Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qg5zXCzdR4cvf1kUtniphUg2RdM.roa
File: Qg5zXCzdR4cvf1kUtniphUg2RdM.roa (raw, json)
Hash identifier: pYjCM+GoabgEzda27QmEZLoyKwBQSbmS6vCFlqDdM68=
Subject key identifier: 42:0E:73:5C:2C:DD:47:87:2F:7F:59:14:B6:78:A9:85:48:36:45:D3
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FDD7BDED3F88D8BD79AD03A52CE31
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qg5zXCzdR4cvf1kUtniphUg2RdM.roa
Signing time: Thu 02 Jan 2025 05:49:32 +0000
ROA not before: Thu 02 Jan 2025 05:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62065
IP address blocks: 92.38.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:dd:7b:de:d3:f8:8d:8b:d7:9a:d0:3a:52:ce:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=420e735c2cdd47872f7f5914b678a985483645d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:00:8e:8f:2c:67:b4:9e:c0:89:37:5b:27:
5c:df:87:db:00:49:69:51:d3:b4:43:84:bc:71:80:
9c:08:de:47:7c:9d:27:da:29:07:d4:bf:ff:65:92:
d3:92:e3:f7:be:29:04:fd:4b:85:fe:fd:bc:42:85:
d0:df:6e:df:01:ae:1a:70:ba:1c:b7:6f:9c:5c:a7:
6b:a1:c3:3a:05:da:fc:65:d5:12:b6:6c:4a:da:fa:
e2:a5:cf:a3:a3:6f:cf:fd:d2:c8:99:d0:2c:9f:8e:
a1:b6:c6:59:2e:39:78:bc:db:4a:9e:3f:2a:0b:65:
bb:61:ce:9f:74:9a:d8:b2:11:07:1a:6d:ef:52:16:
57:f3:a0:0e:f6:cd:fc:07:3b:14:8d:9c:55:c1:79:
1f:b2:71:a0:61:f5:4f:2a:e9:9b:09:93:a4:0d:28:
64:7f:4a:93:ea:74:f1:b6:c0:ac:07:a0:0b:a4:ae:
9c:d4:1f:e8:39:34:fc:b4:d5:2e:d0:8c:03:4b:f3:
b3:97:9a:7b:b4:46:89:30:d9:b2:24:a5:ee:ba:3a:
79:2b:98:2f:2b:c3:87:65:fb:bc:a0:60:57:82:88:
dc:11:9f:06:ba:65:ea:02:2f:e6:ce:f3:2b:79:e5:
01:c8:e7:6b:d2:dd:25:e3:11:4f:9e:65:0c:7d:66:
d9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0E:73:5C:2C:DD:47:87:2F:7F:59:14:B6:78:A9:85:48:36:45:D3
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qg5zXCzdR4cvf1kUtniphUg2RdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.2.0/24
Signature Algorithm: sha256WithRSAEncryption
80:95:67:b7:01:64:3b:55:d6:6f:55:a3:ff:0e:63:56:be:ec:
c1:39:4b:a0:43:1c:68:0d:f7:61:34:bc:76:b1:5b:fd:b9:f9:
98:65:26:ae:37:6b:a8:eb:4b:84:8a:7e:04:8a:43:84:2b:cc:
8e:35:e9:fd:d5:7e:70:82:b4:23:08:6c:b8:c3:cf:73:b3:e7:
d5:ae:c8:a7:c8:a9:e0:76:e7:08:c3:de:fa:37:57:de:70:d1:
51:94:b4:8c:43:88:e3:7f:62:3b:65:90:64:20:4e:9d:2a:4a:
d3:70:ba:12:a5:de:53:c2:4e:f8:44:44:44:f1:5b:16:29:dc:
29:22:3f:ce:14:72:8f:7b:e6:23:8a:d2:5f:3d:70:9a:27:87:
53:2e:e9:f2:21:d2:d1:22:ed:5e:33:c0:6d:1f:13:96:1a:75:
5c:d6:ae:6b:2b:94:bd:68:c8:be:ff:2e:c4:ba:f3:b1:16:9e:
df:ac:2b:4d:93:0e:b2:83:b8:4e:af:4e:af:82:44:db:d0:c2:
c2:70:59:76:36:4b:3a:d5:9d:7c:66:f1:f2:ae:dd:95:a5:2d:
55:d6:37:73:8d:d0:d8:07:2c:e1:9b:93:54:d2:12:fb:3a:f8:
a3:4b:ae:a3:0f:25:e5:c7:9a:19:8a:f9:67:26:8e:7a:41:2a:
a9:74:6b:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj9173tP4jYvXmtA6Us4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBlNzM1YzJjZGQ0Nzg3MmY3ZjU5MTRiNjc4YTk4NTQ4MzY0NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAcAjo8sZ7SewIk3Wydc34fbAElp
UdO0Q4S8cYCcCN5HfJ0n2ikH1L//ZZLTkuP3vikE/UuF/v28QoXQ327fAa4acLoc
t2+cXKdrocM6Bdr8ZdUStmxK2vripc+jo2/P/dLImdAsn46htsZZLjl4vNtKnj8q
C2W7Yc6fdJrYshEHGm3vUhZX86AO9s38BzsUjZxVwXkfsnGgYfVPKumbCZOkDShk
f0qT6nTxtsCsB6ALpK6c1B/oOTT8tNUu0IwDS/Ozl5p7tEaJMNmyJKXuujp5K5gv
K8OHZfu8oGBXgojcEZ8GumXqAi/mzvMreeUByOdr0t0l4xFPnmUMfWbZ6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIOc1ws3UeHL39ZFLZ4qYVINkXTMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUWc1elhDemRSNGN2ZjFrVXRuaXBoVWcyUmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCYCMA0G
CSqGSIb3DQEBCwUAA4IBAQCAlWe3AWQ7VdZvVaP/DmNWvuzBOUugQxxoDfdhNLx2
sVv9ufmYZSauN2uo60uEin4EikOEK8yONen91X5wgrQjCGy4w89zs+fVrsinyKng
ducIw976N1fecNFRlLSMQ4jjf2I7ZZBkIE6dKkrTcLoSpd5Twk74RERE8VsWKdwp
Ij/OFHKPe+YjitJfPXCaJ4dTLunyIdLRIu1eM8BtHxOWGnVc1q5rK5S9aMi+/y7E
uvOxFp7frCtNkw6yg7hOr06vgkTb0MLCcFl2Nks61Z18ZvHyrt2VpS1V1jdzjdDY
Byzhm5NU0hL7OvijS66jDyXlx5oZivlnJo56QSqpdGs6
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:10 2025 by rpki-client