Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/GSXQP-yJ0oWFWG7SiFPS52SpSgY.roa
File: GSXQP-yJ0oWFWG7SiFPS52SpSgY.roa (raw, json)
Hash identifier: yWv48sy81gH1KSMrgFDXRAC5wY8B4250+tW5tBvtQ4E=
Subject key identifier: 19:25:D0:3F:EC:89:D2:85:85:58:6E:D2:88:53:D2:E7:64:A9:4A:06
Certificate issuer: /CN=8a7b09ab545851c789d2caa8942ba39cea13e93e
Certificate serial: 0194266C2C088AFE558BAF04F484B84B6500
Authority key identifier: 8A:7B:09:AB:54:58:51:C7:89:D2:CA:A8:94:2B:A3:9C:EA:13:E9:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/insJq1RYUceJ0sqolCujnOoT6T4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/GSXQP-yJ0oWFWG7SiFPS52SpSgY.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 185.176.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2c:08:8a:fe:55:8b:af:04:f4:84:b8:4b:65:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7b09ab545851c789d2caa8942ba39cea13e93e
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1925d03fec89d28585586ed28853d2e764a94a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:97:55:7e:dd:47:85:6a:69:33:0c:9a:d3:40:
42:d0:7a:91:07:5a:a2:9b:91:92:98:28:e3:b5:6b:
0c:64:54:71:95:1e:dc:cb:72:2a:a5:96:ce:eb:91:
b7:35:d9:55:53:4b:a6:f2:26:9c:9a:14:90:3e:f2:
72:5b:95:80:fb:8f:6c:ca:f1:d7:31:d4:e9:e7:7a:
16:40:79:0e:9c:2b:d6:4e:47:f0:03:b6:08:f0:f7:
3f:d6:8e:60:38:be:7a:96:48:c6:8e:29:f2:93:af:
90:e2:61:78:20:f2:42:6c:46:c9:e8:ba:92:20:87:
b6:a2:f3:e6:42:57:cd:c3:15:fa:8d:69:d0:da:e0:
0b:11:9f:01:7a:e0:24:75:de:8c:82:4f:69:71:8d:
77:10:a9:5f:02:15:b9:ff:ac:97:cf:c0:47:cd:a7:
12:bf:aa:b4:bd:6d:5a:7d:63:32:16:9f:ba:12:2f:
90:e5:c8:92:9c:4c:5d:af:f4:6e:21:87:64:b2:b0:
56:ff:4a:78:e5:cc:17:97:bc:0c:5f:c4:23:bc:cf:
7e:15:3d:46:07:65:6a:d9:db:3e:a5:6e:33:ad:f3:
e5:0a:e9:8d:51:da:6b:e5:34:92:8e:b5:2f:79:94:
46:8c:c7:00:7e:e6:12:ea:48:38:da:56:31:90:2f:
e5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:25:D0:3F:EC:89:D2:85:85:58:6E:D2:88:53:D2:E7:64:A9:4A:06
X509v3 Authority Key Identifier:
keyid:8A:7B:09:AB:54:58:51:C7:89:D2:CA:A8:94:2B:A3:9C:EA:13:E9:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/insJq1RYUceJ0sqolCujnOoT6T4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/GSXQP-yJ0oWFWG7SiFPS52SpSgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/insJq1RYUceJ0sqolCujnOoT6T4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.167.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:9c:c6:bd:0b:a4:6c:62:92:c4:ed:9a:32:db:58:06:09:ae:
