Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/d3d257-6e4c-4d60-9c93-dfcae36a3ef8/1/00FQiMdjUQle4zFwKcr67i8rD5o.roa
File: 00FQiMdjUQle4zFwKcr67i8rD5o.roa (raw, json)
Hash identifier: vAwK94aBbQ1WLXSLlow/JuiTreizX+JgqV5lHzwa2Js=
Subject key identifier: D3:41:50:88:C7:63:51:09:5E:E3:31:70:29:CA:FA:EE:2F:2B:0F:9A
Certificate issuer: /CN=d1c70f1f33c581db78a149bc86d739cdc7ce26a7
Certificate serial: 0194252237F247F566558C6A35F6FD799216
Authority key identifier: D1:C7:0F:1F:33:C5:81:DB:78:A1:49:BC:86:D7:39:CD:C7:CE:26:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ccPHzPFgdt4oUm8htc5zcfOJqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/d3d257-6e4c-4d60-9c93-dfcae36a3ef8/1/00FQiMdjUQle4zFwKcr67i8rD5o.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202393
IP address blocks: 185.249.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:37:f2:47:f5:66:55:8c:6a:35:f6:fd:79:92:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1c70f1f33c581db78a149bc86d739cdc7ce26a7
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3415088c76351095ee3317029cafaee2f2b0f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:8e:ca:1e:26:2f:b8:a6:25:06:93:7e:89:
23:77:e6:26:23:e0:40:1c:4b:6d:5e:c4:bc:fc:e9:
28:b1:51:4c:98:bb:b3:1a:8c:4d:af:1a:5e:70:51:
72:04:4a:06:78:87:15:c1:90:2e:89:90:5c:26:3d:
8e:d6:45:1a:49:47:94:2b:b7:a0:ab:27:fe:92:79:
1a:f7:80:7f:60:a4:45:17:4c:f9:f6:d8:e4:80:7b:
b0:c0:d5:88:30:5b:0e:6a:2d:64:e0:f0:7b:1b:81:
f4:94:43:f2:89:b1:46:47:2f:5f:e4:33:56:0b:c1:
92:11:3b:13:0c:92:2f:62:1f:49:77:c4:b0:d6:90:
32:2e:35:98:0b:a8:6b:e6:10:cb:f3:44:47:a4:4b:
61:07:2c:39:09:65:eb:30:4d:16:e3:79:93:57:ec:
21:90:4c:24:e9:52:fe:d4:f1:bd:98:7f:04:e1:68:
d9:c2:51:5f:8a:38:58:d5:ee:ca:04:5b:4a:3d:2b:
88:4f:b7:da:92:82:c8:46:26:3c:62:0a:98:fb:92:
7f:26:73:3d:88:ba:c0:a1:6d:e4:f0:7a:ec:a4:5f:
c0:a5:26:8b:5e:04:b4:7e:75:71:e2:87:d0:87:fb:
0e:09:64:d4:b5:de:e7:75:7e:e2:9d:b0:6f:4a:f6:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:41:50:88:C7:63:51:09:5E:E3:31:70:29:CA:FA:EE:2F:2B:0F:9A
X509v3 Authority Key Identifier:
keyid:D1:C7:0F:1F:33:C5:81:DB:78:A1:49:BC:86:D7:39:CD:C7:CE:26:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ccPHzPFgdt4oUm8htc5zcfOJqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d3d257-6e4c-4d60-9c93-dfcae36a3ef8/1/00FQiMdjUQle4zFwKcr67i8rD5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d3d257-6e4c-4d60-9c93-dfcae36a3ef8/1/0ccPHzPFgdt4oUm8htc5zcfOJqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.228.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:c1:90:d7:69:d4:a2:a0:84:03:d4:54:08:f4:cb:87:8a:54:
