Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qegn6rKTYeBsjc4SCsbtD3nkXIY.roa
File: Qegn6rKTYeBsjc4SCsbtD3nkXIY.roa (raw, json)
Hash identifier: L0tLGFkuWFIKwICmtL17UlqlhulwH0ojyrlH6YIUJls=
Subject key identifier: 41:E8:27:EA:B2:93:61:E0:6C:8D:CE:12:0A:C6:ED:0F:79:E4:5C:86
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9121D545E58620F446E015DCDBB7
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qegn6rKTYeBsjc4SCsbtD3nkXIY.roa
Signing time: Thu 02 Jan 2025 09:49:31 +0000
ROA not before: Thu 02 Jan 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60494
IP address blocks: 31.200.240.0/24 maxlen: 24
31.200.241.0/24 maxlen: 24
31.200.242.0/24 maxlen: 24
31.200.243.0/24 maxlen: 24
31.200.244.0/24 maxlen: 24
31.200.245.0/24 maxlen: 24
31.200.246.0/24 maxlen: 24
31.200.247.0/24 maxlen: 24
37.153.88.0/24 maxlen: 24
37.153.89.0/24 maxlen: 24
37.153.90.0/24 maxlen: 24
37.153.91.0/24 maxlen: 24
37.153.92.0/24 maxlen: 24
37.153.93.0/24 maxlen: 24
37.153.94.0/24 maxlen: 24
37.153.95.0/24 maxlen: 24
185.40.144.0/24 maxlen: 24
185.40.145.0/24 maxlen: 24
185.40.146.0/24 maxlen: 24
185.40.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:91:21:d5:45:e5:86:20:f4:46:e0:15:dc:db:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e827eab29361e06c8dce120ac6ed0f79e45c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3b:b6:c4:5a:0b:7d:9b:66:a0:f9:56:e1:a1:
ec:de:de:5d:0e:79:52:2f:c1:7a:e6:e6:dc:e8:08:
c1:f3:ae:8f:48:67:cb:25:cb:0e:f7:bd:45:6b:c2:
70:3d:06:a4:9d:76:25:f4:95:0d:3f:73:78:d9:ff:
30:22:88:9f:ec:26:0f:37:2b:8e:3a:48:84:3d:26:
de:56:27:e5:15:99:41:bb:c1:ff:12:50:d9:54:8f:
dc:a4:2f:8a:88:6e:a0:c5:f5:b9:5c:0e:81:fd:19:
63:fd:28:8f:55:a6:6a:06:0a:df:e7:03:f7:7e:d2:
6e:35:d0:0d:78:28:a0:d6:5b:8e:e6:8e:95:8c:1c:
41:8b:c7:43:7a:24:21:f4:57:b3:b8:0a:0d:e5:c2:
44:03:8c:8f:da:c4:e6:c6:fb:5e:fd:e2:15:e4:7f:
1f:77:bc:77:cd:e6:27:ec:f7:1b:57:b6:de:f2:95:
9d:d7:7b:6c:35:a7:c5:7e:23:08:96:4d:6f:8f:2a:
04:29:6b:f3:f7:9d:c8:39:1e:0c:4a:6a:a1:d4:e2:
64:16:d4:ce:09:65:91:65:3f:4e:2b:fa:42:5d:1b:
c7:2d:a1:69:f2:cd:6c:f6:c4:60:77:fe:df:6e:11:
f8:e1:50:a1:06:23:c9:b2:76:a5:e1:8d:87:fc:1c:
13:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E8:27:EA:B2:93:61:E0:6C:8D:CE:12:0A:C6:ED:0F:79:E4:5C:86
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qegn6rKTYeBsjc4SCsbtD3nkXIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.240.0/21
37.153.88.0/21
185.40.144.0/22
Signature Algorithm: sha256WithRSAEncryption
90:45:b5:c9:76:bf:6c:7d:3e:f8:1d:4f:d5:cf:7e:04:ff:ec:
ec:98:87:21:80:cd:b4:b7:0f:16:fe:ee:67:d4:8a:8d:cc:68:
ec:cb:36:a9:4f:47:a8:1a:13:67:f6:0a:0a:f4:a5:e6:41:af:
0a:43:94:05:00:66:a2:f8:6e:dc:b5:1f:e2:ac:87:0c:78:05:
b2:38:2d:a1:8d:fc:15:c8:67:e5:4a:6f:13:2c:1a:cc:62:92:
84:98:94:ec:f0:6d:18:6e:06:ee:67:e3:26:e6:f9:bb:c5:f1:
71:a5:07:0f:25:32:9d:65:ed:83:b2:9d:d7:46:1a:09:12:cf:
e8:76:84:04:3b:6d:e6:47:c2:27:58:10:be:a9:55:d0:9b:96:
a0:5f:96:01:4c:40:15:7c:03:9a:11:dd:19:00:d0:dc:0b:c0:
40:17:cf:b4:c7:e0:ae:10:29:0f:e5:fc:e2:ff:25:b8:97:3e:
04:3b:f3:58:0c:e5:c3:b1:b5:f1:02:98:55:a8:2e:a7:3f:93:
a8:32:0a:4d:2b:89:5c:a0:3c:29:ce:d9:a5:27:7c:7b:8e:cf:
46:ee:56:ea:90:01:f3:3d:91:47:b9:49:af:8f:1b:bc:7c:b2:
74:db:77:2a:1c:30:f8:b6:35:5e:ee:87:8b:7c:26:ef:98:f0:
50:46:08:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma5Eh1UXlhiD0RuAV3Nu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4MjdlYWIyOTM2MWUwNmM4ZGNlMTIwYWM2ZWQwZjc5ZTQ1Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmju2xFoLfZtmoPlW4aHs3t5dDnlS
L8F65ubc6AjB866PSGfLJcsO971Fa8JwPQaknXYl9JUNP3N42f8wIoif7CYPNyuO
OkiEPSbeViflFZlBu8H/ElDZVI/cpC+KiG6gxfW5XA6B/Rlj/SiPVaZqBgrf5wP3
ftJuNdANeCig1luO5o6VjBxBi8dDeiQh9FezuAoN5cJEA4yP2sTmxvte/eIV5H8f
d7x3zeYn7PcbV7be8pWd13tsNafFfiMIlk1vjyoEKWvz953IOR4MSmqh1OJkFtTO
CWWRZT9OK/pCXRvHLaFp8s1s9sRgd/7fbhH44VChBiPJsnal4Y2H/BwTfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEHoJ+qyk2HgbI3OEgrG7Q955FyGMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvUWVnbjZyS1RZZUJzamM0U0NzYnREM25rWElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH8jwAwQD
JZlYAwQCuSiQMA0GCSqGSIb3DQEBCwUAA4IBAQCQRbXJdr9sfT74HU/Vz34E/+zs
mIchgM20tw8W/u5n1IqNzGjsyzapT0eoGhNn9goK9KXmQa8KQ5QFAGai+G7ctR/i
rIcMeAWyOC2hjfwVyGflSm8TLBrMYpKEmJTs8G0YbgbuZ+Mm5vm7xfFxpQcPJTKd
Ze2Dsp3XRhoJEs/odoQEO23mR8InWBC+qVXQm5agX5YBTEAVfAOaEd0ZANDcC8BA
F8+0x+CuECkP5fzi/yW4lz4EO/NYDOXDsbXxAphVqC6nP5OoMgpNK4lcoDwpztml
J3x7js9G7lbqkAHzPZFHuUmvjxu8fLJ023cqHDD4tjVe7oeLfCbvmPBQRghh
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:03 2025 by rpki-client