Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/52b76e-da6f-4183-a003-c0a1ec603333/1/jQg8ncjArN66GicbcqAaRtVO760.roa
File: jQg8ncjArN66GicbcqAaRtVO760.roa (raw, json)
Hash identifier: 33+2VyjntLdLSBuRCEfRL+OQfIbBVC1pQAfykhLf9uU=
Subject key identifier: 8D:08:3C:9D:C8:C0:AC:DE:BA:1A:27:1B:72:A0:1A:46:D5:4E:EF:AD
Certificate issuer: /CN=19a9eb9004c6f603ef2a9506cd51eaa6ee8bce7b
Certificate serial: 018CC64B4094DF94087224469D747A6F61B2
Authority key identifier: 19:A9:EB:90:04:C6:F6:03:EF:2A:95:06:CD:51:EA:A6:EE:8B:CE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GanrkATG9gPvKpUGzVHqpu6Lzns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/52b76e-da6f-4183-a003-c0a1ec603333/1/jQg8ncjArN66GicbcqAaRtVO760.roa
Signing time: Mon 01 Jan 2024 18:31:09 +0000
ROA not before: Mon 01 Jan 2024 18:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29243
IP address blocks: 185.168.212.0/22 maxlen: 23
109.163.208.0/21 maxlen: 22
80.83.0.0/20 maxlen: 24
2001:1430::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:40:94:df:94:08:72:24:46:9d:74:7a:6f:61:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a9eb9004c6f603ef2a9506cd51eaa6ee8bce7b
Validity
Not Before: Jan 1 18:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d083c9dc8c0acdeba1a271b72a01a46d54eefad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:9f:66:e6:2f:f2:dc:95:c6:77:34:64:fe:
59:1f:07:51:f2:5e:d1:14:40:ea:f9:60:53:d7:d0:
65:09:49:83:df:ec:85:85:c2:a5:b5:60:0e:7c:cd:
5d:76:47:c9:fb:26:de:e0:bb:82:92:50:41:39:d7:
e3:2e:51:f8:2a:0b:70:15:c6:03:bd:b6:b9:31:54:
53:55:d7:9b:c6:31:ff:72:65:fe:2b:1f:da:36:0f:
24:ed:6c:10:9d:19:a5:39:18:90:c4:3e:2a:7d:3a:
9a:49:8a:58:ac:73:ad:70:5d:ed:32:ad:e1:f0:83:
78:90:d4:37:0f:8b:5e:80:e8:14:42:62:a0:c3:43:
c9:05:7c:d6:23:f2:1d:c1:50:66:dc:96:1a:4a:1c:
2e:92:26:ca:c9:f4:0b:a6:fc:30:c6:59:07:c1:b0:
58:5b:f4:c3:2a:cd:cc:a6:4f:6e:26:16:82:b2:f9:
02:5f:d7:45:9a:90:ef:0f:84:41:9c:9f:b5:44:30:
f4:da:87:d4:c9:af:db:a6:da:d2:b9:5f:1d:f9:73:
44:95:22:40:62:c6:dc:de:c2:4c:a1:51:1e:12:34:
a3:c6:50:62:5d:d7:5f:76:fc:4d:08:92:8a:be:8b:
d0:72:43:cb:18:9c:26:0d:b8:c2:12:b1:db:b1:fb:
2e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:08:3C:9D:C8:C0:AC:DE:BA:1A:27:1B:72:A0:1A:46:D5:4E:EF:AD
X509v3 Authority Key Identifier:
keyid:19:A9:EB:90:04:C6:F6:03:EF:2A:95:06:CD:51:EA:A6:EE:8B:CE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GanrkATG9gPvKpUGzVHqpu6Lzns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/52b76e-da6f-4183-a003-c0a1ec603333/1/jQg8ncjArN66GicbcqAaRtVO760.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/52b76e-da6f-4183-a003-c0a1ec603333/1/GanrkATG9gPvKpUGzVHqpu6Lzns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.0.0/20