4e:35:80:23:a4:4d:2f:9b:9f:aa:b9:cd:91:54:d2:16:c4:24:
dd:53:dc:5b:ba:97:b8:ca:1d:7a:aa:dc:34:f0:0d:47:2d:aa:
2d:65:6a:f4:8e:76:b9:c3:61:22:56:5b:49:e8:d7:c7:37:4d:
d5:cc:7e:38:db:58:86:03:55:fa:12:72:3a:06:df:2f:20:3f:
c6:4c:f8:df:9b:93:4d:fd:63:fb:80:4a:b1:bc:61:74:3c:84:
76:7b:06:5c:9f:f5:e8:20:45:98:12:55:13:0d:2c:0c:19:e8:
f6:05:05:08:a7:e9:3c:5b:09:f4:9f:26:92:b2:60:0d:90:ea:
73:fa:c8:5b:da:3d:db:a2:38:56:7e:87:11:64:69:cd:96:dd:
da:0f:87:be:74:a5:b3:ae:29:f1:ec:6c:91:e7:00:b1:47:44:
98:39:c3:27:e4:7e:bd:69:6c:3c:ff:5f:2c:d4:5b:9e:88:e7:
82:b8:e9:5f:6a:e0:67:91:04:f2:40:66:c4:59:37:47:c3:76:
30:1a:44:fe:5b:8f:c2:34:79:c4:2a:52:fc:51:f8:0c:5a:2c:
57:f3:e2:f4:91:1b:98:b5:b5:44:ab:3a:ee:53:94:03:90:46:
fd:d9:26:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIjfyR/VmVYxqNfb9eZIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYzcwZjFmMzNjNTgxZGI3OGExNDliYzg2ZDczOWNkYzdj
ZTI2YTcwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQxNTA4OGM3NjM1MTA5NWVlMzMxNzAyOWNhZmFlZTJmMmIwZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0iOyh4mL7imJQaTfokjd+YmI+BA
HEttXsS8/OkosVFMmLuzGoxNrxpecFFyBEoGeIcVwZAuiZBcJj2O1kUaSUeUK7eg
qyf+knka94B/YKRFF0z59tjkgHuwwNWIMFsOai1k4PB7G4H0lEPyibFGRy9f5DNW
C8GSETsTDJIvYh9Jd8Sw1pAyLjWYC6hr5hDL80RHpEthByw5CWXrME0W43mTV+wh
kEwk6VL+1PG9mH8E4WjZwlFfijhY1e7KBFtKPSuIT7fakoLIRiY8YgqY+5J/JnM9
iLrAoW3k8HrspF/ApSaLXgS0fnVx4ofQh/sOCWTUtd7ndX7inbBvSvbAtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNBUIjHY1EJXuMxcCnK+u4vKw+aMB8GA1UdIwQY
MBaAFNHHDx8zxYHbeKFJvIbXOc3HzianMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNjUEh6UEZnZHQ0b1VtOGh0YzV6Y2ZPSnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9kM2QyNTctNmU0Yy00ZDYwLTljOTMt
ZGZjYWUzNmEzZWY4LzEvMDBGUWlNZGpVUWxlNHpGd0tjcjY3aThyRDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9kM2QyNTctNmU0Yy00ZDYwLTljOTMtZGZjYWUzNmEzZWY4
LzEvMGNjUEh6UEZnZHQ0b1VtOGh0YzV6Y2ZPSnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufnkMA0G
CSqGSIb3DQEBCwUAA4IBAQB6wZDXadSioIQD1FQI9MuHilRONYAjpE0vm5+quc2R
VNIWxCTdU9xbupe4yh16qtw08A1HLaotZWr0jna5w2EiVltJ6NfHN03VzH4421iG
A1X6EnI6Bt8vID/GTPjfm5NN/WP7gEqxvGF0PIR2ewZcn/XoIEWYElUTDSwMGej2
BQUIp+k8Wwn0nyaSsmANkOpz+shb2j3bojhWfocRZGnNlt3aD4e+dKWzrinx7GyR
5wCxR0SYOcMn5H69aWw8/18s1FueiOeCuOlfauBnkQTyQGbEWTdHw3YwGkT+W4/C
NHnEKlL8UfgMWixX8+L0kRuYtbVEqzruU5QDkEb92SYr
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:50:37 2025 by rpki-client