Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/qi8SjamVLTZcWUyfEiVS4BoqkZE.roa
File: qi8SjamVLTZcWUyfEiVS4BoqkZE.roa (raw, json)
Hash identifier: 6lwU9eJcpe8KWWxmMOizpAa94mxqfcksgtQmJaF4BYg=
Subject key identifier: AA:2F:12:8D:A9:95:2D:36:5C:59:4C:9F:12:25:52:E0:1A:2A:91:91
Certificate issuer: /CN=41251342e05d58b3b7fc93a15cba1eb71e542385
Certificate serial: 019425FDCFCF9BCCAA59C5464890EDC67786
Authority key identifier: 41:25:13:42:E0:5D:58:B3:B7:FC:93:A1:5C:BA:1E:B7:1E:54:23:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSUTQuBdWLO3_JOhXLoetx5UI4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/qi8SjamVLTZcWUyfEiVS4BoqkZE.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 185.165.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:cf:cf:9b:cc:aa:59:c5:46:48:90:ed:c6:77:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41251342e05d58b3b7fc93a15cba1eb71e542385
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa2f128da9952d365c594c9f122552e01a2a9191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:92:f7:c9:17:9a:01:68:ca:7b:2a:15:91:e4:
0c:0e:31:9b:b2:b0:f9:61:3c:9f:10:dd:12:7d:ec:
ef:1e:5c:04:42:5a:38:06:f1:b4:fd:c6:12:4b:92:
da:0e:4c:4b:4d:2a:ab:7f:49:96:83:b5:5d:b2:11:
00:ee:12:b7:c1:e5:66:e3:9e:d0:60:4e:d5:b7:f6:
b8:50:ea:cb:55:3a:5e:a3:86:c7:0f:74:b2:b8:dd:
62:c0:b0:26:a5:95:ce:77:0d:61:12:fa:19:c1:7a:
ab:1e:93:23:ce:50:0c:2c:79:67:e2:8d:cf:64:95:
92:a8:09:be:d5:b6:dd:05:3f:b9:6d:e1:2a:fe:d6:
71:7d:68:c4:c9:7c:39:d9:00:ba:0a:3a:18:46:e9:
8b:93:dc:dd:1d:da:44:f3:6d:26:5c:9e:ca:31:27:
fb:ea:9b:50:aa:e2:df:0a:a0:8f:ab:52:c5:9b:86:
b9:71:5a:1b:af:ce:7a:a0:e1:2c:df:73:8f:3c:a3:
94:2d:23:8e:63:12:0c:a1:c0:46:dd:31:32:6d:28:
3a:15:51:95:b2:b6:f4:26:f7:5d:9a:80:28:c9:d2:
3c:bb:a1:8d:97:d5:ff:a9:b6:3b:6b:4b:32:c0:12:
87:30:f4:e9:3b:6d:ab:b4:6c:45:ea:1a:4d:94:b5:
44:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2F:12:8D:A9:95:2D:36:5C:59:4C:9F:12:25:52:E0:1A:2A:91:91
X509v3 Authority Key Identifier:
keyid:41:25:13:42:E0:5D:58:B3:B7:FC:93:A1:5C:BA:1E:B7:1E:54:23:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSUTQuBdWLO3_JOhXLoetx5UI4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/qi8SjamVLTZcWUyfEiVS4BoqkZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/QSUTQuBdWLO3_JOhXLoetx5UI4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.29.0/24
Signature Algorithm: sha256WithRSAEncryption
51:61:c2:95:5b:cd:61:44:a7:f4:1d:68:fd:24:cb:f2:10:07:
