Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/QZnvDoS-RiFOBfwEri-Vi3VzE08.roa
File: QZnvDoS-RiFOBfwEri-Vi3VzE08.roa (raw, json)
Hash identifier: pq0uuNF29P04b/JIWH4m5rjDJmcdVf2o36EBp7l6HfM=
Subject key identifier: 41:99:EF:0E:84:BE:46:21:4E:05:FC:04:AE:2F:95:8B:75:73:13:4F
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 019427B58FA1CF139058A1EF287101E6F877
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/QZnvDoS-RiFOBfwEri-Vi3VzE08.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210539
IP address blocks: 185.162.90.0/24 maxlen: 24
185.170.128.0/24 maxlen: 24
185.170.130.0/24 maxlen: 24
185.196.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8f:a1:cf:13:90:58:a1:ef:28:71:01:e6:f8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4199ef0e84be46214e05fc04ae2f958b7573134f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:12:00:92:2a:4e:f9:2b:b1:4a:b2:86:5c:9d:
6c:dd:c6:58:02:8d:73:3b:78:f8:5e:d9:c1:17:b5:
8f:3a:8b:d7:b7:6a:d4:fc:e5:65:f7:b6:d8:17:74:
b4:62:27:1d:90:ef:d3:9d:43:45:ca:27:45:51:77:
28:8c:06:ff:e1:7c:53:bc:2b:01:cd:ad:7f:b2:40:
3f:21:3b:6a:e2:e8:7c:04:92:d3:be:a7:ee:4b:d0:
9b:b7:49:a4:cf:56:22:9c:14:d7:f3:69:3a:98:67:
1c:91:af:14:82:ed:f4:43:f4:55:f3:b2:c3:6f:3b:
79:1a:f4:45:5e:f2:9e:7c:7c:4f:5d:a1:04:b8:da:
04:7a:bb:aa:a7:92:01:30:ba:4e:7b:63:30:8e:81:
51:65:2d:43:ce:8d:08:59:89:0d:f0:ec:20:97:52:
9a:4b:b9:10:08:3a:34:fb:f1:0f:33:3c:c7:25:67:
90:81:6e:74:10:61:6d:c8:90:b2:a5:ce:90:de:76:
68:f4:d1:9a:9b:15:a3:7f:6c:fc:e7:eb:03:87:6f:
44:c6:7a:c1:9f:e4:5b:48:b3:5a:1d:2e:c4:08:3e:
10:b8:06:32:84:31:16:ae:5c:64:e3:a4:4c:5c:86:
35:79:fe:f7:21:e7:92:00:5d:94:03:08:20:0a:66:
d3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:99:EF:0E:84:BE:46:21:4E:05:FC:04:AE:2F:95:8B:75:73:13:4F
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/QZnvDoS-RiFOBfwEri-Vi3VzE08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.90.0/24
185.170.128.0/24
185.170.130.0/24
185.196.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:a6:d4:c6:b8:42:c8:71:45:dc:67:2f:b8:ad:63:5d:9b:ab:
78:da:84:6a:30:43:fd:38:6b:25:7e:f3:36:a6:5b:0f:3e:96:
da:e6:ef:b1:1e:20:29:f2:fc:ba:c9:eb:59:0f:4d:c1:4b:97:
4c:97:5c:d8:f5:fe:51:ac:15:f0:ce:36:fd:6c:ea:bd:95:de:
98:9c:b0:fd:0c:23:0e:49:5b:aa:ea:16:cb:6f:a7:33:05:c2:
12:57:aa:bf:ee:5c:fe:c2:c1:64:0b:ee:03:4f:e2:19:3e:d5:
0d:5e:44:83:35:97:93:70:41:23:9a:d0:e5:2a:e3:86:09:94:
d4:58:89:11:69:68:a1:89:be:e5:a1:e9:7d:a5:6e:ec:68:84:
4a:4c:3d:44:3d:5e:e1:89:6c:e3:73:55:ec:e7:a0:bf:bc:4e:
04:08:cd:cc:aa:0a:27:ba:8a:c8:69:f1:fa:2d:44:3c:52:c3:
0a:e7:01:77:4d:70:0f:59:be:e4:4b:89:3a:c0:a0:07:0a:52:
2b:16:e3:8f:8d:85:76:ad:6b:f8:84:a8:52:bf:e0:d9:37:13:
e6:a9:a5:4e:ef:fc:08:c6:c9:98:6d:c5:b0:b2:ec:76:e3:15:
a2:0e:3c:c7:4e:aa:19:f6:1a:6f:d0:c2:d8:18:85:8f:5c:8b:
c0:d0:fc:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntY+hzxOQWKHvKHEB5vh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk5ZWYwZTg0YmU0NjIxNGUwNWZjMDRhZTJmOTU4Yjc1NzMxMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhIAkipO+SuxSrKGXJ1s3cZYAo1z
O3j4XtnBF7WPOovXt2rU/OVl97bYF3S0YicdkO/TnUNFyidFUXcojAb/4XxTvCsB
za1/skA/ITtq4uh8BJLTvqfuS9Cbt0mkz1YinBTX82k6mGccka8Ugu30Q/RV87LD
bzt5GvRFXvKefHxPXaEEuNoEeruqp5IBMLpOe2MwjoFRZS1Dzo0IWYkN8Owgl1Ka
S7kQCDo0+/EPMzzHJWeQgW50EGFtyJCypc6Q3nZo9NGamxWjf2z85+sDh29ExnrB
n+RbSLNaHS7ECD4QuAYyhDEWrlxk46RMXIY1ef73IeeSAF2UAwggCmbTzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEGZ7w6EvkYhTgX8BK4vlYt1cxNPMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvUVpudkRvUy1SaUZPQmZ3RXJpLVZpM1Z6RTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaJaAwQA
uaqAAwQAuaqCAwQAucTdMA0GCSqGSIb3DQEBCwUAA4IBAQCdptTGuELIcUXcZy+4
rWNdm6t42oRqMEP9OGslfvM2plsPPpba5u+xHiAp8vy6yetZD03BS5dMl1zY9f5R
rBXwzjb9bOq9ld6YnLD9DCMOSVuq6hbLb6czBcISV6q/7lz+wsFkC+4DT+IZPtUN
XkSDNZeTcEEjmtDlKuOGCZTUWIkRaWihib7loel9pW7saIRKTD1EPV7hiWzjc1Xs
56C/vE4ECM3MqgonuorIafH6LUQ8UsMK5wF3TXAPWb7kS4k6wKAHClIrFuOPjYV2
rWv4hKhSv+DZNxPmqaVO7/wIxsmYbcWwsux24xWiDjzHTqoZ9hpv0MLYGIWPXIvA
0PwX
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:54:13 2025 by rpki-client