Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/qCN60w_x-oGbWk9dJFQjhmRvG_w.roa
File: qCN60w_x-oGbWk9dJFQjhmRvG_w.roa (raw, json)
Hash identifier: 3MFYzwF5Ia2kl0ezcPYrTU5n3HhB+44i6mtYyZs/pK8=
Subject key identifier: A8:23:7A:D3:0F:F1:FA:81:9B:5A:4F:5D:24:54:23:86:64:6F:1B:FC
Certificate issuer: /CN=ba94caab27375edf61bf8c99cc1c2b6abbafff15
Certificate serial: 01889F55ABC86C01838097F007ED2CE97DC8
Authority key identifier: BA:94:CA:AB:27:37:5E:DF:61:BF:8C:99:CC:1C:2B:6A:BB:AF:FF:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upTKqyc3Xt9hv4yZzBwraruv_xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/qCN60w_x-oGbWk9dJFQjhmRvG_w.roa
Signing time: Fri 09 Jun 2023 08:46:11 +0000
ROA not before: Fri 09 Jun 2023 08:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 185.94.32.0/22 maxlen: 22
185.68.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:55:ab:c8:6c:01:83:80:97:f0:07:ed:2c:e9:7d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba94caab27375edf61bf8c99cc1c2b6abbafff15
Validity
Not Before: Jun 9 08:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8237ad30ff1fa819b5a4f5d24542386646f1bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f6:41:6b:55:c8:36:97:93:4f:91:0e:5e:25:
68:06:e7:2c:e6:cb:5f:9b:f2:4e:d4:16:5c:40:5d:
88:84:fb:1c:5c:ec:bc:95:7a:1d:4d:81:8a:58:63:
82:ef:8e:cb:07:53:90:a9:1b:d1:83:a5:f5:41:7b:
ed:b7:a3:38:d6:2e:37:a7:46:00:83:a1:a2:ce:51:
e8:f7:dc:0d:50:c8:7b:ee:5e:39:67:f6:f0:9d:62:
6c:db:27:a0:1e:3f:6e:82:78:a1:e3:be:a7:9d:d4:
d0:bf:c9:bd:8f:85:fb:8b:e8:65:f5:24:d4:5f:c7:
aa:0a:01:a5:bd:f7:a8:26:90:be:95:0d:97:a7:cb:
e9:91:f1:8d:3c:54:89:62:a0:ff:be:6b:c6:d5:1c:
73:4a:b6:5e:94:8c:16:ff:35:e2:1f:ab:a2:29:bc:
1d:10:0e:87:46:d2:26:e8:d5:93:ac:4d:0e:b3:ba:
8b:96:8c:e9:9c:3a:5c:6b:11:e1:ea:ee:76:d4:fd:
2f:61:71:81:0f:ab:ca:1e:62:c2:1e:9b:7c:00:80:
73:f9:01:d8:2b:57:d7:b4:4a:e4:91:01:fc:f1:c5:
c9:fc:d7:ea:b5:13:dc:9c:8d:02:a8:4e:86:51:42:
5c:37:85:22:94:e2:fb:86:b5:95:c1:80:9a:88:4d:
47:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:23:7A:D3:0F:F1:FA:81:9B:5A:4F:5D:24:54:23:86:64:6F:1B:FC
X509v3 Authority Key Identifier:
keyid:BA:94:CA:AB:27:37:5E:DF:61:BF:8C:99:CC:1C:2B:6A:BB:AF:FF:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upTKqyc3Xt9hv4yZzBwraruv_xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/qCN60w_x-oGbWk9dJFQjhmRvG_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/upTKqyc3Xt9hv4yZzBwraruv_xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.152.0/22
