Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/58QzCphRddJsBqi71H5oisOTtGM.roa
File: 58QzCphRddJsBqi71H5oisOTtGM.roa (raw, json)
Hash identifier: K7oZA9oPzuB3kuDmCdohN1gPlNbeKKgYedD/MB4pxbM=
Subject key identifier: E7:C4:33:0A:98:51:75:D2:6C:06:A8:BB:D4:7E:68:8A:C3:93:B4:63
Certificate issuer: /CN=a1ebf54d028ee4764f62f78ad871dbf026228788
Certificate serial: 019422201B7CF09129042B0A51AC26CE6E20
Authority key identifier: A1:EB:F5:4D:02:8E:E4:76:4F:62:F7:8A:D8:71:DB:F0:26:22:87:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oev1TQKO5HZPYveK2HHb8CYih4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/58QzCphRddJsBqi71H5oisOTtGM.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6663
IP address blocks: 185.137.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1b:7c:f0:91:29:04:2b:0a:51:ac:26:ce:6e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1ebf54d028ee4764f62f78ad871dbf026228788
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7c4330a985175d26c06a8bbd47e688ac393b463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a7:70:11:9e:b2:cd:bc:be:ed:80:00:56:c7:
8c:50:15:97:87:a9:3b:f0:70:72:c8:70:39:ee:ae:
46:3e:8b:22:c2:76:26:50:b8:89:7b:6e:4a:17:d7:
df:4c:4d:ab:92:d9:9a:32:47:17:47:95:19:13:f8:
c8:08:88:90:38:3f:4c:41:78:38:42:9f:84:16:6a:
c0:44:14:9c:e6:f2:89:33:36:73:5f:de:22:b7:76:
d6:d8:8e:46:41:89:fc:ad:20:ee:2a:75:9d:5e:6b:
8d:6f:1d:c8:5f:5b:6f:1a:c0:62:03:0f:6d:96:e5:
2d:55:3e:d2:c4:92:8f:3f:ae:2a:18:7f:3b:a6:91:
b7:83:d6:a0:a9:2a:2c:f5:57:42:9d:ab:af:f8:5b:
98:23:72:aa:e9:8f:53:8b:5a:9b:e5:36:14:17:a4:
e5:5d:54:cc:41:b3:89:11:1f:4b:96:09:1b:5f:47:
09:ac:bf:d1:c7:00:24:54:8a:06:6b:80:4a:bd:4d:
31:55:1a:ae:ed:c5:fd:86:fc:86:d1:a3:96:51:83:
09:37:52:6d:62:3c:3b:fb:c1:6c:21:0a:dd:b1:5c:
68:e9:db:e9:75:c5:b0:f5:ca:3e:81:07:16:56:fa:
ea:91:1a:f8:5d:3c:da:f5:7c:87:9d:53:8e:10:bb:
91:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C4:33:0A:98:51:75:D2:6C:06:A8:BB:D4:7E:68:8A:C3:93:B4:63
X509v3 Authority Key Identifier:
keyid:A1:EB:F5:4D:02:8E:E4:76:4F:62:F7:8A:D8:71:DB:F0:26:22:87:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oev1TQKO5HZPYveK2HHb8CYih4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/58QzCphRddJsBqi71H5oisOTtGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/oev1TQKO5HZPYveK2HHb8CYih4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.132.0/22
Signature Algorithm: sha256WithRSAEncryption
