Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/32b1ac-4189-49fd-a999-b8f3b779e54b/1/lqUgtVIOgNM_8oahrIOECTTMeHE.roa
File: lqUgtVIOgNM_8oahrIOECTTMeHE.roa (raw, json)
Hash identifier: SpiLSoHograVnyHrwg8KcUf+YJh+U33Y4LuzthE2ieU=
Subject key identifier: 96:A5:20:B5:52:0E:80:D3:3F:F2:86:A1:AC:83:84:09:34:CC:78:71
Certificate issuer: /CN=6af3aa0140b7983500ea829f3c36bbfb65af9972
Certificate serial: 019421B1F5FEEB7E1C4CC65440C9159B932A
Authority key identifier: 6A:F3:AA:01:40:B7:98:35:00:EA:82:9F:3C:36:BB:FB:65:AF:99:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avOqAUC3mDUA6oKfPDa7-2WvmXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/32b1ac-4189-49fd-a999-b8f3b779e54b/1/lqUgtVIOgNM_8oahrIOECTTMeHE.roa
Signing time: Wed 01 Jan 2025 11:48:18 +0000
ROA not before: Wed 01 Jan 2025 11:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 185.126.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f5:fe:eb:7e:1c:4c:c6:54:40:c9:15:9b:93:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6af3aa0140b7983500ea829f3c36bbfb65af9972
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96a520b5520e80d33ff286a1ac83840934cc7871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d8:53:55:28:b8:df:5a:64:43:50:3c:fe:fb:
14:a6:0c:c1:5b:b1:ac:7c:08:46:81:78:35:ff:68:
c1:e8:f8:0d:04:b9:b9:ea:e8:f7:00:e5:fa:39:59:
07:fb:cf:c0:cf:6a:47:bb:10:c3:16:83:97:68:11:
96:66:34:88:95:f6:c8:55:47:0f:ad:34:e7:82:e0:
e2:46:f1:18:64:8b:4a:04:4c:c5:38:b8:a3:93:cb:
15:50:c0:95:cd:d1:00:c5:72:37:a9:97:52:f2:70:
1d:9a:23:2d:89:51:f5:06:01:ed:27:0d:12:ce:8a:
aa:db:40:44:8f:48:b4:3a:62:7f:29:7b:25:56:6c:
c0:46:43:3f:c3:c2:42:ca:95:4a:1c:8f:09:76:26:
01:02:84:e0:06:78:42:da:47:58:6c:d8:a1:1f:75:
56:e7:91:62:47:b9:a5:97:76:b8:5a:d1:46:69:8b:
2a:0f:41:66:20:59:f1:33:c2:e9:b4:4f:41:29:29:
a3:0e:9d:8a:57:e6:89:d7:13:b3:3c:2a:0a:96:9b:
e2:b6:d7:91:42:c9:8f:93:cd:e0:9f:0a:50:d4:6e:
9d:74:26:86:eb:52:80:c6:b3:41:71:5a:24:64:3c:
bc:30:6e:fe:35:51:de:e0:b7:d5:65:6e:d3:8b:93:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A5:20:B5:52:0E:80:D3:3F:F2:86:A1:AC:83:84:09:34:CC:78:71
X509v3 Authority Key Identifier:
keyid:6A:F3:AA:01:40:B7:98:35:00:EA:82:9F:3C:36:BB:FB:65:AF:99:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avOqAUC3mDUA6oKfPDa7-2WvmXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/32b1ac-4189-49fd-a999-b8f3b779e54b/1/lqUgtVIOgNM_8oahrIOECTTMeHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/32b1ac-4189-49fd-a999-b8f3b779e54b/1/avOqAUC3mDUA6oKfPDa7-2WvmXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.220.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3c:f8:3c:f1:aa:c7:88:e7:66:41:09:81:f5:d6:97:c5:b5:
66:d4:42:61:38:8b:5d:a5:63:82:2a:ec:79:f7:16:87:a8:90:
f8:f6:e5:e2:9c:7b:08:0c:6b:9e:45:ac:8a:8d:d7:fb:1c:bf:
ca:50:49:40:d4:b0:2a:4c:64:04:82:96:d2:37:10:8a:a4:2d:
5a:22:7b:00:7e:2c:56:c7:bf:17:8d:3b:b6:e0:da:01:03:f0:
00:95:b0:61:99:8e:02:c3:da:1e:a8:e8:a7:e1:2a:57:2a:71:
45:28:1b:a9:6a:10:c0:72:03:ae:51:44:27:cd:a0:6a:ea:3f:
cb:b5:37:2f:36:38:4e:98:89:3c:4b:83:1f:56:9a:86:32:1e:
86:2c:f4:d9:a6:7f:c1:f1:5e:4d:26:78:6c:d9:01:46:49:9b:
67:02:21:00:0e:a4:4f:67:57:6a:93:3d:08:1f:dc:e6:20:91:
4c:ab:a5:5c:e3:4e:7c:b0:82:6e:97:a2:41:cf:aa:12:d1:a0:
91:b3:05:d1:9c:d6:22:a9:58:bd:cb:f8:67:89:2b:00:b1:a0:
2b:6c:67:cb:77:1d:a0:19:36:84:46:05:50:94:c5:03:2d:50:
26:0f:17:72:69:30:62:f5:7e:7e:16:bf:d3:4a:be:c4:45:65:
0e:62:62:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsfX+634cTMZUQMkVm5MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjNhYTAxNDBiNzk4MzUwMGVhODI5ZjNjMzZiYmZiNjVh
Zjk5NzIwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmE1MjBiNTUyMGU4MGQzM2ZmMjg2YTFhYzgzODQwOTM0Y2M3ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuthTVSi431pkQ1A8/vsUpgzBW7Gs
fAhGgXg1/2jB6PgNBLm56uj3AOX6OVkH+8/Az2pHuxDDFoOXaBGWZjSIlfbIVUcP
rTTnguDiRvEYZItKBEzFOLijk8sVUMCVzdEAxXI3qZdS8nAdmiMtiVH1BgHtJw0S
zoqq20BEj0i0OmJ/KXslVmzARkM/w8JCypVKHI8JdiYBAoTgBnhC2kdYbNihH3VW
55FiR7mll3a4WtFGaYsqD0FmIFnxM8LptE9BKSmjDp2KV+aJ1xOzPCoKlpvitteR
QsmPk83gnwpQ1G6ddCaG61KAxrNBcVokZDy8MG7+NVHe4LfVZW7Ti5MZ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJalILVSDoDTP/KGoayDhAk0zHhxMB8GA1UdIwQY
MBaAFGrzqgFAt5g1AOqCnzw2u/tlr5lyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZPcUFVQzNtRFVBNm9LZlBEYTctMld2bVhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zMmIxYWMtNDE4OS00OWZkLWE5OTkt
YjhmM2I3NzllNTRiLzEvbHFVZ3RWSU9nTk1fOG9haHJJT0VDVFRNZUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zMmIxYWMtNDE4OS00OWZkLWE5OTktYjhmM2I3NzllNTRi
LzEvYXZPcUFVQzNtRFVBNm9LZlBEYTctMld2bVhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX7cMA0G
CSqGSIb3DQEBCwUAA4IBAQADPPg88arHiOdmQQmB9daXxbVm1EJhOItdpWOCKux5
9xaHqJD49uXinHsIDGueRayKjdf7HL/KUElA1LAqTGQEgpbSNxCKpC1aInsAfixW
x78XjTu24NoBA/AAlbBhmY4Cw9oeqOin4SpXKnFFKBupahDAcgOuUUQnzaBq6j/L
tTcvNjhOmIk8S4MfVpqGMh6GLPTZpn/B8V5NJnhs2QFGSZtnAiEADqRPZ1dqkz0I
H9zmIJFMq6Vc4058sIJul6JBz6oS0aCRswXRnNYiqVi9y/hniSsAsaArbGfLdx2g
GTaERgVQlMUDLVAmDxdyaTBi9X5+Fr/TSr7ERWUOYmJq
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:32 2025 by rpki-client