12:34:2f:cd:e7:51:45:d7:e1:ab:c4:34:89:95:c2:6d:fb:27:
af:e3:83:ba:69:24:b3:08:97:4f:20:08:08:57:16:de:1e:39:
07:97:12:03:0b:64:a8:83:20:e5:77:5b:a8:24:83:02:dd:4c:
16:8d:5f:90:1a:f6:97:dc:f8:04:ef:6d:da:46:50:60:07:ad:
3a:e3:4f:15:a4:67:8b:8e:5c:c9:ff:31:50:c8:77:f6:b9:d1:
a7:b9:00:b5:df:ed:35:d0:57:b5:13:64:fa:e9:74:9c:92:ba:
e6:8f:f0:ff:7f:02:ed:e7:66:28:25:47:6f:6d:0e:1f:dc:ab:
15:67:75:73:da:21:db:14:3d:69:1a:39:66:f9:73:73:7b:e0:
fd:fd:cf:f4:f7:63:45:5c:bc:e4:1c:3a:2e:bf:fb:7c:30:39:
44:57:93:d6:dd:6b:f4:af:31:71:2e:4f:f5:f6:f9:e9:a6:f9:
f7:98:f4:db:41:a2:3b:bf:4b:00:a1:c2:f7:39:17:4c:e9:12:
24:01:65:f7:af:98:50:4a:3a:a0:75:81:24:81:1d:4c:f1:ba:
4b:13:48:a0:17:e0:28:16:15:4f:a0:32:a3:74:44:c4:a6:3c:
2e:d6:3e:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/c/Pm8yqWcVGSJDtxneGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjUxMzQyZTA1ZDU4YjNiN2ZjOTNhMTVjYmExZWI3MWU1
NDIzODUwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTJmMTI4ZGE5OTUyZDM2NWM1OTRjOWYxMjI1NTJlMDFhMmE5MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5L3yReaAWjKeyoVkeQMDjGbsrD5
YTyfEN0SfezvHlwEQlo4BvG0/cYSS5LaDkxLTSqrf0mWg7VdshEA7hK3weVm457Q
YE7Vt/a4UOrLVTpeo4bHD3SyuN1iwLAmpZXOdw1hEvoZwXqrHpMjzlAMLHln4o3P
ZJWSqAm+1bbdBT+5beEq/tZxfWjEyXw52QC6CjoYRumLk9zdHdpE820mXJ7KMSf7
6ptQquLfCqCPq1LFm4a5cVobr856oOEs33OPPKOULSOOYxIMocBG3TEybSg6FVGV
srb0JvddmoAoydI8u6GNl9X/qbY7a0sywBKHMPTpO22rtGxF6hpNlLVEKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKovEo2plS02XFlMnxIlUuAaKpGRMB8GA1UdIwQY
MBaAFEElE0LgXVizt/yToVy6HrceVCOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNVVFF1QmRXTE8zX0pPaFhMb2V0eDVVSTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9hZDYwM2YtOGZlYS00ODQ5LTllZGIt
YzM2NjhiNTAzYTFjLzEvcWk4U2phbVZMVFpjV1V5ZkVpVlM0Qm9xa1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9hZDYwM2YtOGZlYS00ODQ5LTllZGItYzM2NjhiNTAzYTFj
LzEvUVNVVFF1QmRXTE8zX0pPaFhMb2V0eDVVSTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUdMA0G
CSqGSIb3DQEBCwUAA4IBAQBRYcKVW81hRKf0HWj9JMvyEAcSNC/N51FF1+GrxDSJ
lcJt+yev44O6aSSzCJdPIAgIVxbeHjkHlxIDC2SogyDld1uoJIMC3UwWjV+QGvaX
3PgE723aRlBgB606408VpGeLjlzJ/zFQyHf2udGnuQC13+010Fe1E2T66XSckrrm
j/D/fwLt52YoJUdvbQ4f3KsVZ3Vz2iHbFD1pGjlm+XNze+D9/c/092NFXLzkHDou
v/t8MDlEV5PW3Wv0rzFxLk/19vnppvn3mPTbQaI7v0sAocL3ORdM6RIkAWX3r5hQ
SjqgdYEkgR1M8bpLE0igF+AoFhVPoDKjdETEpjwu1j6h
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:29:45 2025 by rpki-client