Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/dqSVfYV4r9M8RMZopTNsSTKHeIY.roa
File: dqSVfYV4r9M8RMZopTNsSTKHeIY.roa (raw, json)
Hash identifier: XrN+1wwdRwyX8n7r+VHCtW4D45jLjIPlWVhNaBZnVwQ=
Subject key identifier: 76:A4:95:7D:85:78:AF:D3:3C:44:C6:68:A5:33:6C:49:32:87:78:86
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0194221F42F6F5DB7DD571CAA874891C3FF6
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/dqSVfYV4r9M8RMZopTNsSTKHeIY.roa
Signing time: Wed 01 Jan 2025 13:47:41 +0000
ROA not before: Wed 01 Jan 2025 13:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57643
IP address blocks: 185.174.120.0/22 maxlen: 22
185.188.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:42:f6:f5:db:7d:d5:71:ca:a8:74:89:1c:3f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 13:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76a4957d8578afd33c44c668a5336c4932877886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:af:f6:d9:2d:c4:93:4f:05:02:5e:7f:7a:76:
fd:e1:03:40:b1:0d:a2:0c:f5:93:d5:da:cf:72:4a:
78:b6:b5:68:e4:48:b9:b6:c7:8b:34:a4:4b:fa:ea:
9f:c2:44:79:d8:17:0f:1b:2b:77:ab:e3:cd:9a:64:
3c:48:f1:1a:b6:8b:0c:b9:30:e9:11:cb:5d:b6:fa:
af:93:a1:17:a8:a6:c3:e1:6f:b9:44:7a:f9:a0:40:
d0:4c:9d:76:3f:3a:58:09:63:2f:fd:b1:b0:a2:e7:
89:d7:e0:43:5a:b6:29:21:33:76:b3:c5:37:19:6c:
9d:e3:46:05:7e:7c:b5:ff:b8:00:48:fa:ba:cc:c5:
54:01:54:04:33:cc:a6:8c:57:c2:4a:0c:22:e8:6f:
2f:8d:d1:0b:54:09:58:1c:a2:65:ae:44:11:30:80:
7b:6c:19:ff:94:5c:55:95:d3:63:29:12:87:5e:b6:
e5:2d:30:cc:56:fe:8a:90:89:2d:44:d5:c3:7c:70:
99:40:fe:7c:c5:15:f5:c7:39:cd:97:e4:56:4e:b1:
28:85:22:1c:30:a9:53:8b:dc:03:33:e7:ed:b5:5a:
c8:2b:0d:17:3c:f6:98:59:20:ab:e7:0b:d0:88:53:
64:90:66:0b:ba:91:4d:20:e3:dc:d9:1d:61:a7:49:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A4:95:7D:85:78:AF:D3:3C:44:C6:68:A5:33:6C:49:32:87:78:86
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/dqSVfYV4r9M8RMZopTNsSTKHeIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.120.0/22
185.188.164.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:9e:da:e8:58:1c:40:42:e4:83:e7:7f:c0:e9:10:3c:bc:d4:
91:c7:46:63:04:ea:c9:ba:56:a0:8a:4c:bc:a1:ac:e3:e3:b7:
d3:82:e0:8c:ab:a3:af:58:31:33:2b:52:02:f1:f2:e8:69:f9:
ac:42:25:d7:5e:e7:df:1b:b7:b2:76:a4:51:78:49:90:85:aa:
f8:0b:08:f9:3e:c7:e5:5f:f1:87:25:c0:6f:e1:f5:13:4c:33:
57:06:e3:82:06:6b:f7:b1:b4:82:f4:b9:1c:98:77:64:81:28:
90:cc:be:8c:f8:64:2b:7f:57:6e:10:27:04:df:f3:ba:d0:71:
16:56:2b:f0:a9:8e:08:14:47:ed:17:08:eb:24:1a:99:b4:8f:
2e:79:69:ba:77:6a:3b:01:86:de:41:58:24:c6:f0:e4:e8:cd:
7c:a5:1d:00:63:d4:61:1f:ae:4e:4b:5d:c4:72:66:38:67:2e:
48:14:39:85:48:ad:3f:10:b7:33:00:e4:23:c1:f0:f0:45:71:
e1:39:25:17:8e:52:49:d7:98:45:a1:8a:b2:c4:0e:f0:1c:6c:
4e:de:83:3f:f2:00:67:9f:cf:25:e2:3d:95:14:a3:2f:a7:8c:
90:4c:cb:33:65:50:31:32:74:be:9b:7e:6e:af:1e:f3:50:c5:
37:5b:cf:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH0L29dt91XHKqHSJHD/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTAxMTM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE0OTU3ZDg1NzhhZmQzM2M0NGM2NjhhNTMzNmM0OTMyODc3ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6/22S3Ek08FAl5/enb94QNAsQ2i
DPWT1drPckp4trVo5Ei5tseLNKRL+uqfwkR52BcPGyt3q+PNmmQ8SPEatosMuTDp
Ectdtvqvk6EXqKbD4W+5RHr5oEDQTJ12PzpYCWMv/bGwoueJ1+BDWrYpITN2s8U3
GWyd40YFfny1/7gASPq6zMVUAVQEM8ymjFfCSgwi6G8vjdELVAlYHKJlrkQRMIB7
bBn/lFxVldNjKRKHXrblLTDMVv6KkIktRNXDfHCZQP58xRX1xznNl+RWTrEohSIc
MKlTi9wDM+fttVrIKw0XPPaYWSCr5wvQiFNkkGYLupFNIOPc2R1hp0nfEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaklX2FeK/TPETGaKUzbEkyh3iGMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvZHFTVmZZVjRyOU04Uk1ab3BUTnNTVEtIZUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua54AwQC
ubykMA0GCSqGSIb3DQEBCwUAA4IBAQAvntroWBxAQuSD53/A6RA8vNSRx0ZjBOrJ
ulagiky8oazj47fTguCMq6OvWDEzK1IC8fLoafmsQiXXXuffG7eydqRReEmQhar4
Cwj5PsflX/GHJcBv4fUTTDNXBuOCBmv3sbSC9LkcmHdkgSiQzL6M+GQrf1duECcE
3/O60HEWVivwqY4IFEftFwjrJBqZtI8ueWm6d2o7AYbeQVgkxvDk6M18pR0AY9Rh
H65OS13EcmY4Zy5IFDmFSK0/ELczAOQjwfDwRXHhOSUXjlJJ15hFoYqyxA7wHGxO
3oM/8gBnn88l4j2VFKMvp4yQTMszZVAxMnS+m35urx7zUMU3W8+g
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:27:49 2025 by rpki-client