109.163.208.0/21
185.168.212.0/22
IPv6:
2001:1430::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ac:96:fd:bd:96:7d:85:48:07:f0:41:20:8d:33:15:c6:4e:
98:0b:7d:1b:3e:d6:da:f9:24:36:69:52:17:0b:3a:07:f2:6b:
7c:7d:74:95:e7:37:71:00:6f:22:18:d4:5c:0d:cc:73:a5:6d:
d2:00:ed:12:d7:7b:e5:a7:1d:8a:18:2b:48:ca:75:b0:ff:3f:
b7:fc:63:da:fa:a0:9f:ba:60:3e:82:ec:aa:72:29:f4:8a:3d:
f0:a8:09:43:0f:90:84:40:2d:10:e2:78:d9:2f:c9:bb:40:df:
a7:7e:5d:36:c3:6d:ec:20:dc:c0:d3:c7:04:da:51:f8:80:a8:
55:c2:06:8b:a9:8a:29:ce:7c:17:92:c8:52:0e:86:cd:92:cb:
e1:81:48:71:39:8b:5c:7a:e2:11:83:76:0f:e9:41:59:63:95:
9a:83:ae:05:c4:28:30:fb:f6:db:8f:4b:25:09:88:77:11:f6:
09:5b:6a:99:43:30:ec:c3:b5:7a:2f:a7:d7:2e:3d:72:e3:54:
68:cf:d8:f4:53:d1:83:62:71:97:82:04:f5:52:a3:38:2b:b6:
1f:82:81:34:4a:4f:7c:23:a0:24:98:f9:a8:13:ac:bc:e3:f0:
60:62:41:68:11:d6:f6:f6:18:ec:32:ee:fc:d4:d4:22:fb:b2:
01:91:d1:45
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS0CU35QIciRGnXR6b2GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTllYjkwMDRjNmY2MDNlZjJhOTUwNmNkNTFlYWE2ZWU4
YmNlN2IwHhcNMjQwMTAxMTgzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDA4M2M5ZGM4YzBhY2RlYmExYTI3MWI3MmEwMWE0NmQ1NGVlZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcyfZuYv8tyVxnc0ZP5ZHwdR8l7R
FEDq+WBT19BlCUmD3+yFhcKltWAOfM1ddkfJ+ybe4LuCklBBOdfjLlH4KgtwFcYD
vba5MVRTVdebxjH/cmX+Kx/aNg8k7WwQnRmlORiQxD4qfTqaSYpYrHOtcF3tMq3h
8IN4kNQ3D4tegOgUQmKgw0PJBXzWI/IdwVBm3JYaShwukibKyfQLpvwwxlkHwbBY
W/TDKs3Mpk9uJhaCsvkCX9dFmpDvD4RBnJ+1RDD02ofUya/bptrSuV8d+XNElSJA
Ysbc3sJMoVEeEjSjxlBiXddfdvxNCJKKvovQckPLGJwmDbjCErHbsfsuswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI0IPJ3IwKzeuhonG3KgGkbVTu+tMB8GA1UdIwQY
MBaAFBmp65AExvYD7yqVBs1R6qbui857MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FucmtBVEc5Z1B2S3BVR3pWSHFwdTZMem5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81MmI3NmUtZGE2Zi00MTgzLWEwMDMt
YzBhMWVjNjAzMzMzLzEvalFnOG5jakFyTjY2R2ljYmNxQWFSdFZPNzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81MmI3NmUtZGE2Zi00MTgzLWEwMDMtYzBhMWVjNjAzMzMz
LzEvR2FucmtBVEc5Z1B2S3BVR3pWSHFwdTZMem5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUFMAAwQD
baPQAwQCuajUMA0EAgACMAcDBQAgARQwMA0GCSqGSIb3DQEBCwUAA4IBAQCNrJb9
vZZ9hUgH8EEgjTMVxk6YC30bPtba+SQ2aVIXCzoH8mt8fXSV5zdxAG8iGNRcDcxz
pW3SAO0S13vlpx2KGCtIynWw/z+3/GPa+qCfumA+guyqcin0ij3wqAlDD5CEQC0Q
4njZL8m7QN+nfl02w23sINzA08cE2lH4gKhVwgaLqYopznwXkshSDobNksvhgUhx
OYtceuIRg3YP6UFZY5Wag64FxCgw+/bbj0slCYh3EfYJW2qZQzDsw7V6L6fXLj1y
41Roz9j0U9GDYnGXggT1UqM4K7YfgoE0Sk98I6AkmPmoE6y84/BgYkFoEdb29hjs
Mu781NQi+7IBkdFF
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:00:40 2025 by rpki-client