185.94.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:6b:42:f7:27:1b:3c:aa:ca:e9:df:9e:a7:d0:8b:31:b7:3e:
23:a5:bc:b4:fb:a5:57:1d:5c:04:35:58:1a:7c:2c:e7:33:7f:
7d:2b:81:12:42:1a:92:73:62:28:f4:c6:b1:65:7e:bb:0b:ee:
0b:f1:3d:ae:89:3c:56:90:b1:17:fa:e8:fa:8e:7f:ee:1d:e4:
ca:a4:69:d7:5c:86:59:98:85:c4:6d:75:3c:44:a2:2c:b2:2c:
ce:c9:97:f4:7f:6a:ab:f0:b7:a7:d8:d4:cd:06:96:5b:1a:5a:
d7:76:c0:27:7d:e7:eb:22:da:ae:a3:0d:ed:09:a2:8e:93:4b:
97:ca:fb:b5:2d:91:2b:ad:3a:4c:cd:0f:72:05:dd:b8:eb:c6:
6b:49:bc:cd:76:80:d7:44:af:ea:db:f8:ce:6c:05:2d:04:91:
f5:8a:b6:c9:49:de:48:04:a1:33:bb:85:ac:39:50:de:d8:f0:
ba:12:dc:34:19:92:7a:bb:cf:99:c6:1d:62:ec:67:6d:8c:bf:
5c:c2:9d:12:3b:e9:7e:5a:43:82:1e:6f:c1:0b:58:92:40:e5:
38:03:5d:b0:78:d1:09:2e:f9:30:fd:a6:ee:31:c1:d0:bd:40:
de:d1:b5:2f:00:23:c7:08:a9:49:8f:16:3a:ca:cf:02:4e:9d:
ad:da:59:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYifVavIbAGDgJfwB+0s6X3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTRjYWFiMjczNzVlZGY2MWJmOGM5OWNjMWMyYjZhYmJh
ZmZmMTUwHhcNMjMwNjA5MDg0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODIzN2FkMzBmZjFmYTgxOWI1YTRmNWQyNDU0MjM4NjY0NmYxYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/ZBa1XINpeTT5EOXiVoBucs5stf
m/JO1BZcQF2IhPscXOy8lXodTYGKWGOC747LB1OQqRvRg6X1QXvtt6M41i43p0YA
g6GizlHo99wNUMh77l45Z/bwnWJs2yegHj9ugnih476nndTQv8m9j4X7i+hl9STU
X8eqCgGlvfeoJpC+lQ2Xp8vpkfGNPFSJYqD/vmvG1RxzSrZelIwW/zXiH6uiKbwd
EA6HRtIm6NWTrE0Os7qLlozpnDpcaxHh6u521P0vYXGBD6vKHmLCHpt8AIBz+QHY
K1fXtErkkQH88cXJ/NfqtRPcnI0CqE6GUUJcN4UilOL7hrWVwYCaiE1HBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKgjetMP8fqBm1pPXSRUI4Zkbxv8MB8GA1UdIwQY
MBaAFLqUyqsnN17fYb+MmcwcK2q7r/8VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBUS3F5YzNYdDlodjR5WnpCd3JhcnV2X3hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9iNzdiODEtZTVkNC00OGJjLWJlNzct
MjEzNzcxNjUyNTk5LzEvcUNONjB3X3gtb0diV2s5ZEpGUWpobVJ2R193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9iNzdiODEtZTVkNC00OGJjLWJlNzctMjEzNzcxNjUyNTk5
LzEvdXBUS3F5YzNYdDlodjR5WnpCd3JhcnV2X3hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSYAwQC
uV4gMA0GCSqGSIb3DQEBCwUAA4IBAQB+a0L3Jxs8qsrp356n0Isxtz4jpby0+6VX
HVwENVgafCznM399K4ESQhqSc2Io9MaxZX67C+4L8T2uiTxWkLEX+uj6jn/uHeTK
pGnXXIZZmIXEbXU8RKIssizOyZf0f2qr8Len2NTNBpZbGlrXdsAnfefrItquow3t
CaKOk0uXyvu1LZErrTpMzQ9yBd2468ZrSbzNdoDXRK/q2/jObAUtBJH1irbJSd5I
BKEzu4WsOVDe2PC6Etw0GZJ6u8+Zxh1i7GdtjL9cwp0SO+l+WkOCHm/BC1iSQOU4
A12weNEJLvkw/abuMcHQvUDe0bUvACPHCKlJjxY6ys8CTp2t2lmA
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:07:24 2025 by rpki-client