Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9cfd8e-23cd-447a-9d2c-d0b111ba4148/1/JQ4W3G2wBUo6PRPPv0dVzYu4y4w.roa
File: JQ4W3G2wBUo6PRPPv0dVzYu4y4w.roa (raw, json)
Hash identifier: JHM9O5mRc/9ugG6o1WcR1yYfnaT1Q2KD2tNJG5Hqsco=
Subject key identifier: 25:0E:16:DC:6D:B0:05:4A:3A:3D:13:CF:BF:47:55:CD:8B:B8:CB:8C
Certificate issuer: /CN=28f567549983f43add998c36e8f78bd15f45a2cc
Certificate serial: 0194258F6695DB9B6A486BC8CEC865F3BBD4
Authority key identifier: 28:F5:67:54:99:83:F4:3A:DD:99:8C:36:E8:F7:8B:D1:5F:45:A2:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPVnVJmD9DrdmYw26PeL0V9Fosw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/9cfd8e-23cd-447a-9d2c-d0b111ba4148/1/JQ4W3G2wBUo6PRPPv0dVzYu4y4w.roa
Signing time: Thu 02 Jan 2025 05:49:02 +0000
ROA not before: Thu 02 Jan 2025 05:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199947
IP address blocks: 45.140.84.0/22 maxlen: 22
185.41.32.0/22 maxlen: 22
2a01:5420::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:66:95:db:9b:6a:48:6b:c8:ce:c8:65:f3:bb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f567549983f43add998c36e8f78bd15f45a2cc
Validity
Not Before: Jan 2 05:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=250e16dc6db0054a3a3d13cfbf4755cd8bb8cb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:53:5d:2d:7a:c4:76:6d:d7:14:87:ed:5e:b0:
97:bf:ba:80:70:a9:cf:6b:02:fa:6c:8f:3d:79:fe:
68:ab:4f:ed:a6:2b:bc:00:a2:4a:11:dd:e5:a2:22:
bf:ac:15:86:93:03:74:52:76:e9:e0:52:2b:57:8f:
70:d2:f4:36:dc:34:61:24:ee:dd:a4:7d:a8:2c:3c:
06:a7:09:0a:97:45:aa:b2:bf:fe:6f:8c:e8:03:96:
a2:17:82:d9:8a:9d:ac:90:80:44:bd:47:2f:e0:eb:
5c:4d:c2:a2:cb:35:87:71:24:82:39:2e:f7:4d:b6:
02:0c:47:29:7d:06:85:02:a9:3e:bc:c7:fc:56:d3:
4f:39:85:a7:fb:36:19:e9:85:b1:c5:c4:26:4f:e0:
aa:70:d0:2a:17:0e:dc:26:36:0a:14:d3:bd:74:9e:
27:a8:1c:c3:ec:b3:cb:c9:1a:f0:99:72:0a:cb:3c:
42:f9:6a:b3:36:b7:af:d0:22:aa:36:ce:49:61:1f:
0e:14:8d:fe:70:86:a8:1e:3e:21:56:97:a2:14:20:
b1:6c:ce:21:96:06:a1:b9:be:df:27:75:52:da:22:
10:a8:b1:d5:53:5e:a9:8a:67:bb:43:ba:db:32:41:
4c:0c:96:5c:fb:52:8a:93:ec:95:86:f0:7f:70:0d:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0E:16:DC:6D:B0:05:4A:3A:3D:13:CF:BF:47:55:CD:8B:B8:CB:8C
X509v3 Authority Key Identifier:
keyid:28:F5:67:54:99:83:F4:3A:DD:99:8C:36:E8:F7:8B:D1:5F:45:A2:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPVnVJmD9DrdmYw26PeL0V9Fosw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9cfd8e-23cd-447a-9d2c-d0b111ba4148/1/JQ4W3G2wBUo6PRPPv0dVzYu4y4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9cfd8e-23cd-447a-9d2c-d0b111ba4148/1/KPVnVJmD9DrdmYw26PeL0V9Fosw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.84.0/22
