Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/217aaf-3b3b-4d9c-a2ca-062c8882ba71/1/QT2bGKmHREGB3-sqEAhjlcIYXXI.roa
File: QT2bGKmHREGB3-sqEAhjlcIYXXI.roa (raw, json)
Hash identifier: lsIhMN9LkDQx5Xr58fqlkjIVmBAb+8AMBjPiPSb4cQI=
Subject key identifier: 41:3D:9B:18:A9:87:44:41:81:DF:EB:2A:10:08:63:95:C2:18:5D:72
Certificate issuer: /CN=d20b08e607668e06050084ee37928a1c0b035492
Certificate serial: 0194266B50DD5237E95D54F1BF3BD26844BF
Authority key identifier: D2:0B:08:E6:07:66:8E:06:05:00:84:EE:37:92:8A:1C:0B:03:54:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gsI5gdmjgYFAITuN5KKHAsDVJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/217aaf-3b3b-4d9c-a2ca-062c8882ba71/1/QT2bGKmHREGB3-sqEAhjlcIYXXI.roa
Signing time: Thu 02 Jan 2025 09:49:14 +0000
ROA not before: Thu 02 Jan 2025 09:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12666
IP address blocks: 194.153.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:50:dd:52:37:e9:5d:54:f1:bf:3b:d2:68:44:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d20b08e607668e06050084ee37928a1c0b035492
Validity
Not Before: Jan 2 09:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=413d9b18a987444181dfeb2a10086395c2185d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:99:4e:df:6e:71:49:d2:0f:ab:fb:08:77:35:
cc:49:59:0b:ce:1e:07:c7:87:14:0a:96:d9:f0:44:
4d:d7:c1:55:f0:04:f4:f8:2f:2d:c3:02:74:dc:14:
21:29:b9:2d:6e:cf:ad:22:30:d1:1f:1c:9a:2d:9a:
ff:86:5a:89:b2:53:4e:b5:5a:ee:76:72:ac:75:18:
8e:d7:94:fc:de:3b:c3:83:0e:82:63:fe:99:2e:19:
07:12:5c:2b:31:32:1e:aa:24:f0:fd:29:92:65:51:
94:8a:0e:c5:d0:ff:0f:e7:b7:a2:73:da:15:eb:83:
9e:de:7d:e5:ab:83:35:77:0a:10:6f:9f:a8:0a:84:
97:7f:78:12:a8:33:eb:1c:d4:69:9e:58:44:19:d3:
6e:f8:03:2d:f6:7d:fd:e0:f8:86:47:ab:20:1b:56:
90:44:04:f4:1b:7e:cf:32:52:47:a0:a1:a2:1c:e1:
38:1f:fa:a3:ca:94:98:a9:61:d5:63:51:fb:c6:fc:
40:b7:45:51:b3:46:33:7f:34:29:0b:ad:0d:12:6d:
f9:18:cc:99:a8:c9:f6:b0:a2:05:b7:5a:47:9f:c2:
5a:dc:42:af:28:ed:f9:86:55:b9:5c:fa:24:2c:86:
8a:d8:a6:9e:6e:03:9a:c7:ba:04:2e:d1:b7:93:89:
dc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3D:9B:18:A9:87:44:41:81:DF:EB:2A:10:08:63:95:C2:18:5D:72
X509v3 Authority Key Identifier:
keyid:D2:0B:08:E6:07:66:8E:06:05:00:84:EE:37:92:8A:1C:0B:03:54:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gsI5gdmjgYFAITuN5KKHAsDVJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/217aaf-3b3b-4d9c-a2ca-062c8882ba71/1/QT2bGKmHREGB3-sqEAhjlcIYXXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/217aaf-3b3b-4d9c-a2ca-062c8882ba71/1/0gsI5gdmjgYFAITuN5KKHAsDVJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.74.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f1:6f:cd:d6:9b:cf:19:a7:7b:4a:66:20:f0:0e:14:7a:b3:
