Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/QHWMs-MZjDSwChSISEL6Gl0q8mw.roa
File: QHWMs-MZjDSwChSISEL6Gl0q8mw.roa (raw, json)
Hash identifier: MTwg/6CPgLRHHoER9F5LK/UDna9Vp7Lok94EKexAIUI=
Subject key identifier: 40:75:8C:B3:E3:19:8C:34:B0:0A:14:88:48:42:FA:1A:5D:2A:F2:6C
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 0194221FF8D33EAE2F0029D175296D1ABAC6
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/QHWMs-MZjDSwChSISEL6Gl0q8mw.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202220
IP address blocks: 83.230.14.0/24 maxlen: 24
195.82.162.0/24 maxlen: 24
195.82.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f8:d3:3e:ae:2f:00:29:d1:75:29:6d:1a:ba:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40758cb3e3198c34b00a14884842fa1a5d2af26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:09:ec:5c:1b:6c:b8:7f:7e:1a:27:f6:39:4a:
cf:45:11:61:30:e5:ed:e0:cd:77:85:dd:c4:85:8a:
f9:0a:78:42:f3:d8:2c:8f:ce:3a:f9:eb:80:be:9e:
3b:94:a5:51:31:48:e5:2c:db:ad:ee:02:e9:51:a6:
aa:d6:aa:f5:cc:84:a5:c2:61:fd:f1:cc:62:69:cf:
74:51:d8:d0:2c:b5:82:77:1e:15:42:4f:08:ae:c0:
72:06:ef:f2:85:52:98:c2:55:2c:13:f8:0c:cb:53:
6d:ba:75:ae:87:54:64:eb:29:a4:80:b6:b8:36:6f:
0f:49:95:67:31:f1:a4:1c:47:ff:3e:d3:1a:84:8c:
42:b4:2d:68:de:dc:90:fb:b9:1a:25:f5:f8:a9:78:
71:96:5a:ad:4a:ba:49:3c:a4:6d:af:6f:4a:ab:e0:
13:71:e2:a3:fc:bd:79:80:6d:99:8f:9f:a9:80:6c:
4b:ab:42:c1:da:75:5f:e5:ab:35:7c:15:aa:f5:31:
c0:cd:3b:02:46:6d:c2:7d:6e:90:d1:15:d1:32:20:
13:8e:54:e9:f2:05:c9:e6:ad:34:48:de:9e:cf:66:
81:48:e3:cb:ac:22:25:7a:e4:fb:36:7f:ac:d8:b8:
7d:fe:9c:8f:c6:59:91:76:40:37:5b:7d:c5:11:e7:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:75:8C:B3:E3:19:8C:34:B0:0A:14:88:48:42:FA:1A:5D:2A:F2:6C
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/QHWMs-MZjDSwChSISEL6Gl0q8mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.14.0/24
195.82.162.0/24
195.82.166.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8b:ad:6c:ec:78:b8:d8:a9:9f:79:3e:aa:a4:46:07:b5:10:
15:1d:f6:49:43:b3:d2:66:60:4c:39:e2:27:7f:f5:6b:b8:a6:
82:22:cb:ea:b3:ad:4a:a8:74:0e:c1:67:e4:07:4e:c3:db:cf:
fd:3a:50:01:0b:2b:ea:0e:27:1a:39:dc:5e:0d:30:95:0c:4b:
34:c9:13:b0:35:cb:82:c2:a7:58:5b:49:fd:89:51:29:14:5e:
f1:79:08:f5:79:0d:e6:d1:02:33:40:92:52:e0:6e:ca:51:db:
0a:01:01:50:3d:eb:e7:35:ef:37:c9:e0:70:20:b9:ed:d8:29:
72:75:bc:2d:7d:11:1d:f4:76:77:1f:d9:01:db:e8:73:00:71:
d8:ad:38:20:9e:2f:3f:ea:4c:11:32:a0:44:b0:d2:91:4b:63:
0f:33:6d:e6:cd:30:ef:b2:5d:9d:5c:3d:40:78:68:b6:da:8f:
9a:4d:6a:a1:47:c7:e9:4f:51:f9:9e:0a:06:c3:36:05:9a:f2:
a8:48:6e:c7:ee:5d:de:0c:d4:d2:cf:24:ea:03:94:02:24:aa:
ec:cb:64:bc:4c:90:6b:84:ad:0a:45:74:bf:bc:9b:66:ef:31:
5f:02:88:0d:b1:88:ed:5e:b8:6c:b5:d8:a3:ca:06:73:46:29:
59:0b:39:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH/jTPq4vACnRdSltGrrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc1OGNiM2UzMTk4YzM0YjAwYTE0ODg0ODQyZmExYTVkMmFmMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AnsXBtsuH9+Gif2OUrPRRFhMOXt
4M13hd3EhYr5CnhC89gsj846+euAvp47lKVRMUjlLNut7gLpUaaq1qr1zISlwmH9
8cxiac90UdjQLLWCdx4VQk8IrsByBu/yhVKYwlUsE/gMy1NtunWuh1Rk6ymkgLa4
Nm8PSZVnMfGkHEf/PtMahIxCtC1o3tyQ+7kaJfX4qXhxllqtSrpJPKRtr29Kq+AT
ceKj/L15gG2Zj5+pgGxLq0LB2nVf5as1fBWq9THAzTsCRm3CfW6Q0RXRMiATjlTp
8gXJ5q00SN6ez2aBSOPLrCIleuT7Nn+s2Lh9/pyPxlmRdkA3W33FEedRUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEB1jLPjGYw0sAoUiEhC+hpdKvJsMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEvUUhXTXMtTVpqRFN3Q2hTSVNFTDZHbDBxOG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU+YOAwQA
w1KiAwQAw1KmMA0GCSqGSIb3DQEBCwUAA4IBAQBWi61s7Hi42KmfeT6qpEYHtRAV
HfZJQ7PSZmBMOeInf/VruKaCIsvqs61KqHQOwWfkB07D28/9OlABCyvqDicaOdxe
DTCVDEs0yROwNcuCwqdYW0n9iVEpFF7xeQj1eQ3m0QIzQJJS4G7KUdsKAQFQPevn
Ne83yeBwILnt2ClydbwtfREd9HZ3H9kB2+hzAHHYrTggni8/6kwRMqBEsNKRS2MP
M23mzTDvsl2dXD1AeGi22o+aTWqhR8fpT1H5ngoGwzYFmvKoSG7H7l3eDNTSzyTq
A5QCJKrsy2S8TJBrhK0KRXS/vJtm7zFfAogNsYjtXrhstdijygZzRilZCzlB
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:00:52 2025 by rpki-client