Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/Qt9hOGMkdfDH8ID_bHwfLmJlE60.roa
File: Qt9hOGMkdfDH8ID_bHwfLmJlE60.roa (raw, json)
Hash identifier: ARZiY2rT8rE43lKmT9EIHjzaS4HpYkA+YcbbFMZTS4E=
Subject key identifier: 42:DF:61:38:63:24:75:F0:C7:F0:80:FF:6C:7C:1F:2E:62:65:13:AD
Certificate issuer: /CN=a1ebf54d028ee4764f62f78ad871dbf026228788
Certificate serial: 019422201B589FCE01AC5D8059E3AE2D0D3C
Authority key identifier: A1:EB:F5:4D:02:8E:E4:76:4F:62:F7:8A:D8:71:DB:F0:26:22:87:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oev1TQKO5HZPYveK2HHb8CYih4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/Qt9hOGMkdfDH8ID_bHwfLmJlE60.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5606
IP address blocks: 185.137.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1b:58:9f:ce:01:ac:5d:80:59:e3:ae:2d:0d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1ebf54d028ee4764f62f78ad871dbf026228788
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42df6138632475f0c7f080ff6c7c1f2e626513ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:df:44:72:73:dd:f1:f2:b1:28:0a:ce:90:72:
cf:82:b7:35:09:b2:7c:14:d6:15:f9:cd:29:83:b1:
c5:02:06:9b:4a:57:03:3d:f4:ee:e3:11:f1:58:61:
4f:93:af:d6:9a:93:fe:a4:db:14:e8:a7:10:19:e0:
f1:0b:34:e4:9c:6b:cb:73:af:fa:1d:28:cc:29:3a:
fc:b6:1b:77:e8:98:98:7a:0f:f9:73:64:8b:d2:f1:
cb:62:a2:8c:e9:43:3d:16:68:c6:c7:5b:b8:7e:c0:
23:04:25:48:59:ec:42:66:95:d3:27:a5:1b:1e:2d:
1a:5a:55:04:de:f1:18:73:fe:14:bb:d8:e9:e7:52:
ea:dc:d5:fe:0a:9a:ea:98:83:4c:fc:5a:06:2f:51:
07:df:88:67:a9:da:60:85:71:fd:c6:7c:e2:4f:3b:
6f:82:8c:94:43:02:16:b9:f4:09:e6:7c:8b:27:05:
f4:8f:05:c0:12:3f:08:6f:1e:89:bc:75:b0:b7:58:
ec:b8:ee:6a:24:ce:9f:fe:c0:c2:1b:f2:b2:48:46:
19:bc:b4:1a:49:e3:56:3c:bb:4d:80:15:c1:b3:67:
f1:85:0d:88:d1:ec:c8:9b:e0:3b:f4:f6:b9:93:cd:
43:a6:9d:f8:c1:58:d7:c7:da:4c:ef:f7:17:02:c2:
19:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DF:61:38:63:24:75:F0:C7:F0:80:FF:6C:7C:1F:2E:62:65:13:AD
X509v3 Authority Key Identifier:
keyid:A1:EB:F5:4D:02:8E:E4:76:4F:62:F7:8A:D8:71:DB:F0:26:22:87:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oev1TQKO5HZPYveK2HHb8CYih4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/Qt9hOGMkdfDH8ID_bHwfLmJlE60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b172a-61d1-420c-a3dd-47a5bf5b313d/1/oev1TQKO5HZPYveK2HHb8CYih4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.132.0/22
Signature Algorithm: sha256WithRSAEncryption
