EWjILO0MKGT8JwiKcsBkjUWe7tX4
HXTcswnDtlqa3JGDLXeYKTqywrHGOYq9K0scRuQ+hFA4YtSCHgZ5ByTyGa2Cl49+
+lOzeumqkRJu9CkV2QJCZv6QeVZsoDy4f0/rnrNavmdN0rLkg5mhIWxed44jUVPb
szN+HB63Bz//83Tw3xp8JKMoIkZJ8mQSnZdavMBrbfjb/MjdHejvPFtSh+V74Tza
Nz3X5q1S8e/AtOMFFqKVc0Pz2mm5yI6j8u6IDFJficJJRqgeEjr9WznXXqlu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net