Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/uO-YPOrqSVsCROIQOsRcjqgvYnU.roa
File: uO-YPOrqSVsCROIQOsRcjqgvYnU.roa (raw, json)
Hash identifier: IkBoSVYTGOWWZUsoTf2azWq3lvvu/HuBDzDMLsVfl/c=
Subject key identifier: B8:EF:98:3C:EA:EA:49:5B:02:44:E2:10:3A:C4:5C:8E:A8:2F:62:75
Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Certificate serial: 018573561BE05377604B4E6156AD050B75C4
Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/uO-YPOrqSVsCROIQOsRcjqgvYnU.roa
Signing time: Mon 02 Jan 2023 16:35:01 +0000
ROA not before: Mon 02 Jan 2023 16:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15739
IP address blocks: 185.91.96.0/23 maxlen: 24
185.91.97.0/24 maxlen: 24
185.91.98.0/23 maxlen: 24
185.91.98.0/24 maxlen: 24
2a05:e380::/29 maxlen: 29
2a05:e380:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:1b:e0:53:77:60:4b:4e:61:56:ad:05:0b:75:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Validity
Not Before: Jan 2 16:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8ef983ceaea495b0244e2103ac45c8ea82f6275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:40:38:06:7d:62:e5:64:7b:d5:90:d4:4b:31:
5e:dc:e1:24:a9:11:e0:f6:57:a2:bf:3f:23:75:5f:
ff:75:52:97:ff:97:aa:7d:7b:7c:54:92:12:8a:56:
5c:e7:a6:98:d9:43:4d:a3:27:6b:e4:04:e7:4d:13:
24:8b:1e:6a:b6:3b:57:75:56:8c:24:e5:02:8e:49:
d5:a0:02:ae:a9:c8:bc:ff:c8:39:51:6b:5f:d0:62:
f1:b1:2e:bd:f1:01:3c:8b:a3:dd:85:ac:de:62:0f:
24:d3:27:5a:1c:72:9f:b0:d3:90:36:f3:5e:fa:56:
0d:87:87:fd:56:d5:ab:2a:ef:30:7d:58:3f:8d:eb:
63:95:42:b2:97:89:fe:b8:f2:76:c0:02:c2:ff:e3:
a4:95:dd:b9:ba:4d:76:8b:8f:d3:65:0f:3c:e7:7f:
41:f7:d8:ed:ce:17:a4:9d:7c:8f:99:88:ec:bb:98:
6a:07:3a:64:9d:f7:f0:ea:52:4f:55:83:82:c8:48:
5c:c8:09:d3:e7:97:c7:1e:4a:ca:84:b3:06:c6:81:
c6:1f:82:e5:4c:05:e0:42:dd:f2:1c:a9:91:b2:6a:
13:08:58:ae:0b:26:38:a8:0d:a3:be:52:f0:01:23:
d8:21:d5:d6:1f:03:c9:1b:28:b5:c4:e3:84:1d:1d:
c8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EF:98:3C:EA:EA:49:5B:02:44:E2:10:3A:C4:5C:8E:A8:2F:62:75
X509v3 Authority Key Identifier:
keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/uO-YPOrqSVsCROIQOsRcjqgvYnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.96.0/22
IPv6:
2a05:e380::/29
Signature Algorithm: sha256WithRSAEncryption
29:5e:e0:52:da:c9:81:94:d1:f7:5d:2b:a2:91:bb:86:c9:07:
ed:de:e3:43:e1:38:e4:84:72:ed:7c:a2:c0:2a:37:17:42:35:
34:8c:1a:e1:47:a2:68:ba:29:d1:77:3d:6d:a1:78:b6:d6:5a:
27:ed:d0:5d:9e:9c:fa:4d:28:c6:57:cc:23:02:5f:19:5e:45:
3a:9a:9e:fa:ad:44:ec:e9:2e:d5:2c:c3:88:7f:33:f5:07:f6:
21:7e:e5:71:93:4e:52:42:6a:99:2d:fd:9d:ab:84:79:01:70:
d5:19:14:68:c1:8f:98:28:bb:b7:79:c4:6a:b3:f8:f6:f0:63:
51:7f:ad:79:28:95:7b:74:a3:26:9a:ab:6f:7a:dd:8c:3d:f6:
c1:95:1f:0b:3b:5a:34:e2:94:23:f0:35:4d:ba:98:bc:b5:dd:
71:75:2c:2c:ba:0e:8f:8d:48:3d:43:52:3c:e7:ad:12:ad:f6:
43:00:f8:b0:a8:78:0e:0d:d4:f4:1e:12:dd:33:be:af:ef:d8:
4f:a4:72:00:4c:18:d0:0c:3e:98:ec:95:05:90:09:ac:53:43:
7c:1a:b6:9f:44:33:a8:84:a3:22:05:40:c6:b0:e2:ee:8c:8d:
14:45:29:fb:bf:5e:da:a3:8e:13:5d:e3:c1:b8:12:4a:7c:f0:
1b:f0:b9:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzVhvgU3dgS05hVq0FC3XEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRi
YTMyMTQwHhcNMjMwMTAyMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVmOTgzY2VhZWE0OTViMDI0NGUyMTAzYWM0NWM4ZWE4MmY2Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UA4Bn1i5WR71ZDUSzFe3OEkqRHg
9leivz8jdV//dVKX/5eqfXt8VJISilZc56aY2UNNoydr5ATnTRMkix5qtjtXdVaM
JOUCjknVoAKuqci8/8g5UWtf0GLxsS698QE8i6PdhazeYg8k0ydaHHKfsNOQNvNe
+lYNh4f9VtWrKu8wfVg/jetjlUKyl4n+uPJ2wALC/+Okld25uk12i4/TZQ88539B
99jtzheknXyPmYjsu5hqBzpknffw6lJPVYOCyEhcyAnT55fHHkrKhLMGxoHGH4Ll
TAXgQt3yHKmRsmoTCFiuCyY4qA2jvlLwASPYIdXWHwPJGyi1xOOEHR3I3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjvmDzq6klbAkTiEDrEXI6oL2J1MB8GA1UdIwQY
MBaAFED4cuTNsH1oORR+Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTkt
ZGExMzhhZGUyMjJiLzEvdU8tWVBPcnFTVnNDUk9JUU9zUmNqcWd2WW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJi
LzEvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtgMA0E
AgACMAcDBQMqBeOAMA0GCSqGSIb3DQEBCwUAA4IBAQApXuBS2smBlNH3XSuikbuG
yQft3uND4TjkhHLtfKLAKjcXQjU0jBrhR6JouinRdz1toXi21lon7dBdnpz6TSjG
V8wjAl8ZXkU6mp76rUTs6S7VLMOIfzP1B/YhfuVxk05SQmqZLf2dq4R5AXDVGRRo
wY+YKLu3ecRqs/j28GNRf615KJV7dKMmmqtvet2MPfbBlR8LO1o04pQj8DVNupi8
td1xdSwsug6PjUg9Q1I8560SrfZDAPiwqHgODdT0HhLdM76v79hPpHIATBjQDD6Y
7JUFkAmsU0N8GrafRDOohKMiBUDGsOLujI0URSn7v17ao44TXePBuBJKfPAb8Ln+
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:36:19 2025 by rpki-client