Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/QE0murogrnfrhBNI-lIB055tOnQ.roa
File: QE0murogrnfrhBNI-lIB055tOnQ.roa (raw, json)
Hash identifier: Ksxv7cylSwkoYU8exidDycgsWvNKpl/+njghNlj/jds=
Subject key identifier: 40:4D:26:BA:BA:20:AE:77:EB:84:13:48:FA:52:01:D3:9E:6D:3A:74
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 0194266A0F62AFE24DCDC91A6E3140FD75C9
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/QE0murogrnfrhBNI-lIB055tOnQ.roa
Signing time: Thu 02 Jan 2025 09:47:52 +0000
ROA not before: Thu 02 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51013
IP address blocks: 213.188.152.0/22 maxlen: 22
213.188.156.0/23 maxlen: 23
2a02:250:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:0f:62:af:e2:4d:cd:c9:1a:6e:31:40:fd:75:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 2 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=404d26baba20ae77eb841348fa5201d39e6d3a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:58:28:27:ce:23:87:c5:94:f5:07:cb:2b:5f:
63:b9:fa:13:38:16:94:54:b1:fb:4e:50:6d:5b:84:
9c:1a:fa:95:2f:5a:cd:34:01:1a:54:ef:8e:84:a1:
b3:2b:9e:60:3d:0d:4b:54:2a:ca:a3:ba:8d:42:64:
fe:b6:cc:c3:d6:b8:3b:f3:e9:07:ea:7e:be:a3:6a:
3c:f8:c1:13:27:de:f1:1b:d1:bb:cd:6a:01:ae:02:
ab:82:29:f6:ce:4f:7b:23:c2:68:f5:0f:cb:4d:44:
64:a9:82:ed:c5:3b:14:c6:7a:15:95:e7:5a:da:74:
e1:ab:aa:04:b5:31:97:dc:be:22:bf:e7:ec:14:b8:
6c:bc:cf:18:aa:29:60:94:0b:64:56:1a:c5:25:a1:
0e:44:f2:4e:e1:0a:d0:e7:99:87:89:de:6c:1e:cf:
f8:0b:91:d6:38:05:a8:db:d4:d3:c0:9f:9c:9f:1d:
9e:1c:a0:ad:dc:57:84:1a:94:79:27:f0:69:5a:fd:
db:7a:14:2a:0a:39:cf:cd:ff:88:b4:d1:96:3e:7b:
45:ac:3f:d8:4b:e7:a0:cf:bb:e5:59:cf:15:71:66:
68:93:4c:8e:2d:9c:49:c5:05:27:9b:30:f0:1d:37:
10:d6:fa:9c:bc:31:8a:84:9d:4c:38:23:35:8b:d9:
b4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4D:26:BA:BA:20:AE:77:EB:84:13:48:FA:52:01:D3:9E:6D:3A:74
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/QE0murogrnfrhBNI-lIB055tOnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.188.152.0-213.188.157.255
IPv6:
2a02:250:2::/48
Signature Algorithm: sha256WithRSAEncryption
84:3a:22:c6:ff:d7:31:c0:fe:27:fb:30:23:ab:4d:92:91:68:
d0:a0:87:74:46:be:b4:cb:45:f6:92:31:c4:f8:e0:e9:af:3e:
8d:f6:25:00:77:72:57:ba:44:ac:9e:57:fb:88:6c:f4:a9:60:
c5:70:19:b5:fe:85:61:65:3a:72:84:44:ef:57:98:25:a4:21:
f4:24:d6:25:27:8b:e0:a3:5e:5d:00:1d:2d:ea:57:94:cb:7a:
ff:7a:81:8c:24:d3:a6:45:95:57:5d:ac:8f:c9:e8:64:74:4b:
96:da:04:f8:74:12:b8:b6:75:67:aa:4d:15:20:81:4b:ad:84:
6f:30:ff:3e:c0:a5:3a:35:07:24:04:7d:bb:81:a0:27:31:16:
fc:cb:69:b5:ec:68:71:b0:76:99:95:4f:66:cb:e1:3b:57:9f:
ad:7d:10:c9:f5:2c:e1:32:36:07:f2:62:1f:ae:e6:74:55:f4:
f8:2f:65:e6:45:fc:78:ad:9a:54:ba:b1:0e:d6:c4:bd:8a:94:
58:71:df:e2:68:6b:9b:41:33:52:36:a8:35:25:81:68:58:12:
d7:5b:39:0e:11:f1:5b:b2:ed:cd:c2:3d:7c:c7:83:03:bf:3c:
ad:05:43:e9:d6:ce:19:8b:24:99:d3:da:e5:cc:c6:6d:89:97:
16:0b:f0:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQmag9ir+JNzckabjFA/XXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjUwMTAyMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRkMjZiYWJhMjBhZTc3ZWI4NDEzNDhmYTUyMDFkMzllNmQzYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1goJ84jh8WU9QfLK19jufoTOBaU
VLH7TlBtW4ScGvqVL1rNNAEaVO+OhKGzK55gPQ1LVCrKo7qNQmT+tszD1rg78+kH
6n6+o2o8+METJ97xG9G7zWoBrgKrgin2zk97I8Jo9Q/LTURkqYLtxTsUxnoVleda
2nThq6oEtTGX3L4iv+fsFLhsvM8YqilglAtkVhrFJaEORPJO4QrQ55mHid5sHs/4
C5HWOAWo29TTwJ+cnx2eHKCt3FeEGpR5J/BpWv3behQqCjnPzf+ItNGWPntFrD/Y
S+egz7vlWc8VcWZok0yOLZxJxQUnmzDwHTcQ1vqcvDGKhJ1MOCM1i9m0ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBNJrq6IK5364QTSPpSAdOebTp0MB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvUUUwbXVyb2dybmZyaEJOSS1sSUIwNTV0T25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPVvJgD
BAHVvJwwDwQCAAIwCQMHACoCAlAAAjANBgkqhkiG9w0BAQsFAAOCAQEAhDoixv/X
McD+J/swI6tNkpFo0KCHdEa+tMtF9pIxxPjg6a8+jfYlAHdyV7pErJ5X+4hs9Klg
xXAZtf6FYWU6coRE71eYJaQh9CTWJSeL4KNeXQAdLepXlMt6/3qBjCTTpkWVV12s
j8noZHRLltoE+HQSuLZ1Z6pNFSCBS62EbzD/PsClOjUHJAR9u4GgJzEW/Mtptexo
cbB2mZVPZsvhO1efrX0QyfUs4TI2B/JiH67mdFX0+C9l5kX8eK2aVLqxDtbEvYqU
WHHf4mhrm0EzUjaoNSWBaFgS11s5DhHxW7LtzcI9fMeDA788rQVD6dbOGYskmdPa
5czGbYmXFgvwZg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:31:18 2025 by rpki-client