Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aQKFX5MWOPDIXadx4Xwc-JHiHxQ.roa
File: aQKFX5MWOPDIXadx4Xwc-JHiHxQ.roa (raw, json)
Hash identifier: J/dJzq3cyfjGh4BO7e6+vfW/lx9eMgUtDSi6an6y1UQ=
Subject key identifier: 69:02:85:5F:93:16:38:F0:C8:5D:A7:71:E1:7C:1C:F8:91:E2:1F:14
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC73259838EF6B710EA949CF2F72CD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aQKFX5MWOPDIXadx4Xwc-JHiHxQ.roa
Signing time: Thu 02 Jan 2025 07:48:09 +0000
ROA not before: Thu 02 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46562
IP address blocks: 185.231.172.0/24 maxlen: 24
185.231.173.0/24 maxlen: 24
185.231.174.0/24 maxlen: 24
185.231.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:73:25:98:38:ef:6b:71:0e:a9:49:cf:2f:72:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6902855f931638f0c85da771e17c1cf891e21f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:54:e0:d1:e7:98:fe:3b:c2:d2:ed:00:03:
a3:49:25:e5:08:c8:db:2a:e0:51:0b:98:a7:cb:b2:
0d:fa:96:13:b0:ca:47:c2:29:fc:4e:1a:0c:9d:e6:
5b:fb:b9:ba:cb:a2:f7:ee:8d:eb:ac:be:a1:a2:d9:
15:f8:de:3e:3c:bb:00:60:81:36:7e:d4:6f:18:d5:
8a:96:a7:f7:be:aa:94:a1:23:b3:f3:59:be:e4:5e:
9e:7e:7f:ec:89:17:2d:e8:a0:12:d0:cd:84:90:61:
85:d6:a4:0b:51:bf:4b:ad:35:39:71:3e:89:5a:53:
78:4d:49:c4:20:f9:b7:7f:e7:0b:f4:6f:00:e4:10:
d9:eb:ec:a3:1f:9d:9f:17:1b:4b:31:ca:0b:14:fe:
fe:52:19:eb:2d:d2:a7:26:8e:73:52:fa:ae:88:90:
b1:0c:33:e7:e4:84:3c:65:02:ba:7f:a5:1c:5e:6a:
21:30:fa:c8:ce:22:2e:46:d2:22:04:5e:ae:e7:42:
d7:c5:d2:9e:a6:e2:30:a6:95:20:ca:d0:c8:7f:fb:
95:ae:25:20:01:6a:e0:2b:0e:03:7a:83:d0:24:d9:
99:f4:cb:22:10:f9:33:f8:5c:4d:5f:7f:c3:bd:89:
4d:77:43:d9:d9:e4:17:fa:85:43:14:c8:00:b9:12:
a6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:02:85:5F:93:16:38:F0:C8:5D:A7:71:E1:7C:1C:F8:91:E2:1F:14
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aQKFX5MWOPDIXadx4Xwc-JHiHxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.172.0/22
Signature Algorithm: sha256WithRSAEncryption
69:c2:0c:42:0b:d2:1a:81:31:f3:70:b6:f5:31:4e:8b:65:62:
f2:38:e9:01:ea:f4:1f:e6:46:bc:58:e4:bb:e4:db:a2:82:49:
b2:56:b0:75:dd:6e:a9:7e:22:48:a1:87:6b:fb:b9:b2:10:01:
bd:d4:eb:c2:e3:e2:6e:94:e0:63:a5:8b:a0:0c:1d:70:95:0d:
0b:5a:fa:73:db:36:47:db:75:98:8a:0d:10:98:72:84:89:60:
37:ac:4f:98:f4:2e:f3:0c:09:99:c4:d2:02:c7:05:db:1a:3a:
ae:5f:67:43:aa:19:06:f9:3f:bc:68:18:0e:09:32:2f:38:7b:
b6:59:54:75:4f:e3:b3:b3:11:7d:9d:78:ee:d4:37:d3:f1:07:
1a:bd:dd:5f:6d:f1:dd:f7:37:c9:a2:de:a4:10:00:c2:99:70:
1a:ed:62:33:f5:ac:58:1b:57:ec:15:71:38:16:38:f4:2f:56:
88:cc:1d:ee:2c:e9:ec:b4:25:19:3a:26:82:b4:bb:73:bd:2e:
10:01:15:4f:04:2b:37:ba:40:f8:1d:ee:5f:93:ef:f9:cf:27:
b7:d4:52:ba:66:ea:e4:c5:42:65:37:a2:f4:fb:90:2d:15:ad:
91:84:3f:79:6c:97:22:ef:1f:d2:5f:f7:e2:ca:93:ac:7c:bf:
09:1c:c6:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/HMlmDjva3EOqUnPL3LNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAyODU1ZjkzMTYzOGYwYzg1ZGE3NzFlMTdjMWNmODkxZTIxZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZU4NHnmP47wtLtAAOjSSXlCMjb
KuBRC5iny7IN+pYTsMpHwin8ThoMneZb+7m6y6L37o3rrL6hotkV+N4+PLsAYIE2
ftRvGNWKlqf3vqqUoSOz81m+5F6efn/siRct6KAS0M2EkGGF1qQLUb9LrTU5cT6J
WlN4TUnEIPm3f+cL9G8A5BDZ6+yjH52fFxtLMcoLFP7+UhnrLdKnJo5zUvquiJCx
DDPn5IQ8ZQK6f6UcXmohMPrIziIuRtIiBF6u50LXxdKepuIwppUgytDIf/uVriUg
AWrgKw4DeoPQJNmZ9MsiEPkz+FxNX3/DvYlNd0PZ2eQX+oVDFMgAuRKmQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkChV+TFjjwyF2nceF8HPiR4h8UMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYVFLRlg1TVdPUERJWGFkeDRYd2MtSkhpSHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueesMA0G
CSqGSIb3DQEBCwUAA4IBAQBpwgxCC9IagTHzcLb1MU6LZWLyOOkB6vQf5ka8WOS7
5NuigkmyVrB13W6pfiJIoYdr+7myEAG91OvC4+JulOBjpYugDB1wlQ0LWvpz2zZH
23WYig0QmHKEiWA3rE+Y9C7zDAmZxNICxwXbGjquX2dDqhkG+T+8aBgOCTIvOHu2
WVR1T+OzsxF9nXju1DfT8Qcavd1fbfHd9zfJot6kEADCmXAa7WIz9axYG1fsFXE4
Fjj0L1aIzB3uLOnstCUZOiaCtLtzvS4QARVPBCs3ukD4He5fk+/5zye31FK6Zurk
xUJlN6L0+5AtFa2RhD95bJci7x/SX/fiypOsfL8JHMbY
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:46:59 2025 by rpki-client