66:f8:14:89:c3:a3:73:cd:11:de:5b:d9:99:64:0b:ad:a6:63:
5d:11:0a:6b:e1:ee:19:35:87:bc:fe:ed:15:d6:8f:de:da:05:
67:1c:fd:35:ce:fd:f6:4d:a0:c6:b6:2f:3d:36:f6:c5:f3:a0:
e6:45:b7:ea:55:74:84:6b:fd:22:ee:b7:84:ff:95:bc:c3:28:
41:23:7b:02:be:e0:39:c3:a2:45:52:d9:c2:81:6b:dc:72:07:
94:c2:6c:fe:1d:24:4a:a9:eb:a6:1f:cf:33:d1:e7:71:ec:9b:
a7:52:e3:43:6a:c3:bf:45:c6:47:54:0f:15:74:48:d1:7f:e9:
a0:25:9d:7b:97:c4:7c:d3:f0:46:d1:68:37:6a:f0:dc:74:74:
91:e8:d6:ce:61:f5:a7:9a:f1:40:53:02:5e:b6:7b:ae:82:31:
52:58:25:bd:fd:ed:38:d1:6a:13:90:9d:74:31:1c:fe:18:b3:
46:c4:ea:16:7a:dc:be:63:9f:1f:7f:31:d6:30:4a:71:d4:1e:
7b:d9:8c:32:56:ba:60:23:ff:f5:c6:38:09:ae:3a:c0:1f:57:
10:a0:8b:62:64:01:31:3c:04:39:41:8d:8c:68:4c:e1:a0:3f:
8a:4b:8d:6f:79:47:05:50:73:6d:b7:8d:90:b3:46:71:9b:85:
9c:c3:3e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBt88JEpBCsKUawmzm4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWJmNTRkMDI4ZWU0NzY0ZjYyZjc4YWQ4NzFkYmYwMjYy
Mjg3ODgwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2M0MzMwYTk4NTE3NWQyNmMwNmE4YmJkNDdlNjg4YWMzOTNiNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuadwEZ6yzby+7YAAVseMUBWXh6k7
8HByyHA57q5GPosiwnYmULiJe25KF9ffTE2rktmaMkcXR5UZE/jICIiQOD9MQXg4
Qp+EFmrARBSc5vKJMzZzX94it3bW2I5GQYn8rSDuKnWdXmuNbx3IX1tvGsBiAw9t
luUtVT7SxJKPP64qGH87ppG3g9agqSos9VdCnauv+FuYI3Kq6Y9Ti1qb5TYUF6Tl
XVTMQbOJER9LlgkbX0cJrL/RxwAkVIoGa4BKvU0xVRqu7cX9hvyG0aOWUYMJN1Jt
Yjw7+8FsIQrdsVxo6dvpdcWw9co+gQcWVvrqkRr4XTza9XyHnVOOELuRGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfEMwqYUXXSbAaou9R+aIrDk7RjMB8GA1UdIwQY
MBaAFKHr9U0CjuR2T2L3ithx2/AmIoeIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V2MVRRS081SFpQWXZlSzJISGI4Q1lpaDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xYjE3MmEtNjFkMS00MjBjLWEzZGQt
NDdhNWJmNWIzMTNkLzEvNThRekNwaFJkZEpzQnFpNzFINW9pc09UdEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xYjE3MmEtNjFkMS00MjBjLWEzZGQtNDdhNWJmNWIzMTNk
LzEvb2V2MVRRS081SFpQWXZlSzJISGI4Q1lpaDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYmEMA0G
CSqGSIb3DQEBCwUAA4IBAQBm+BSJw6NzzRHeW9mZZAutpmNdEQpr4e4ZNYe8/u0V
1o/e2gVnHP01zv32TaDGti89NvbF86DmRbfqVXSEa/0i7reE/5W8wyhBI3sCvuA5
w6JFUtnCgWvccgeUwmz+HSRKqeumH88z0edx7JunUuNDasO/RcZHVA8VdEjRf+mg
JZ17l8R80/BG0Wg3avDcdHSR6NbOYfWnmvFAUwJetnuugjFSWCW9/e040WoTkJ10
MRz+GLNGxOoWety+Y58ffzHWMEpx1B572YwyVrpgI//1xjgJrjrAH1cQoItiZAEx
PAQ5QY2MaEzhoD+KS41veUcFUHNtt42Qs0Zxm4Wcwz4K
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:47:20 2025 by rpki-client