Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/qKZe04ldZSlu7_AHJzU0TI3QaC8.roa
File: qKZe04ldZSlu7_AHJzU0TI3QaC8.roa (raw, json)
Hash identifier: kca6je5/CpmELYB/XA0kcT0UwcrRUSruB8zxN7wmkto=
Subject key identifier: A8:A6:5E:D3:89:5D:65:29:6E:EF:F0:07:27:35:34:4C:8D:D0:68:2F
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 0194B6DC6D070FE94ECB39AA58A165B65694
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/qKZe04ldZSlu7_AHJzU0TI3QaC8.roa
Signing time: Thu 30 Jan 2025 10:58:06 +0000
ROA not before: Thu 30 Jan 2025 10:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58172
IP address blocks: 91.132.148.0/24 maxlen: 24
91.132.149.0/24 maxlen: 24
91.132.150.0/24 maxlen: 24
91.132.151.0/24 maxlen: 24
91.212.93.0/24 maxlen: 24
91.239.101.0/24 maxlen: 24
128.127.96.0/24 maxlen: 24
128.127.97.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:dc:6d:07:0f:e9:4e:cb:39:aa:58:a1:65:b6:56:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Jan 30 10:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a65ed3895d65296eeff0072735344c8dd0682f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d6:57:a8:1d:08:43:cd:7f:69:51:90:75:55:
bf:17:f7:3f:21:3b:61:56:de:54:d1:e2:d1:38:e1:
c4:ee:68:c9:71:11:6d:b5:7b:33:8c:38:2f:f8:3c:
d7:87:4b:ed:5d:ef:2c:d7:a3:0e:ba:c6:38:19:05:
48:92:89:74:9d:31:59:bb:c1:2a:af:a1:8c:19:b4:
25:f0:ab:c0:b3:d8:f8:82:38:4e:5c:23:6b:8a:a3:
65:35:9b:8f:6b:fd:93:00:55:39:64:b9:c9:af:55:
3a:6c:ac:83:e6:5f:cb:49:7a:25:6d:3e:24:62:a0:
c4:f4:08:48:00:bd:9d:0f:7a:12:e0:5d:12:cb:ee:
e4:12:de:ed:8b:9b:04:a6:5f:9f:dd:60:13:fd:9f:
e9:68:b0:21:6d:d7:43:de:d0:dc:81:c5:4b:b9:af:
a0:15:08:c9:8a:bb:c5:56:f9:0e:28:8e:1d:6b:9c:
32:9f:61:9d:5c:d5:6c:3a:be:b7:79:94:cc:99:3e:
af:68:8d:72:fe:18:83:3d:c8:ee:b2:5c:15:d5:be:
1b:91:21:a2:d2:ee:66:46:fa:fd:ab:a5:de:71:e0:
f0:0e:69:92:5b:45:69:61:25:d7:67:7d:ba:3d:34:
80:7f:de:8e:98:09:61:a0:8c:cf:e9:63:c1:8c:f3:
ad:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A6:5E:D3:89:5D:65:29:6E:EF:F0:07:27:35:34:4C:8D:D0:68:2F
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/qKZe04ldZSlu7_AHJzU0TI3QaC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.148.0/22
91.212.93.0/24
91.239.101.0/24
128.127.96.0/21
178.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
00:ba:d4:9c:92:26:b8:7b:6c:55:8a:da:b4:b8:4a:85:b6:42:
9a:b4:cf:65:5d:b0:d7:f6:3e:cf:ce:f7:18:80:94:9b:b8:d5:
da:5b:e7:b6:30:82:d6:18:e0:2f:ec:37:4d:54:28:cc:6b:d3:
0a:16:36:56:1d:cf:56:70:93:f2:39:74:75:20:70:22:22:ff:
f4:b5:2f:f4:f5:79:9b:37:50:9c:6e:6b:e5:fe:d5:c0:1e:ff:
f0:08:ae:63:b3:21:36:6d:ed:d2:cf:ff:d6:d5:a5:9b:6d:7d:
51:72:47:12:2e:0c:97:2c:97:a0:42:91:ff:d1:84:ba:8a:6c:
59:3b:cd:ba:c5:52:4b:16:9f:0a:fa:c6:52:d1:50:64:e3:91:
11:d3:a1:ef:2c:35:8f:30:ca:c8:77:19:56:2b:22:34:21:e9:
cb:b8:22:09:d9:00:45:36:08:ca:07:be:5a:61:63:fa:b1:ab:
44:28:c1:0b:f3:78:16:90:f7:cf:84:f5:d1:19:dc:03:dc:31:
d3:c7:d8:b2:34:24:90:34:a1:10:29:b7:ec:92:0c:34:67:fc:
cf:f1:7b:0a:5d:15:92:12:7a:7e:3b:23:8a:37:c2:50:5b:d9:
98:2b:c5:9c:69:41:fe:c8:33:ed:59:35:84:d6:21:5c:bf:c1:
69:8f:f8:57
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZS23G0HD+lOyzmqWKFltlaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwMTMwMTA1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE2NWVkMzg5NWQ2NTI5NmVlZmYwMDcyNzM1MzQ0YzhkZDA2ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19ZXqB0IQ81/aVGQdVW/F/c/ITth
Vt5U0eLROOHE7mjJcRFttXszjDgv+DzXh0vtXe8s16MOusY4GQVIkol0nTFZu8Eq
r6GMGbQl8KvAs9j4gjhOXCNriqNlNZuPa/2TAFU5ZLnJr1U6bKyD5l/LSXolbT4k
YqDE9AhIAL2dD3oS4F0Sy+7kEt7ti5sEpl+f3WAT/Z/paLAhbddD3tDcgcVLua+g
FQjJirvFVvkOKI4da5wyn2GdXNVsOr63eZTMmT6vaI1y/hiDPcjuslwV1b4bkSGi
0u5mRvr9q6XeceDwDmmSW0VpYSXXZ326PTSAf96OmAlhoIzP6WPBjPOtIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKimXtOJXWUpbu/wByc1NEyN0GgvMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvcUtaZTA0bGRaU2x1N19BSEp6VTBUSTNRYUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW4SUAwQA
W9RdAwQAW+9lAwQDgH9gAwQDshSwMA0GCSqGSIb3DQEBCwUAA4IBAQAAutSckia4
e2xVitq0uEqFtkKatM9lXbDX9j7PzvcYgJSbuNXaW+e2MILWGOAv7DdNVCjMa9MK
FjZWHc9WcJPyOXR1IHAiIv/0tS/09XmbN1Ccbmvl/tXAHv/wCK5jsyE2be3Sz//W
1aWbbX1RckcSLgyXLJegQpH/0YS6imxZO826xVJLFp8K+sZS0VBk45ER06HvLDWP
MMrIdxlWKyI0IenLuCIJ2QBFNgjKB75aYWP6satEKMEL83gWkPfPhPXRGdwD3DHT
x9iyNCSQNKEQKbfskgw0Z/zP8XsKXRWSEnp+OyOKN8JQW9mYK8WcaUH+yDPtWTWE
1iFcv8Fpj/hX
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:14:27 2025 by rpki-client