Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/QP38gNz3xco5qv5nlkhRVeJhNcc.roa
File: QP38gNz3xco5qv5nlkhRVeJhNcc.roa (raw, json)
Hash identifier: iHHCmYPxx8nMI8Pl/VJqH9lchdWekUpYcRiMjWpeVhA=
Subject key identifier: 40:FD:FC:80:DC:F7:C5:CA:39:AA:FE:67:96:48:51:55:E2:61:35:C7
Certificate issuer: /CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Certificate serial: 019423D759DB4EC57C42D86193B42926FCFF
Authority key identifier: 0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/QP38gNz3xco5qv5nlkhRVeJhNcc.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198288
IP address blocks: 5.34.248.0/21 maxlen: 22
185.44.156.0/22 maxlen: 22
2a00:f8c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:59:db:4e:c5:7c:42:d8:61:93:b4:29:26:fc:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40fdfc80dcf7c5ca39aafe6796485155e26135c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:20:fc:a2:10:cf:56:fe:08:ac:4e:e7:77:
d1:51:cd:ab:3c:5b:3a:89:ae:41:94:81:3f:bc:44:
29:cf:c7:52:47:09:b4:84:f9:87:8a:ef:7b:3c:6e:
f0:a0:56:eb:8c:84:d2:d9:4f:65:c0:51:a1:a7:7d:
ca:5a:f7:59:ed:07:e6:d1:c5:c1:c7:2e:30:6d:62:
bb:07:7a:75:41:03:fc:5a:d5:73:9a:8c:d2:a0:98:
d7:12:e2:37:da:35:39:6f:e4:f5:89:18:a7:ac:56:
2f:a3:0a:ea:aa:7a:98:ad:1c:96:92:ed:fd:77:9b:
22:6b:72:08:15:52:93:b3:f4:b9:c6:d6:3c:2d:31:
a6:72:c8:ae:70:1a:36:05:d2:99:86:39:e8:03:b0:
b7:01:0b:64:f2:1b:6f:25:c0:82:c4:b6:2b:30:67:
15:9a:69:b4:11:a9:a2:6b:8b:f9:6b:e5:38:93:8c:
b0:8b:30:07:ce:14:0d:1c:cf:ba:5b:04:65:ad:00:
a6:fc:a6:c1:ba:00:d3:d5:68:79:30:72:2d:74:13:
94:40:da:63:54:e2:bb:59:02:8e:42:d9:85:13:71:
6e:0e:1e:73:db:0b:f2:81:3a:4e:9e:a4:43:4c:e2:
85:42:bc:f3:8c:81:48:ff:f8:fd:84:41:0b:06:ad:
8a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FD:FC:80:DC:F7:C5:CA:39:AA:FE:67:96:48:51:55:E2:61:35:C7
X509v3 Authority Key Identifier:
keyid:0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/QP38gNz3xco5qv5nlkhRVeJhNcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/CsFWWl9sTlTKLxnTZHWbag7WGEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.248.0/21
185.44.156.0/22
IPv6:
2a00:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:22:87:95:fa:ea:3c:f1:e1:3e:20:ad:78:96:bd:8e:36:1c:
c0:b5:7e:67:c5:ca:52:d0:fd:2b:16:07:b8:c1:86:0a:c8:00:
2c:bb:ce:71:68:f1:32:cb:55:a9:e9:6b:04:12:a9:d4:0a:bd:
c0:67:75:ae:c5:ff:98:b3:9d:2e:e7:d6:90:3a:85:55:79:1d:
d4:30:74:fa:00:07:b8:57:53:b9:82:80:05:9d:08:75:3b:c0:
60:b1:43:c5:82:70:bf:8e:a9:e8:4f:93:1a:bb:66:59:ab:2d:
9c:36:8e:dc:af:30:5a:f8:cb:d1:f3:4e:52:e1:5a:a9:a6:de:
94:57:05:aa:bc:4a:62:97:53:5d:f0:ee:ac:0d:63:c4:8a:90:
62:24:d2:88:c8:45:52:3d:c3:cd:7b:64:5f:9a:34:d8:bf:c6:
64:a5:4e:a0:4a:93:b4:c8:61:22:a4:45:c0:f0:2f:aa:15:b0:
59:30:86:a2:da:38:13:3d:26:1b:59:62:b8:18:6f:5f:8e:8e:
97:7c:93:45:5b:80:df:0f:3b:21:bc:be:e8:5d:60:b1:06:1d:
ac:ef:d1:35:b7:39:d1:59:c4:3d:a2:a4:17:54:7d:ed:9b:e2:
47:63:48:e9:7f:f2:e1:c8:39:b7:7b:c7:63:84:80:f0:de:f7:
6c:b0:70:3e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj11nbTsV8Qthhk7QpJvz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYzE1NjVhNWY2YzRlNTRjYTJmMTlkMzY0NzU5YjZhMGVk
NjE4NDAwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZkZmM4MGRjZjdjNWNhMzlhYWZlNjc5NjQ4NTE1NWUyNjEzNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxkg/KIQz1b+CKxO53fRUc2rPFs6
ia5BlIE/vEQpz8dSRwm0hPmHiu97PG7woFbrjITS2U9lwFGhp33KWvdZ7Qfm0cXB
xy4wbWK7B3p1QQP8WtVzmozSoJjXEuI32jU5b+T1iRinrFYvowrqqnqYrRyWku39
d5sia3IIFVKTs/S5xtY8LTGmcsiucBo2BdKZhjnoA7C3AQtk8htvJcCCxLYrMGcV
mmm0Eamia4v5a+U4k4ywizAHzhQNHM+6WwRlrQCm/KbBugDT1Wh5MHItdBOUQNpj
VOK7WQKOQtmFE3FuDh5z2wvygTpOnqRDTOKFQrzzjIFI//j9hEELBq2KJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFED9/IDc98XKOar+Z5ZIUVXiYTXHMB8GA1UdIwQY
MBaAFArBVlpfbE5Uyi8Z02R1m2oO1hhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3NGV1dsOXNUbFRLTHhuVFpIV2JhZzdXR0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZWRiMjItZmY0Ny00NjVmLTkwNjgt
NWM0YTBlYjIwMTdmLzEvUVAzOGdOejN4Y281cXY1bmxraFJWZUpoTmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZWRiMjItZmY0Ny00NjVmLTkwNjgtNWM0YTBlYjIwMTdm
LzEvQ3NGV1dsOXNUbFRLTHhuVFpIV2JhZzdXR0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBSL4AwQC
uSycMA0EAgACMAcDBQAqAPjAMA0GCSqGSIb3DQEBCwUAA4IBAQBRIoeV+uo88eE+
IK14lr2ONhzAtX5nxcpS0P0rFge4wYYKyAAsu85xaPEyy1Wp6WsEEqnUCr3AZ3Wu
xf+Ys50u59aQOoVVeR3UMHT6AAe4V1O5goAFnQh1O8BgsUPFgnC/jqnoT5Mau2ZZ
qy2cNo7crzBa+MvR805S4Vqppt6UVwWqvEpil1Nd8O6sDWPEipBiJNKIyEVSPcPN
e2RfmjTYv8ZkpU6gSpO0yGEipEXA8C+qFbBZMIai2jgTPSYbWWK4GG9fjo6XfJNF
W4DfDzshvL7oXWCxBh2s79E1tznRWcQ9oqQXVH3tm+JHY0jpf/LhyDm3e8djhIDw
3vdssHA+
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:22:39 2025 by rpki-client