Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qOS_JmGuMGS8fdW8_vGeP4voZoo.roa
File: qOS_JmGuMGS8fdW8_vGeP4voZoo.roa (raw, json)
Hash identifier: ca3WETCPA0LrmORjC53qRgeSLIMYuLN7rkeUg99gFg4=
Subject key identifier: A8:E4:BF:26:61:AE:30:64:BC:7D:D5:BC:FE:F1:9E:3F:8B:E8:66:8A
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9B22493821DDF403114538AF8B0A9
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qOS_JmGuMGS8fdW8_vGeP4voZoo.roa
Signing time: Thu 02 Jan 2025 11:49:48 +0000
ROA not before: Thu 02 Jan 2025 11:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35728
IP address blocks: 85.140.44.0/22 maxlen: 22
85.140.44.0/24 maxlen: 24
85.140.45.0/24 maxlen: 24
85.140.46.0/24 maxlen: 24
85.140.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b2:24:93:82:1d:df:40:31:14:53:8a:f8:b0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8e4bf2661ae3064bc7dd5bcfef19e3f8be8668a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:9f:79:df:40:85:34:77:5f:20:83:49:5b:
31:e8:54:37:c4:66:b5:38:56:f9:3a:3d:40:8a:d2:
85:53:9f:b0:2c:97:f9:0a:4d:c4:86:59:fc:32:46:
52:b2:7d:92:0f:61:34:cf:89:5e:83:2f:67:fd:95:
6e:61:ee:89:b0:25:7c:a5:ec:8a:61:63:86:55:7f:
7d:17:8e:8d:7a:d3:5e:4f:66:a4:2d:5c:2f:c0:db:
90:67:ae:30:9b:8b:c2:39:7f:4e:71:0a:2b:f1:bb:
a1:2e:13:3c:3a:8d:dd:75:4c:6f:b1:20:39:06:f0:
b7:0f:1e:14:6b:1b:41:bd:05:da:df:d4:e7:46:d9:
7d:1a:0a:3e:11:ec:a9:a1:29:37:67:00:53:52:11:
22:3b:44:38:db:44:a1:17:99:e4:5b:48:d7:fa:57:
8d:b0:f3:6d:a8:65:2b:d9:f0:26:83:25:c6:ed:a2:
74:e1:19:87:a0:10:4b:70:c8:f8:1f:80:3b:77:d9:
f8:be:6a:b9:ba:4e:a9:94:e4:7e:ef:f0:9e:eb:d0:
16:12:22:8f:bd:d2:79:f9:e9:bf:7f:3c:bc:b7:29:
d7:66:70:aa:71:f1:3e:67:e4:83:d3:8e:9b:74:e9:
65:0b:b8:44:cf:ac:44:f4:57:e6:04:ac:15:48:da:
bc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E4:BF:26:61:AE:30:64:BC:7D:D5:BC:FE:F1:9E:3F:8B:E8:66:8A
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qOS_JmGuMGS8fdW8_vGeP4voZoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.44.0/22
Signature Algorithm: sha256WithRSAEncryption
12:12:d1:94:e4:af:03:0b:ae:ab:64:f5:70:1b:da:8d:b2:4a:
43:26:fc:0b:48:ab:52:c2:40:80:85:78:0f:cc:be:60:24:13:
f0:c5:98:d7:9c:34:bf:36:63:d2:8a:d8:90:19:46:f9:cb:dc:
93:fe:75:d8:f7:74:1f:fd:91:de:58:4d:69:74:c7:21:d7:83:
2c:6c:57:2e:b1:28:0b:4a:cb:76:65:dd:c9:44:1e:79:a5:43:
b2:ee:46:6d:a6:90:70:c3:77:0a:9a:7d:b9:4f:66:bc:1e:fe:
2b:00:0e:fe:10:57:c1:d1:d8:c2:c7:83:87:0b:89:19:a9:d9:
db:b2:98:88:d0:63:30:cf:4b:37:6c:d6:f5:c3:bd:67:99:06:
d1:43:5d:3c:d6:b8:2f:cd:20:c6:86:08:3b:c6:25:6c:30:cf:
1d:42:e1:9f:66:b1:7e:08:ac:37:c4:61:95:ed:73:8d:93:fb:
5e:00:d1:14:31:95:c1:bb:02:4a:8c:de:74:03:22:ef:9f:89:
f9:08:eb:b9:8f:29:9a:8b:45:13:58:30:e9:03:70:35:37:a8:
81:34:fa:4a:03:e9:57:32:b4:74:db:45:42:72:4e:e0:dc:c4:
72:87:26:98:b8:e9:50:b8:95:ba:ab:12:f5:70:14:c8:08:f4:
88:7c:b1:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2bIkk4Id30AxFFOK+LCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU0YmYyNjYxYWUzMDY0YmM3ZGQ1YmNmZWYxOWUzZjhiZTg2NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFOfed9AhTR3XyCDSVsx6FQ3xGa1
OFb5Oj1AitKFU5+wLJf5Ck3Ehln8MkZSsn2SD2E0z4legy9n/ZVuYe6JsCV8peyK
YWOGVX99F46NetNeT2akLVwvwNuQZ64wm4vCOX9OcQor8buhLhM8Oo3ddUxvsSA5
BvC3Dx4UaxtBvQXa39TnRtl9Ggo+EeypoSk3ZwBTUhEiO0Q420ShF5nkW0jX+leN
sPNtqGUr2fAmgyXG7aJ04RmHoBBLcMj4H4A7d9n4vmq5uk6plOR+7/Ce69AWEiKP
vdJ5+em/fzy8tynXZnCqcfE+Z+SD046bdOllC7hEz6xE9FfmBKwVSNq8kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjkvyZhrjBkvH3VvP7xnj+L6GaKMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvcU9TX0ptR3VNR1M4ZmRXOF92R2VQNHZvWm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYwsMA0G
CSqGSIb3DQEBCwUAA4IBAQASEtGU5K8DC66rZPVwG9qNskpDJvwLSKtSwkCAhXgP
zL5gJBPwxZjXnDS/NmPSitiQGUb5y9yT/nXY93Qf/ZHeWE1pdMch14MsbFcusSgL
Sst2Zd3JRB55pUOy7kZtppBww3cKmn25T2a8Hv4rAA7+EFfB0djCx4OHC4kZqdnb
spiI0GMwz0s3bNb1w71nmQbRQ1081rgvzSDGhgg7xiVsMM8dQuGfZrF+CKw3xGGV
7XONk/teANEUMZXBuwJKjN50AyLvn4n5COu5jymai0UTWDDpA3A1N6iBNPpKA+lX
MrR020VCck7g3MRyhyaYuOlQuJW6qxL1cBTICPSIfLHb
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:51:19 2025 by rpki-client