00:a6:0d:9d:db:e4:ea:64:d4:eb:eb:68:85:7a:00:09:d0:ca:
8a:de:6a:5d:86:12:a3:b6:35:c9:b0:69:a5:df:52:74:a5:57:
02:ef:eb:29:55:72:b3:d0:af:e3:85:c3:28:a9:19:e1:62:ca:
93:a5:91:70:25:2f:c9:ca:a8:93:c4:ba:27:53:1a:a6:15:a0:
f3:a5:a9:1b:bd:4f:7b:30:b8:03:28:80:77:d0:8b:4c:12:d6:
31:ce:e5:d6:f5:8b:9d:88:ec:3f:94:85:8f:d7:a4:c0:96:a2:
e3:d9:10:ae:df:2b:35:29:7b:2f:a4:a7:e1:50:ae:c2:58:71:
13:37:fb:7b:39:a5:e2:ca:3a:e8:b3:e9:ef:9a:47:68:09:5b:
b2:c3:35:62:c5:ee:24:0f:7c:5c:87:e0:a8:0b:07:c4:74:ce:
49:cb:00:de:ce:92:40:9a:ef:73:ce:c0:2c:99:a9:86:97:f1:
89:80:e7:b9:8b:94:41:f1:48:6c:2f:4a:fc:f3:bb:3e:89:1d:
e0:5a:55:59:ee:6c:e4:82:db:05:7a:db:53:4d:41:db:de:c2:
5f:bf:d8:e2:f0:78:a0:43:00:03:63:3f:10:e0:ef:42:8a:8d:
b9:57:f7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCwIiv5Vi68E9IS4S2UAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2IwOWFiNTQ1ODUxYzc4OWQyY2FhODk0MmJhMzljZWEx
M2U5M2UwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI1ZDAzZmVjODlkMjg1ODU1ODZlZDI4ODUzZDJlNzY0YTk0YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5dVft1HhWppMwya00BC0HqRB1qi
m5GSmCjjtWsMZFRxlR7cy3IqpZbO65G3NdlVU0um8iacmhSQPvJyW5WA+49syvHX
MdTp53oWQHkOnCvWTkfwA7YI8Pc/1o5gOL56lkjGjinyk6+Q4mF4IPJCbEbJ6LqS
IIe2ovPmQlfNwxX6jWnQ2uALEZ8BeuAkdd6Mgk9pcY13EKlfAhW5/6yXz8BHzacS
v6q0vW1afWMyFp+6Ei+Q5ciSnExdr/RuIYdksrBW/0p45cwXl7wMX8QjvM9+FT1G
B2Vq2ds+pW4zrfPlCumNUdpr5TSSjrUveZRGjMcAfuYS6kg42lYxkC/lXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkl0D/sidKFhVhu0ohT0udkqUoGMB8GA1UdIwQY
MBaAFIp7CatUWFHHidLKqJQro5zqE+k+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5zSnExUllVY2VKMHNxb2xDdWpuT29UNlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MzFmNTYtYTJhMS00Yzc1LTk1YzMt
NWU3ZGM4MjhkMDVkLzEvR1NYUVAteUowb1dGV0c3U2lGUFM1MlNwU2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MzFmNTYtYTJhMS00Yzc1LTk1YzMtNWU3ZGM4MjhkMDVk
LzEvaW5zSnExUllVY2VKMHNxb2xDdWpuT29UNlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubCnMA0G
CSqGSIb3DQEBCwUAA4IBAQCenMa9C6RsYpLE7Zoy21gGCa4Apg2d2+TqZNTr62iF
egAJ0MqK3mpdhhKjtjXJsGml31J0pVcC7+spVXKz0K/jhcMoqRnhYsqTpZFwJS/J
yqiTxLonUxqmFaDzpakbvU97MLgDKIB30ItMEtYxzuXW9YudiOw/lIWP16TAlqLj
2RCu3ys1KXsvpKfhUK7CWHETN/t7OaXiyjros+nvmkdoCVuywzVixe4kD3xch+Co
CwfEdM5JywDezpJAmu9zzsAsmamGl/GJgOe5i5RB8UhsL0r887s+iR3gWlVZ7mzk
gtsFettTTUHb3sJfv9ji8HigQwADYz8Q4O9Cio25V/c9
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:57:47 2025 by rpki-client