be:03:64:eb:49:ad:ba:2a:19:38:39:99:88:07:eb:3c:ad:30:
3c:c1:ee:f3:67:bb:ff:02:a0:7b:f5:4a:6b:ef:27:d9:6a:eb:
38:03:e3:23:a0:df:b4:cb:ce:6f:97:ee:92:0e:91:09:df:62:
d3:45:02:3c:f9:a6:b3:f1:43:59:28:34:e7:74:c9:d9:fd:d1:
dd:bc:d0:ea:75:a6:e9:f7:0e:27:b7:4e:02:27:a3:60:3b:a5:
dc:c2:19:08:3c:85:99:82:70:26:37:d8:17:46:6b:a2:a5:e7:
5b:07:66:d1:fa:29:e7:f5:dd:c2:a5:5e:0a:5a:ff:18:60:03:
59:d2:78:89:c2:88:57:cf:3c:94:31:0a:1e:ba:a8:5d:cd:56:
98:63:cd:12:3c:fe:98:f8:0e:37:18:33:a3:0d:a2:22:ef:f9:
f1:6f:51:31:02:6e:23:ba:08:f4:59:e1:b3:29:85:fc:d5:76:
87:cc:9a:3d:10:d5:62:d8:6f:b0:c2:6f:2a:75:e6:e6:88:ee:
5e:4c:83:33:6c:9d:bd:e3:7b:a9:b6:67:2d:ef:80:e8:4d:2c:
6d:1a:d5:a8:40:5e:2b:2b:00:77:07:4f:a7:ef:a4:b3:d2:a0:
31:05:38:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma1DdUjfpXVTxvzvSaES/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMGIwOGU2MDc2NjhlMDYwNTAwODRlZTM3OTI4YTFjMGIw
MzU0OTIwHhcNMjUwMTAyMDk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNkOWIxOGE5ODc0NDQxODFkZmViMmExMDA4NjM5NWMyMTg1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJlO325xSdIPq/sIdzXMSVkLzh4H
x4cUCpbZ8ERN18FV8AT0+C8twwJ03BQhKbktbs+tIjDRHxyaLZr/hlqJslNOtVru
dnKsdRiO15T83jvDgw6CY/6ZLhkHElwrMTIeqiTw/SmSZVGUig7F0P8P57eic9oV
64Oe3n3lq4M1dwoQb5+oCoSXf3gSqDPrHNRpnlhEGdNu+AMt9n394PiGR6sgG1aQ
RAT0G37PMlJHoKGiHOE4H/qjypSYqWHVY1H7xvxAt0VRs0YzfzQpC60NEm35GMyZ
qMn2sKIFt1pHn8Ja3EKvKO35hlW5XPokLIaK2KaebgOax7oELtG3k4nc9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEE9mxiph0RBgd/rKhAIY5XCGF1yMB8GA1UdIwQY
MBaAFNILCOYHZo4GBQCE7jeSihwLA1SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdzSTVnZG1qZ1lGQUlUdU41S0tIQXNEVkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yMTdhYWYtM2IzYi00ZDljLWEyY2Et
MDYyYzg4ODJiYTcxLzEvUVQyYkdLbUhSRUdCMy1zcUVBaGpsY0lZWFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yMTdhYWYtM2IzYi00ZDljLWEyY2EtMDYyYzg4ODJiYTcx
LzEvMGdzSTVnZG1qZ1lGQUlUdU41S0tIQXNEVkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwplKMA0G
CSqGSIb3DQEBCwUAA4IBAQAT8W/N1pvPGad7SmYg8A4UerO+A2TrSa26Khk4OZmI
B+s8rTA8we7zZ7v/AqB79Upr7yfZaus4A+MjoN+0y85vl+6SDpEJ32LTRQI8+aaz
8UNZKDTndMnZ/dHdvNDqdabp9w4nt04CJ6NgO6XcwhkIPIWZgnAmN9gXRmuipedb
B2bR+inn9d3CpV4KWv8YYANZ0niJwohXzzyUMQoeuqhdzVaYY80SPP6Y+A43GDOj
DaIi7/nxb1ExAm4jugj0WeGzKYX81XaHzJo9ENVi2G+wwm8qdebmiO5eTIMzbJ29
43uptmct74DoTSxtGtWoQF4rKwB3B0+n76Sz0qAxBTjT
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:35:06 2025 by rpki-client