185.41.32.0/22
IPv6:
2a01:5420::/32
Signature Algorithm: sha256WithRSAEncryption
2c:e8:5a:b2:95:81:18:94:1e:10:ad:86:3f:7a:29:38:3d:af:
ee:ec:02:3d:8f:29:97:be:24:5d:e2:ab:71:14:20:5a:46:6a:
f5:c7:f6:d8:b4:f1:1b:02:ae:a4:d6:65:96:e3:b2:67:77:9c:
d5:86:0d:35:a8:3d:d3:d3:0c:20:ad:dd:d0:54:b5:8a:f7:bd:
d5:6b:13:c5:64:cf:f2:1d:14:21:d0:22:30:8a:2f:8a:22:49:
05:a9:a3:bc:c7:26:f7:cd:e3:c5:09:0e:8a:14:d5:1d:86:be:
c2:31:0d:ba:3b:bb:b2:f2:26:ea:d8:1a:32:e0:ab:7b:76:fa:
fc:29:94:b2:88:ee:80:65:81:a1:ba:e5:e3:42:5c:74:5e:7b:
d9:93:42:35:4f:65:ba:e2:8b:ef:6c:91:87:0c:89:c3:04:75:
a4:5b:28:7c:ed:ce:d2:ed:08:2f:97:cc:e7:b9:cd:5a:dd:49:
59:7d:33:60:70:d6:77:40:b9:2c:3a:0e:55:58:9b:0f:eb:0c:
b2:12:a2:ef:5d:9f:48:24:e4:dd:bc:ea:a5:02:9d:cf:2c:58:
8e:45:a7:fb:29:7e:91:42:a2:4e:73:f5:cd:26:29:e5:73:76:
4b:97:1e:81:bc:bb:e3:29:64:94:eb:1b:eb:6e:56:fa:4e:1c:
64:36:05:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj2aV25tqSGvIzshl87vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZjU2NzU0OTk4M2Y0M2FkZDk5OGMzNmU4Zjc4YmQxNWY0
NWEyY2MwHhcNMjUwMTAyMDU0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBlMTZkYzZkYjAwNTRhM2EzZDEzY2ZiZjQ3NTVjZDhiYjhjYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVNdLXrEdm3XFIftXrCXv7qAcKnP
awL6bI89ef5oq0/tpiu8AKJKEd3loiK/rBWGkwN0Unbp4FIrV49w0vQ23DRhJO7d
pH2oLDwGpwkKl0Wqsr/+b4zoA5aiF4LZip2skIBEvUcv4OtcTcKiyzWHcSSCOS73
TbYCDEcpfQaFAqk+vMf8VtNPOYWn+zYZ6YWxxcQmT+CqcNAqFw7cJjYKFNO9dJ4n
qBzD7LPLyRrwmXIKyzxC+WqzNrev0CKqNs5JYR8OFI3+cIaoHj4hVpeiFCCxbM4h
lgahub7fJ3VS2iIQqLHVU16pime7Q7rbMkFMDJZc+1KKk+yVhvB/cA3CNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCUOFtxtsAVKOj0Tz79HVc2LuMuMMB8GA1UdIwQY
MBaAFCj1Z1SZg/Q63ZmMNuj3i9FfRaLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BWblZKbUQ5RHJkbVl3MjZQZUwwVjlGb3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85Y2ZkOGUtMjNjZC00NDdhLTlkMmMt
ZDBiMTExYmE0MTQ4LzEvSlE0VzNHMndCVW82UFJQUHYwZFZ6WXU0eTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85Y2ZkOGUtMjNjZC00NDdhLTlkMmMtZDBiMTExYmE0MTQ4
LzEvS1BWblZKbUQ5RHJkbVl3MjZQZUwwVjlGb3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYxUAwQC
uSkgMA0EAgACMAcDBQAqAVQgMA0GCSqGSIb3DQEBCwUAA4IBAQAs6FqylYEYlB4Q
rYY/eik4Pa/u7AI9jymXviRd4qtxFCBaRmr1x/bYtPEbAq6k1mWW47Jnd5zVhg01
qD3T0wwgrd3QVLWK973VaxPFZM/yHRQh0CIwii+KIkkFqaO8xyb3zePFCQ6KFNUd
hr7CMQ26O7uy8ibq2Boy4Kt7dvr8KZSyiO6AZYGhuuXjQlx0XnvZk0I1T2W64ovv
bJGHDInDBHWkWyh87c7S7Qgvl8znuc1a3UlZfTNgcNZ3QLksOg5VWJsP6wyyEqLv
XZ9IJOTdvOqlAp3PLFiORaf7KX6RQqJOc/XNJinlc3ZLlx6BvLvjKWSU6xvrblb6
ThxkNgVH
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:54 2025 by rpki-client