Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/aQbAdMmw6LGkWrHFISw9gjXbPXE.roa
File: aQbAdMmw6LGkWrHFISw9gjXbPXE.roa (raw, json)
Hash identifier: 3oom+N+bFKVsXUfpHyiTTHfYtfR8rQPSAw7BXiuCfxQ=
Subject key identifier: 69:06:C0:74:C9:B0:E8:B1:A4:5A:B1:C5:21:2C:3D:82:35:DB:3D:71
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 019427B58F673A9CC8D071CD258E1AC1C5A8
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/aQbAdMmw6LGkWrHFISw9gjXbPXE.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203394
IP address blocks: 185.126.255.0/24 maxlen: 24
194.4.71.0/24 maxlen: 24
212.79.125.0/24 maxlen: 24
212.87.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8f:67:3a:9c:c8:d0:71:cd:25:8e:1a:c1:c5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6906c074c9b0e8b1a45ab1c5212c3d8235db3d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0c:59:fa:48:df:01:80:ca:5f:e2:c2:00:7c:
52:ba:40:09:8b:d9:3a:53:59:7c:c4:58:8f:b1:94:
80:76:b8:0f:f6:ec:94:3c:8f:dc:84:03:99:8b:91:
39:96:2f:ec:c1:a8:98:dd:16:2f:97:26:c5:30:46:
97:5f:1f:97:65:1d:7c:db:0e:dc:4d:f0:3a:3c:a8:
cf:ac:2e:34:d3:3b:e9:78:0e:e0:68:9e:ba:8b:bc:
f9:23:bc:eb:35:66:b9:5c:7f:30:8e:4a:94:98:1f:
f0:8f:67:5c:f1:2e:52:84:2b:e9:a7:4b:ca:6c:eb:
bb:9c:c8:34:24:b3:38:e0:58:df:9b:35:47:02:f3:
56:13:a3:a5:20:0f:4c:a0:76:c3:37:1b:54:36:2d:
c8:5d:44:5b:a8:a2:88:82:99:cc:4b:32:bb:cf:7a:
02:e2:db:da:d7:d3:f6:24:e4:29:63:cb:a1:2f:3a:
2a:c6:5a:aa:77:25:15:bf:7f:ed:91:40:6c:b1:e0:
8a:d8:86:d2:ee:81:69:a1:c1:46:3c:e5:8d:16:71:
74:4b:53:60:c3:b6:05:98:56:27:46:76:14:0f:be:
af:3b:95:1b:28:c0:c3:c4:a1:75:03:97:29:3d:02:
c4:25:e8:ba:cc:b8:98:4c:18:4a:36:e0:e8:a7:8f:
a0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:06:C0:74:C9:B0:E8:B1:A4:5A:B1:C5:21:2C:3D:82:35:DB:3D:71
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/aQbAdMmw6LGkWrHFISw9gjXbPXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.255.0/24
194.4.71.0/24
212.79.125.0/24
212.87.168.0/24
Signature Algorithm: sha256WithRSAEncryption
79:90:7d:99:43:b8:c8:3c:98:5c:95:fe:88:ef:12:ca:f5:2e:
3d:c9:1c:bb:de:b9:8f:4b:1d:d1:3a:f6:c3:bf:dc:e4:30:77:
3a:4c:18:9d:25:35:ab:62:8c:f1:d4:59:d2:56:c2:11:f4:55:
96:77:48:24:71:9a:38:a9:c5:d1:80:ef:21:77:99:9a:08:f6:
d7:da:35:12:5c:6e:e0:af:0d:65:79:54:f0:44:2b:0d:a7:ab:
b1:ea:c3:dd:b1:e9:d4:be:63:88:ec:0b:6e:c6:fa:6c:cc:62:
2c:b1:e7:26:de:0a:b7:80:1f:c7:29:6d:58:4a:e9:71:df:da:
3d:46:86:1d:b8:a3:75:0d:b8:29:5d:97:a6:b3:15:9b:17:7d:
1f:b1:2b:9c:91:b7:be:cc:f8:d6:fc:ce:6a:5c:1b:c7:82:92:
d0:8f:61:52:83:3d:18:75:a8:86:93:84:bb:f3:7f:12:a9:2c:
4d:df:77:b3:d7:cd:14:b9:40:4a:ba:bc:71:41:d6:37:5c:79:
6f:66:7c:6a:ab:79:b5:08:15:7f:bc:28:93:63:90:b9:93:71:
1e:0a:94:83:0c:43:19:04:39:74:a0:c1:65:9a:7d:e4:8e:46:
5e:20:d7:16:c8:48:38:ba:8d:6e:a3:82:10:21:84:9e:d4:f3:
c3:6b:e1:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntY9nOpzI0HHNJY4awcWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA2YzA3NGM5YjBlOGIxYTQ1YWIxYzUyMTJjM2Q4MjM1ZGIzZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQxZ+kjfAYDKX+LCAHxSukAJi9k6
U1l8xFiPsZSAdrgP9uyUPI/chAOZi5E5li/swaiY3RYvlybFMEaXXx+XZR182w7c
TfA6PKjPrC400zvpeA7gaJ66i7z5I7zrNWa5XH8wjkqUmB/wj2dc8S5ShCvpp0vK
bOu7nMg0JLM44FjfmzVHAvNWE6OlIA9MoHbDNxtUNi3IXURbqKKIgpnMSzK7z3oC
4tva19P2JOQpY8uhLzoqxlqqdyUVv3/tkUBsseCK2IbS7oFpocFGPOWNFnF0S1Ng
w7YFmFYnRnYUD76vO5UbKMDDxKF1A5cpPQLEJei6zLiYTBhKNuDop4+gCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGkGwHTJsOixpFqxxSEsPYI12z1xMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvYVFiQWRNbXc2TEdrV3JIRklTdzlnalhiUFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuX7/AwQA
wgRHAwQA1E99AwQA1FeoMA0GCSqGSIb3DQEBCwUAA4IBAQB5kH2ZQ7jIPJhclf6I
7xLK9S49yRy73rmPSx3ROvbDv9zkMHc6TBidJTWrYozx1FnSVsIR9FWWd0gkcZo4
qcXRgO8hd5maCPbX2jUSXG7grw1leVTwRCsNp6ux6sPdsenUvmOI7AtuxvpszGIs
secm3gq3gB/HKW1YSulx39o9RoYduKN1DbgpXZemsxWbF30fsSuckbe+zPjW/M5q
XBvHgpLQj2FSgz0YdaiGk4S7838SqSxN33ez180UuUBKurxxQdY3XHlvZnxqq3m1
CBV/vCiTY5C5k3EeCpSDDEMZBDl0oMFlmn3kjkZeINcWyEg4uo1uo4IQIYSe1PPD
a+FT
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:06:35 2025 by rpki-client