Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/QDqzI6mtk0OSKHPd6aEPhi6zaB8.roa
File: QDqzI6mtk0OSKHPd6aEPhi6zaB8.roa (raw, json)
Hash identifier: EsH+qC6DrpZNrpMwjRlDLqXBAg493TRAVaOfxpJfUMU=
Subject key identifier: 40:3A:B3:23:A9:AD:93:43:92:28:73:DD:E9:A1:0F:86:2E:B3:68:1F
Certificate issuer: /CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7
Certificate serial: 01942521690D0829B5E4BA7814384EC364E7
Authority key identifier: 2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/QDqzI6mtk0OSKHPd6aEPhi6zaB8.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201649
IP address blocks: 185.68.48.0/22 maxlen: 22
185.68.48.0/24 maxlen: 24
185.68.49.0/24 maxlen: 24
185.68.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:69:0d:08:29:b5:e4:ba:78:14:38:4e:c3:64:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=403ab323a9ad9343922873dde9a10f862eb3681f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:2f:4d:d3:ae:74:8e:d6:9b:ce:eb:ce:44:
73:a8:3b:b4:49:da:ed:ec:d9:c0:d9:1f:e5:4d:52:
1d:4f:21:58:a4:af:ad:9b:3e:05:2f:c9:a9:fa:f7:
66:fc:df:5e:93:58:00:f1:ff:08:f1:c4:54:85:f7:
60:a4:97:b5:76:32:ff:e7:0f:4e:1b:0a:4d:33:5f:
5a:69:94:f7:4e:0c:73:03:f0:08:73:a8:2c:b6:cd:
5b:e0:ec:28:f9:d3:94:7d:b9:f6:86:a7:a4:8c:cb:
ce:9d:27:c2:22:b2:a5:64:67:0b:fb:25:ca:5b:a7:
6b:38:8d:22:0f:02:a1:9f:31:f7:6a:37:4b:ac:9c:
4e:b1:42:a1:5a:98:f1:e2:0d:47:f3:4d:2d:46:28:
41:2c:e9:aa:86:ac:0d:ed:05:4c:e6:1a:7a:0f:03:
69:84:c2:ab:ca:7a:90:63:cb:43:11:d7:ac:5c:84:
02:df:14:02:14:d9:d9:82:c4:d0:22:31:af:27:bd:
83:92:d3:ed:cf:c0:0a:b4:ba:57:38:e6:6d:f6:f9:
d8:cb:78:06:03:ce:ec:fa:f3:7c:fd:18:a3:eb:5e:
c0:c1:c1:95:17:35:ce:b2:18:6d:67:8e:ec:34:94:
9e:75:ac:5b:cf:25:03:7f:a0:fa:bb:00:cb:0a:cf:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3A:B3:23:A9:AD:93:43:92:28:73:DD:E9:A1:0F:86:2E:B3:68:1F
X509v3 Authority Key Identifier:
keyid:2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/QDqzI6mtk0OSKHPd6aEPhi6zaB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.48.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:c6:a8:d8:33:d0:b3:6a:a7:60:79:fc:55:4c:c5:64:3c:98:
42:f2:40:18:ac:d3:16:ce:f1:f8:8c:d0:eb:3c:e9:d7:a2:28:
93:e9:4d:bc:8a:c9:c6:b0:70:ce:86:23:3f:55:8e:fc:96:9f:
b8:0d:4f:b7:d9:cf:98:31:2b:bb:6e:17:13:b5:e8:86:a7:b1:
d7:6d:f8:f2:69:8a:11:b1:a8:6f:23:2e:c5:d2:36:16:c6:2e:
88:1e:7a:c1:70:3f:6f:e9:09:03:08:da:9a:48:47:7b:bd:51:
d9:fe:06:7d:8d:c0:4d:99:d2:05:85:f5:e8:a1:6e:ef:78:72:
20:72:0b:0b:a9:1d:ef:e3:c3:ac:33:d0:4f:b3:fa:25:f4:72:
49:f8:21:dd:4c:ed:72:86:e0:8f:28:12:bf:58:c8:55:77:56:
58:fd:f6:a5:61:da:6d:e0:9d:4f:91:60:1c:cb:3e:08:b5:e3:
79:b5:09:6b:cd:94:5c:50:9b:79:86:8e:96:08:10:d5:13:c0:
bd:59:d6:1c:ed:04:24:a7:be:62:fe:d3:f2:5a:4a:87:60:c0:
09:6a:1e:f6:d6:26:f5:fd:2a:88:ee:2f:f0:a9:ad:c9:53:fc:
c7:60:26:3d:3e:94:59:ac:9f:3b:27:59:17:22:1a:ec:a3:db:
85:9d:cc:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWkNCCm15Lp4FDhOw2TnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODdjM2Q1ZjQ1ZmVmMzhjMTA1YjkzZGQ0NGRkMjRmNWJl
ZTYwZTcwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDNhYjMyM2E5YWQ5MzQzOTIyODczZGRlOWExMGY4NjJlYjM2ODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL0vTdOudI7Wm87rzkRzqDu0Sdrt
7NnA2R/lTVIdTyFYpK+tmz4FL8mp+vdm/N9ek1gA8f8I8cRUhfdgpJe1djL/5w9O
GwpNM19aaZT3TgxzA/AIc6gsts1b4Owo+dOUfbn2hqekjMvOnSfCIrKlZGcL+yXK
W6drOI0iDwKhnzH3ajdLrJxOsUKhWpjx4g1H800tRihBLOmqhqwN7QVM5hp6DwNp
hMKrynqQY8tDEdesXIQC3xQCFNnZgsTQIjGvJ72DktPtz8AKtLpXOOZt9vnYy3gG
A87s+vN8/Rij617AwcGVFzXOshhtZ47sNJSedaxbzyUDf6D6uwDLCs8KTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEA6syOprZNDkihz3emhD4Yus2gfMB8GA1UdIwQY
MBaAFC6Hw9X0X+84wQW5PdRN0k9b7mDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEt
N2MyYmQ5ODRkNzM1LzEvUURxekk2bXRrME9TS0hQZDZhRVBoaTZ6YUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEtN2MyYmQ5ODRkNzM1
LzEvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUQwMA0G
CSqGSIb3DQEBCwUAA4IBAQDTxqjYM9CzaqdgefxVTMVkPJhC8kAYrNMWzvH4jNDr
POnXoiiT6U28isnGsHDOhiM/VY78lp+4DU+32c+YMSu7bhcTteiGp7HXbfjyaYoR
sahvIy7F0jYWxi6IHnrBcD9v6QkDCNqaSEd7vVHZ/gZ9jcBNmdIFhfXooW7veHIg
cgsLqR3v48OsM9BPs/ol9HJJ+CHdTO1yhuCPKBK/WMhVd1ZY/falYdpt4J1PkWAc
yz4IteN5tQlrzZRcUJt5ho6WCBDVE8C9WdYc7QQkp75i/tPyWkqHYMAJah721ib1
/SqI7i/wqa3JU/zHYCY9PpRZrJ87J1kXIhrso9uFnczt
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:39:36 2025 by rpki-client