Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qQQgXgiPVbdWdT3mcmGp6Ku17nU.roa
File: qQQgXgiPVbdWdT3mcmGp6Ku17nU.roa (raw, json)
Hash identifier: Yvi4m8LkE60ecW6yAqutacNNTGm3HVOt5K1ydh+dvtg=
Subject key identifier: A9:04:20:5E:08:8F:55:B7:56:75:3D:E6:72:61:A9:E8:AB:B5:EE:75
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01954CB6251E72E4E7B5931FF14E5077E394
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qQQgXgiPVbdWdT3mcmGp6Ku17nU.roa
Signing time: Fri 28 Feb 2025 13:19:20 +0000
ROA not before: Fri 28 Feb 2025 13:19:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 155.2.189.0/24 maxlen: 24
170.62.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:b6:25:1e:72:e4:e7:b5:93:1f:f1:4e:50:77:e3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 28 13:19:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a904205e088f55b756753de67261a9e8abb5ee75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:11:89:07:cc:e6:09:de:5d:e7:bd:03:f8:11:
80:a5:cd:d5:2f:8b:f3:9e:ce:b5:dd:93:d4:94:54:
cb:fc:bc:db:f5:d0:71:23:1d:71:7b:72:4f:e2:05:
e2:06:47:50:c7:58:44:6f:82:ab:ff:56:0b:38:5d:
12:8e:4c:1a:43:f4:66:19:a6:dd:27:5a:43:e1:d9:
9f:54:9a:67:6d:f6:24:14:3d:af:35:4d:a5:f6:11:
d9:d7:87:1d:a6:16:c4:de:57:f0:99:51:a9:eb:ed:
67:13:99:ec:98:9c:5d:ac:d4:d5:e6:c6:0c:4f:c8:
34:ee:35:5b:3c:d9:41:1b:89:55:5c:b8:d5:1c:5f:
60:80:8e:f6:63:47:f9:8e:70:75:29:3f:c4:81:be:
b8:2d:e6:72:f1:ea:e5:92:51:73:4c:65:3c:98:27:
87:ed:89:ba:6e:42:2b:2e:aa:8f:1e:a5:76:2b:ae:
4a:7b:03:24:26:b7:d0:6c:dc:e5:5e:6c:e5:34:49:
0e:da:9f:ea:4a:df:32:41:0e:bc:f4:c8:56:3e:84:
a6:67:ee:b6:3d:0b:f5:97:f0:55:16:1c:d0:dc:a2:
ab:17:28:24:20:b5:fe:8c:43:17:59:0a:ef:b9:31:
70:f2:20:5d:0d:b8:2d:5a:53:53:c5:93:62:f9:0f:
d4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:04:20:5E:08:8F:55:B7:56:75:3D:E6:72:61:A9:E8:AB:B5:EE:75
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/qQQgXgiPVbdWdT3mcmGp6Ku17nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.2.189.0/24
170.62.161.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:10:34:a6:4c:13:96:13:56:79:19:38:67:bf:06:b9:0f:be:
29:14:15:c9:39:f0:d2:9e:0c:08:ec:5b:44:ec:ac:6e:fc:fa:
cf:d9:95:58:b3:27:a3:1d:85:81:6f:5f:96:7c:40:7b:57:2d:
c2:3d:b3:b6:c9:64:75:33:b6:52:9d:5b:a8:cc:34:d2:9c:64:
25:4c:6b:1e:4f:e8:2b:01:55:73:0d:d5:7c:a4:6f:0c:5d:3f:
db:4d:de:74:fa:32:31:c9:ae:8a:e4:97:66:8c:98:3e:a7:4e:
63:5b:12:9a:93:11:67:b6:9e:fa:2a:6f:4a:e6:5a:ec:96:8e:
40:ca:23:25:ed:a1:2b:9d:d6:48:f9:84:ea:c8:4d:e5:e4:52:
68:11:b6:7e:c1:c9:b8:96:5a:91:c0:e6:b1:42:27:a8:22:07:
6e:af:bf:20:19:97:27:d9:af:5e:d0:f3:d8:08:fc:66:0b:dd:
f1:21:67:b0:18:df:d6:43:1d:51:3d:40:da:00:a8:e2:84:07:
70:3a:fd:be:6f:ec:d2:f7:02:4b:93:48:84:bf:a4:5e:52:05:
d8:ae:91:01:28:e6:54:57:13:8c:18:ca:4e:ad:af:09:f9:77:
de:ab:96:43:0d:38:f8:9b:84:b3:62:90:9a:e5:ba:ad:d3:c9:
61:a6:14:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVMtiUecuTntZMf8U5Qd+OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI4MTMxOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA0MjA1ZTA4OGY1NWI3NTY3NTNkZTY3MjYxYTllOGFiYjVlZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxGJB8zmCd5d570D+BGApc3VL4vz
ns613ZPUlFTL/Lzb9dBxIx1xe3JP4gXiBkdQx1hEb4Kr/1YLOF0SjkwaQ/RmGabd
J1pD4dmfVJpnbfYkFD2vNU2l9hHZ14cdphbE3lfwmVGp6+1nE5nsmJxdrNTV5sYM
T8g07jVbPNlBG4lVXLjVHF9ggI72Y0f5jnB1KT/Egb64LeZy8erlklFzTGU8mCeH
7Ym6bkIrLqqPHqV2K65KewMkJrfQbNzlXmzlNEkO2p/qSt8yQQ689MhWPoSmZ+62
PQv1l/BVFhzQ3KKrFygkILX+jEMXWQrvuTFw8iBdDbgtWlNTxZNi+Q/UAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKkEIF4Ij1W3VnU95nJhqeirte51MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvcVFRZ1hnaVBWYmRXZFQzbWNtR3A2S3UxN25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmwK9AwQA
qj6hMA0GCSqGSIb3DQEBCwUAA4IBAQDYEDSmTBOWE1Z5GThnvwa5D74pFBXJOfDS
ngwI7FtE7Kxu/PrP2ZVYsyejHYWBb1+WfEB7Vy3CPbO2yWR1M7ZSnVuozDTSnGQl
TGseT+grAVVzDdV8pG8MXT/bTd50+jIxya6K5JdmjJg+p05jWxKakxFntp76Km9K
5lrslo5AyiMl7aErndZI+YTqyE3l5FJoEbZ+wcm4llqRwOaxQieoIgdur78gGZcn
2a9e0PPYCPxmC93xIWewGN/WQx1RPUDaAKjihAdwOv2+b+zS9wJLk0iEv6ReUgXY
rpEBKOZUVxOMGMpOra8J+Xfeq5ZDDTj4m4SzYpCa5bqt08lhphSz
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:46:03 2025 by rpki-client