04:00:33:3c:fe:45:b9:1d:42:1b:d3:56:3e:e4:05:fd:6f:00:
51:a5:a6:b1:79:f1:56:bd:9f:0c:92:b2:03:68:0f:0f:6f:8d:
b4:e1:0d:af:d7:28:b3:fe:65:56:9f:92:8a:38:ca:46:b8:57:
c6:a4:bc:b7:de:e1:f8:b0:32:48:ab:0f:1a:af:c8:1d:f5:6a:
29:3e:30:4a:ed:73:f4:08:c8:e3:39:8b:c1:93:6a:bc:5a:99:
ef:cd:1c:56:95:1b:2f:06:89:c4:f4:13:20:db:79:30:b2:b4:
c8:82:b8:9b:36:ab:e5:8d:13:df:a4:29:ff:7c:0f:22:92:d0:
9b:93:bf:bd:c6:d9:a5:e2:8e:c1:0f:f8:30:49:4e:25:4e:41:
8e:0c:2e:fe:dd:00:f7:02:7f:4f:e4:80:d8:15:cb:58:a0:a7:
37:62:07:4b:0f:91:55:52:79:d7:4b:99:77:6b:4f:0e:aa:30:
7e:a1:aa:73:08:61:10:88:d5:13:73:67:e1:47:39:bd:ef:78:
66:52:12:6d:5b:25:71:1e:67:b7:96:bc:d9:da:df:0f:3e:ab:
11:b5:41:5e:b2:9c:06:d6:f1:4b:91:fa:4e:9b:cd:5a:73:e7:
3c:13:1b:9f:2b:ea:43:72:94:df:7f:bd:70:fc:91:12:49:22:
6b:5f:ee:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBtYn84BrF2AWeOuLQ08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWJmNTRkMDI4ZWU0NzY0ZjYyZjc4YWQ4NzFkYmYwMjYy
Mjg3ODgwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmRmNjEzODYzMjQ3NWYwYzdmMDgwZmY2YzdjMWYyZTYyNjUxM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN9EcnPd8fKxKArOkHLPgrc1CbJ8
FNYV+c0pg7HFAgabSlcDPfTu4xHxWGFPk6/WmpP+pNsU6KcQGeDxCzTknGvLc6/6
HSjMKTr8tht36JiYeg/5c2SL0vHLYqKM6UM9FmjGx1u4fsAjBCVIWexCZpXTJ6Ub
Hi0aWlUE3vEYc/4Uu9jp51Lq3NX+CprqmINM/FoGL1EH34hnqdpghXH9xnziTztv
goyUQwIWufQJ5nyLJwX0jwXAEj8Ibx6JvHWwt1jsuO5qJM6f/sDCG/KySEYZvLQa
SeNWPLtNgBXBs2fxhQ2I0ezIm+A79Pa5k81Dpp34wVjXx9pM7/cXAsIZnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELfYThjJHXwx/CA/2x8Hy5iZROtMB8GA1UdIwQY
MBaAFKHr9U0CjuR2T2L3ithx2/AmIoeIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V2MVRRS081SFpQWXZlSzJISGI4Q1lpaDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xYjE3MmEtNjFkMS00MjBjLWEzZGQt
NDdhNWJmNWIzMTNkLzEvUXQ5aE9HTWtkZkRIOElEX2JId2ZMbUpsRTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xYjE3MmEtNjFkMS00MjBjLWEzZGQtNDdhNWJmNWIzMTNk
LzEvb2V2MVRRS081SFpQWXZlSzJISGI4Q1lpaDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAEADM8/kW5HUIb01Y+5AX9bwBRpaaxefFWvZ8MkrID
aA8Pb4204Q2v1yiz/mVWn5KKOMpGuFfGpLy33uH4sDJIqw8ar8gd9WopPjBK7XP0
CMjjOYvBk2q8WpnvzRxWlRsvBonE9BMg23kwsrTIgribNqvljRPfpCn/fA8iktCb
k7+9xtml4o7BD/gwSU4lTkGODC7+3QD3An9P5IDYFctYoKc3YgdLD5FVUnnXS5l3
a08OqjB+oapzCGEQiNUTc2fhRzm973hmUhJtWyVxHme3lrzZ2t8PPqsRtUFespwG
1vFLkfpOm81ac+c8ExufK+pDcpTff71w/JESSSJrX+4N
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:38:20 2025 by rpki-client