Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/Q5geBAbDdm6rceW2SdCihO9xnZc.roa
File: Q5geBAbDdm6rceW2SdCihO9xnZc.roa (raw, json)
Hash identifier: qZEJzIP9JlpWgbCaDR3U8w6e1Yf/y2ElsSB5u5JRzoI=
Subject key identifier: 43:98:1E:04:06:C3:76:6E:AB:71:E5:B6:49:D0:A2:84:EF:71:9D:97
Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Certificate serial: 0194258F9C251A8C5D90A3589284C969AB82
Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/Q5geBAbDdm6rceW2SdCihO9xnZc.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 23.252.72.0/24 maxlen: 24
185.179.245.0/24 maxlen: 24
2a10:4cc0::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9c:25:1a:8c:5d:90:a3:58:92:84:c9:69:ab:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43981e0406c3766eab71e5b649d0a284ef719d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:57:28:38:35:d2:1d:63:c3:28:e1:74:67:
f2:5e:41:ab:22:77:40:78:ce:1b:2b:b0:5f:5a:22:
78:6e:11:cc:b6:c9:f8:14:92:b9:ba:ca:9e:e9:88:
83:57:43:32:c4:51:79:99:81:97:e3:3a:f0:1e:f3:
ea:cd:72:e6:6e:de:11:07:1a:65:ba:83:c1:2b:07:
a9:e2:a7:cd:21:a0:4e:48:0f:79:f4:b8:c1:04:7d:
16:f6:65:e7:98:48:c3:6a:30:49:bc:ac:0a:b1:12:
79:78:1d:dc:c1:53:48:db:64:d8:29:91:f0:a1:2a:
2b:9f:0d:d6:b3:a5:44:ab:20:73:58:3b:51:29:2e:
f4:80:45:f0:37:e7:22:33:db:82:e5:88:29:95:1f:
61:ca:4d:7f:02:3f:7a:8a:c9:50:b8:83:a4:00:28:
34:ee:68:27:65:75:b3:bc:6a:0a:86:77:6f:de:e0:
5e:dc:d7:ec:a4:6c:0a:2b:14:06:89:fe:8c:0b:07:
5c:a7:b0:15:cb:a1:ea:b8:7e:f0:a5:26:71:4b:2c:
ee:c7:55:4c:de:ee:67:de:ae:6a:4e:3c:b1:0a:6b:
0a:7a:b2:a0:d3:30:3e:ef:d5:c0:e2:55:26:02:3e:
58:eb:4f:b2:a9:95:5e:dc:b2:ec:04:8f:94:e4:fe:
e0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:98:1E:04:06:C3:76:6E:AB:71:E5:B6:49:D0:A2:84:EF:71:9D:97
X509v3 Authority Key Identifier:
keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/Q5geBAbDdm6rceW2SdCihO9xnZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.72.0/24
185.179.245.0/24
IPv6:
2a10:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
7c:3a:87:27:52:24:b4:de:aa:a8:53:f0:7b:8a:40:3c:ce:cc:
f7:46:2d:65:e5:35:67:c2:c9:f9:2b:1c:86:07:16:97:9c:b4:
7a:8e:e4:e8:b9:a1:05:18:c1:3d:8f:d0:d3:21:e7:0a:e3:34:
c3:27:52:dc:cf:9b:34:b4:d5:0a:af:b6:b9:df:c7:44:fe:15:
a6:e7:39:11:de:66:d6:3b:94:94:20:80:4c:4e:2f:a3:80:78:
a4:52:6e:77:e9:b1:e9:52:5d:8e:71:40:49:2a:c1:0a:68:ed:
e1:db:bb:b4:7c:98:dc:bd:b1:ba:bb:f7:6a:61:9f:d2:3f:53:
c3:cd:81:cd:6e:cf:88:ba:05:62:86:27:76:8b:61:88:8c:fb:
97:1c:24:5a:b4:df:1c:bd:4f:01:50:9b:47:58:52:00:36:49:
e4:f2:38:74:7b:04:c5:d1:dc:dc:52:ac:a9:70:91:91:0c:50:
ae:e9:d2:ce:ab:3d:a2:37:1c:90:fa:60:a4:df:7a:17:24:16:
79:a8:b1:ad:ab:8a:00:72:b7:ac:ab:f5:fe:86:98:c5:98:a5:
3c:71:c2:7f:ab:c1:0f:5e:b5:2f:42:0f:8f:c9:0d:84:61:d4:
84:09:93:8d:05:15:fb:8b:a7:e0:89:28:79:83:86:42:0a:7f:
1b:d5:16:91
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQlj5wlGoxdkKNYkoTJaauCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYWQxMGY5NzJlNjc4OWUyYTQzNzdhMmMyOWVlMDhiYzNh
MzY3Y2EwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk4MWUwNDA2YzM3NjZlYWI3MWU1YjY0OWQwYTI4NGVmNzE5ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzdXKDg10h1jwyjhdGfyXkGrIndA
eM4bK7BfWiJ4bhHMtsn4FJK5usqe6YiDV0MyxFF5mYGX4zrwHvPqzXLmbt4RBxpl
uoPBKwep4qfNIaBOSA959LjBBH0W9mXnmEjDajBJvKwKsRJ5eB3cwVNI22TYKZHw
oSornw3Ws6VEqyBzWDtRKS70gEXwN+ciM9uC5YgplR9hyk1/Aj96islQuIOkACg0
7mgnZXWzvGoKhndv3uBe3NfspGwKKxQGif6MCwdcp7AVy6HquH7wpSZxSyzux1VM
3u5n3q5qTjyxCmsKerKg0zA+79XA4lUmAj5Y60+yqZVe3LLsBI+U5P7gXQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEOYHgQGw3Zuq3HltknQooTvcZ2XMB8GA1UdIwQY
MBaAFJutEPly5nieKkN3osKe4IvDo2fKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYt
MGQzODE0ZWE3M2M3LzEvUTVnZUJBYkRkbTZyY2VXMlNkQ2loTzl4blpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYtMGQzODE0ZWE3M2M3
LzEvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAF/xIAwQA
ubP1MA4EAgACMAgDBgAqEEzAADANBgkqhkiG9w0BAQsFAAOCAQEAfDqHJ1IktN6q
qFPwe4pAPM7M90YtZeU1Z8LJ+SschgcWl5y0eo7k6LmhBRjBPY/Q0yHnCuM0wydS
3M+bNLTVCq+2ud/HRP4Vpuc5Ed5m1juUlCCATE4vo4B4pFJud+mx6VJdjnFASSrB
Cmjt4du7tHyY3L2xurv3amGf0j9Tw82BzW7PiLoFYoYndothiIz7lxwkWrTfHL1P
AVCbR1hSADZJ5PI4dHsExdHc3FKsqXCRkQxQrunSzqs9ojcckPpgpN96FyQWeaix
rauKAHK3rKv1/oaYxZilPHHCf6vBD161L0IPj8kNhGHUhAmTjQUV+4un4IkoeYOG
Qgp/G9UWkQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:43:37 2025 by rpki-client