Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/qgk9CcOKJeHB4UQVEukQ6XNupOQ.roa
File: qgk9CcOKJeHB4UQVEukQ6XNupOQ.roa (raw, json)
Hash identifier: xzLrw8z5yp8njdLFgaPHYNNpknilQZqudE/wiOBlJL4=
Subject key identifier: AA:09:3D:09:C3:8A:25:E1:C1:E1:44:15:12:E9:10:E9:73:6E:A4:E4
Certificate issuer: /CN=6583d322ef24c87198b765ea1d1c42c283a7f8f6
Certificate serial: 01942444C1946EAD3CFFC3C6DA3A3A46FD09
Authority key identifier: 65:83:D3:22:EF:24:C8:71:98:B7:65:EA:1D:1C:42:C2:83:A7:F8:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/qgk9CcOKJeHB4UQVEukQ6XNupOQ.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209209
IP address blocks: 185.232.44.0/24 maxlen: 24
2a11:fe80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c1:94:6e:ad:3c:ff:c3:c6:da:3a:3a:46:fd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6583d322ef24c87198b765ea1d1c42c283a7f8f6
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa093d09c38a25e1c1e1441512e910e9736ea4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:63:0e:a2:9c:41:44:aa:88:70:39:65:87:
9e:48:47:f1:a5:43:02:a3:50:ac:b9:cf:7a:46:75:
d0:c6:40:91:e3:12:a8:e8:ef:5a:0d:68:b6:fc:3a:
9c:66:e4:c8:2e:33:13:94:23:4d:a1:43:91:b2:0b:
27:fd:2c:60:98:d7:6e:6d:42:d9:b8:5f:04:f4:e1:
9c:1d:20:99:e8:3e:c2:a8:18:7f:f7:53:d9:b8:7d:
ea:4f:84:00:f0:d4:d2:3e:98:0d:67:c4:01:c8:44:
fb:aa:ab:f8:90:c0:de:67:2a:ef:a3:be:a1:26:e7:
2f:a6:08:cb:4a:29:db:e2:9b:02:88:57:4a:24:18:
b4:b4:89:cd:ac:d2:d9:e4:d7:29:62:46:c4:2d:e7:
35:fc:fb:e8:c7:29:59:ff:5a:c3:55:73:73:2f:98:
72:cb:59:07:8a:87:6d:e0:4c:4e:3d:e5:fd:93:11:
3b:c9:67:09:56:b8:70:f4:b2:59:14:8a:a3:5e:66:
da:82:87:0d:0c:27:95:70:73:18:fe:87:48:b0:72:
a6:9a:a2:8a:a3:c2:69:89:c7:4e:3b:26:d9:f1:7e:
19:cf:8f:44:6a:1f:e7:58:94:87:77:58:e1:14:ae:
22:0c:34:80:cd:0f:36:8e:6a:fa:02:d0:39:18:3f:
55:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:09:3D:09:C3:8A:25:E1:C1:E1:44:15:12:E9:10:E9:73:6E:A4:E4
X509v3 Authority Key Identifier:
keyid:65:83:D3:22:EF:24:C8:71:98:B7:65:EA:1D:1C:42:C2:83:A7:F8:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/qgk9CcOKJeHB4UQVEukQ6XNupOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.44.0/24
IPv6:
2a11:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
12:b3:4a:d9:c3:a5:32:37:eb:ca:aa:e3:ac:80:53:ce:e0:7a:
a5:37:6d:14:23:12:70:87:7a:29:cb:09:8c:5b:9e:7f:23:4a:
da:1e:a5:a9:67:7e:0c:6e:a7:20:92:77:76:ac:95:b3:c6:a0:
ac:4f:73:b9:a1:68:92:50:4a:1d:50:26:3d:83:94:e3:6e:aa:
d6:53:9e:3d:c6:7d:22:9c:e1:e6:0f:ed:c8:87:19:d9:55:f0:
7b:e6:68:32:1c:cb:3f:ef:6f:26:69:3c:3b:4a:c6:46:73:43:
65:ca:dc:1b:a1:cb:33:64:9f:59:94:97:84:87:cc:8e:c1:2e:
59:63:ff:94:30:b6:3e:20:c3:df:20:ce:ba:c2:d6:83:2e:67:
53:1d:67:67:ee:4f:df:f6:e9:65:29:fc:07:fd:e7:48:00:f0:
14:ee:af:10:fb:bb:b9:7f:84:2e:e7:c1:15:8f:60:89:78:79:
7d:1a:16:45:b3:ef:83:fa:95:2b:99:fc:f7:f6:f4:9e:c4:72:
27:40:d4:71:7a:c0:b3:03:29:a6:2c:cf:79:0e:60:d5:23:04:
fc:98:3b:30:6a:0d:51:d5:9f:22:fc:d7:a6:50:ba:44:ac:48:
e7:3e:9a:e5:36:bc:94:a7:6c:12:6d:48:9f:13:0d:bd:cf:f9:
9f:29:dc:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRMGUbq08/8PG2jo6Rv0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODNkMzIyZWYyNGM4NzE5OGI3NjVlYTFkMWM0MmMyODNh
N2Y4ZjYwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA5M2QwOWMzOGEyNWUxYzFlMTQ0MTUxMmU5MTBlOTczNmVhNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh1jDqKcQUSqiHA5ZYeeSEfxpUMC
o1Csuc96RnXQxkCR4xKo6O9aDWi2/DqcZuTILjMTlCNNoUORsgsn/SxgmNdubULZ
uF8E9OGcHSCZ6D7CqBh/91PZuH3qT4QA8NTSPpgNZ8QByET7qqv4kMDeZyrvo76h
JucvpgjLSinb4psCiFdKJBi0tInNrNLZ5NcpYkbELec1/PvoxylZ/1rDVXNzL5hy
y1kHiodt4ExOPeX9kxE7yWcJVrhw9LJZFIqjXmbagocNDCeVcHMY/odIsHKmmqKK
o8JpicdOOybZ8X4Zz49Eah/nWJSHd1jhFK4iDDSAzQ82jmr6AtA5GD9VNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoJPQnDiiXhweFEFRLpEOlzbqTkMB8GA1UdIwQY
MBaAFGWD0yLvJMhxmLdl6h0cQsKDp/j2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllQVEl1OGt5SEdZdDJYcUhSeEN3b09uLVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDk3MWEtODg5MS00YjUzLTk0NGMt
NWJlOWUxMTdkYmRhLzEvcWdrOUNjT0tKZUhCNFVRVkV1a1E2WE51cE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDk3MWEtODg5MS00YjUzLTk0NGMtNWJlOWUxMTdkYmRh
LzEvWllQVEl1OGt5SEdZdDJYcUhSeEN3b09uLVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuegsMA0E
AgACMAcDBQAqEf6AMA0GCSqGSIb3DQEBCwUAA4IBAQASs0rZw6UyN+vKquOsgFPO
4HqlN20UIxJwh3opywmMW55/I0raHqWpZ34Mbqcgknd2rJWzxqCsT3O5oWiSUEod
UCY9g5TjbqrWU549xn0inOHmD+3IhxnZVfB75mgyHMs/728maTw7SsZGc0Nlytwb
ocszZJ9ZlJeEh8yOwS5ZY/+UMLY+IMPfIM66wtaDLmdTHWdn7k/f9ullKfwH/edI
APAU7q8Q+7u5f4Qu58EVj2CJeHl9GhZFs++D+pUrmfz39vSexHInQNRxesCzAymm
LM95DmDVIwT8mDswag1R1Z8i/NemULpErEjnPprlNryUp2wSbUifEw29z/mfKdyW
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:54 2025 by rpki-client