Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/khp2BPjrUn80YBFN8ITrODFfDRA.roa
File: khp2BPjrUn80YBFN8ITrODFfDRA.roa (raw, json)
Hash identifier: a8X3yDMF8K//o4Ck6pCeFu+EZcOTocY9jXi1/4TtQ8k=
Subject key identifier: 92:1A:76:04:F8:EB:52:7F:34:60:11:4D:F0:84:EB:38:31:5F:0D:10
Certificate issuer: /CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Certificate serial: 0194476BDD76550C7295A829F12222C2D1B3
Authority key identifier: 42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/khp2BPjrUn80YBFN8ITrODFfDRA.roa
Signing time: Wed 08 Jan 2025 19:37:18 +0000
ROA not before: Wed 08 Jan 2025 19:37:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 185.37.8.0/24 maxlen: 24
2a10:c943::/32 maxlen: 32
2a10:c943:100::/48 maxlen: 48
2a10:c943:200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:6b:dd:76:55:0c:72:95:a8:29:f1:22:22:c2:d1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Validity
Not Before: Jan 8 19:37:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=921a7604f8eb527f3460114df084eb38315f0d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c7:5a:b8:b6:9a:89:9c:74:8a:7b:95:7f:0e:
5a:10:13:3e:1d:f4:ad:d6:97:22:15:48:03:48:4d:
84:71:8a:12:da:ce:45:ab:82:cb:a5:3a:b6:02:b6:
23:1c:fe:4a:f2:43:ab:4f:35:5a:e1:61:7a:a7:09:
f6:a2:b8:b7:a7:8b:cb:40:05:0b:28:4f:65:f9:9f:
50:52:f5:3b:fa:1a:57:2f:cc:0d:44:e5:ef:a7:cf:
ce:17:2c:21:f0:2b:2b:8b:74:cd:9c:42:b5:a2:4f:
c2:43:c3:c7:17:b4:7b:a4:a7:40:5f:95:98:12:9f:
68:41:28:54:a9:9f:4c:1d:98:eb:77:62:ec:f7:1c:
a1:7d:9c:39:7c:52:11:a7:58:63:79:c5:c8:87:8f:
16:73:f7:52:0d:fb:94:2c:0b:e0:64:e8:64:27:3c:
e7:b2:97:b3:1b:16:3a:43:62:4a:45:db:00:04:40:
34:f6:ac:8f:67:cb:e0:ed:c0:04:0a:b9:79:58:88:
ad:3e:8c:98:ab:50:69:c6:81:40:51:88:ac:b9:3e:
19:cd:bb:c0:94:40:10:07:56:47:6d:7b:ed:47:39:
e5:25:db:f8:56:9c:02:6d:2b:c5:5b:15:3e:38:d5:
fe:95:b5:1e:00:da:41:b1:e2:f1:dd:99:14:a9:41:
fd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1A:76:04:F8:EB:52:7F:34:60:11:4D:F0:84:EB:38:31:5F:0D:10
X509v3 Authority Key Identifier:
keyid:42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/khp2BPjrUn80YBFN8ITrODFfDRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.8.0/24
IPv6:
2a10:c943::/32
Signature Algorithm: sha256WithRSAEncryption
68:8d:fd:82:14:f6:31:1a:05:c8:5d:d5:60:19:5c:5f:31:e0:
8a:14:e9:0d:16:7f:d4:8e:58:f8:70:b3:32:f0:9e:fd:f6:75:
de:34:27:65:2f:6c:92:65:95:ba:6a:49:b1:b7:16:5d:2e:e4:
a4:7b:ac:d0:3f:f8:c7:e1:cd:eb:f6:d7:3f:c4:4a:4f:7b:93:
7b:cb:c4:eb:76:91:94:20:6e:82:91:db:1f:9d:6d:34:52:2d:
15:c5:2b:54:ce:f1:11:7a:c9:65:ae:d5:75:2f:20:54:d9:34:
90:c4:47:af:be:d4:58:ea:b5:a1:7f:76:9d:88:a7:2c:7f:68:
81:01:42:dd:8c:96:c5:98:50:73:57:e4:4a:14:57:f3:17:05:
43:0b:ae:f6:77:8f:02:67:fe:42:b0:94:b4:3e:f9:20:70:dd:
d4:ef:c1:67:a7:e7:13:ff:8b:87:76:bb:6e:72:82:e0:23:4e:
86:e0:62:9b:ec:da:8a:78:58:e1:00:b6:ff:4a:0f:7f:b1:cc:
7d:80:2e:8f:39:ab:f4:30:b4:99:63:c0:7e:a1:40:f3:e3:50:
45:24:c7:2c:5d:7a:c0:d4:38:5e:5d:2e:e6:f4:85:94:f1:ac:
94:49:a2:d9:22:60:4b:fc:22:4e:03:a2:6c:1b:c7:64:9a:a4:
82:c9:eb:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRHa912VQxylagp8SIiwtGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWNiYTU4OTkyMGJlZWJiMTliYzU3MmFlNmQ1MDFiOGNm
NmJiZjAwHhcNMjUwMTA4MTkzNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFhNzYwNGY4ZWI1MjdmMzQ2MDExNGRmMDg0ZWIzODMxNWYwZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcdauLaaiZx0inuVfw5aEBM+HfSt
1pciFUgDSE2EcYoS2s5Fq4LLpTq2ArYjHP5K8kOrTzVa4WF6pwn2ori3p4vLQAUL
KE9l+Z9QUvU7+hpXL8wNROXvp8/OFywh8Csri3TNnEK1ok/CQ8PHF7R7pKdAX5WY
Ep9oQShUqZ9MHZjrd2Ls9xyhfZw5fFIRp1hjecXIh48Wc/dSDfuULAvgZOhkJzzn
spezGxY6Q2JKRdsABEA09qyPZ8vg7cAECrl5WIitPoyYq1BpxoFAUYisuT4ZzbvA
lEAQB1ZHbXvtRznlJdv4VpwCbSvFWxU+ONX+lbUeANpBseLx3ZkUqUH9XwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJIadgT461J/NGARTfCE6zgxXw0QMB8GA1UdIwQY
MBaAFEIculiZIL7rsZvFcq5tUBuM9rvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQt
ZWMwMGUxYTI3Y2M4LzEva2hwMkJQanJVbjgwWUJGTjhJVHJPREZmRFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQtZWMwMGUxYTI3Y2M4
LzEvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSUIMA0E
AgACMAcDBQAqEMlDMA0GCSqGSIb3DQEBCwUAA4IBAQBojf2CFPYxGgXIXdVgGVxf
MeCKFOkNFn/Ujlj4cLMy8J799nXeNCdlL2ySZZW6akmxtxZdLuSke6zQP/jH4c3r
9tc/xEpPe5N7y8TrdpGUIG6CkdsfnW00Ui0VxStUzvEResllrtV1LyBU2TSQxEev
vtRY6rWhf3adiKcsf2iBAULdjJbFmFBzV+RKFFfzFwVDC672d48CZ/5CsJS0Pvkg
cN3U78Fnp+cT/4uHdrtucoLgI06G4GKb7NqKeFjhALb/Sg9/scx9gC6POav0MLSZ
Y8B+oUDz41BFJMcsXXrA1DheXS7m9IWU8ayUSaLZImBL/CJOA6JsG8dkmqSCyeuF
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:41 2025 by rpki-client