Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1f3614-0c26-47dc-a815-5ff25a8c90a9/1/kqlH-tnFR76ItdprCu84HZ8TcLk.roa
File: kqlH-tnFR76ItdprCu84HZ8TcLk.roa (raw, json)
Hash identifier: UmQdiGcUuwav0nJhfcNP/S5nvbuLvnIaTAQ3ldkOf5o=
Subject key identifier: 92:A9:47:FA:D9:C5:47:BE:88:B5:DA:6B:0A:EF:38:1D:9F:13:70:B9
Certificate issuer: /CN=9955eaf7caee4846f2bcff7c7dac718b77adf68c
Certificate serial: 018572B42E491B26F2B47531C08DABD47CEB
Authority key identifier: 99:55:EA:F7:CA:EE:48:46:F2:BC:FF:7C:7D:AC:71:8B:77:AD:F6:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mVXq98ruSEbyvP98faxxi3et9ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/1f3614-0c26-47dc-a815-5ff25a8c90a9/1/kqlH-tnFR76ItdprCu84HZ8TcLk.roa
Signing time: Mon 02 Jan 2023 13:38:09 +0000
ROA not before: Mon 02 Jan 2023 13:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205959
IP address blocks: 185.151.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:2e:49:1b:26:f2:b4:75:31:c0:8d:ab:d4:7c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9955eaf7caee4846f2bcff7c7dac718b77adf68c
Validity
Not Before: Jan 2 13:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92a947fad9c547be88b5da6b0aef381d9f1370b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:12:cf:41:e2:8a:28:a3:9a:ad:42:16:00:
bb:66:b9:2f:e9:21:84:16:2e:fb:0b:34:02:9d:9a:
33:7b:c9:20:b0:42:2a:ff:60:fa:9e:ae:aa:04:c5:
66:90:4e:62:77:82:1e:86:da:ca:9d:68:97:23:f2:
fe:40:1e:7d:cf:0c:c3:44:ee:ec:0a:8f:ba:42:2b:
be:54:26:59:a9:6e:ca:55:6e:2a:b1:1a:d5:44:f0:
66:59:12:9f:02:09:2c:5e:51:81:9c:36:4d:cc:71:
73:a6:73:f3:69:33:25:f0:a5:80:1e:d5:c4:30:94:
28:68:26:8e:87:7a:3c:4d:40:3a:52:82:d1:86:fb:
48:db:63:42:4a:89:14:2c:da:e7:64:64:6c:00:af:
55:7d:f5:3c:26:f5:07:6c:eb:24:77:55:a2:8b:73:
04:54:27:c0:87:38:cb:21:b9:2d:aa:2f:0b:88:17:
91:d8:df:97:14:30:c4:06:b3:d6:c1:ed:76:de:ca:
28:b0:39:2d:61:3f:3e:1b:b5:7a:31:c1:d7:97:7d:
cd:b3:89:e0:eb:27:36:63:2f:26:bd:8d:1f:2f:bb:
98:83:b4:da:09:c5:f1:68:15:45:17:9f:4b:f9:49:
a0:09:3a:3b:c5:4c:66:a1:dd:fb:39:c1:97:f6:28:
d4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A9:47:FA:D9:C5:47:BE:88:B5:DA:6B:0A:EF:38:1D:9F:13:70:B9
X509v3 Authority Key Identifier:
keyid:99:55:EA:F7:CA:EE:48:46:F2:BC:FF:7C:7D:AC:71:8B:77:AD:F6:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mVXq98ruSEbyvP98faxxi3et9ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1f3614-0c26-47dc-a815-5ff25a8c90a9/1/kqlH-tnFR76ItdprCu84HZ8TcLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1f3614-0c26-47dc-a815-5ff25a8c90a9/1/mVXq98ruSEbyvP98faxxi3et9ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:02:b1:8a:1f:ad:65:e1:1b:58:04:3d:f9:83:73:0a:66:76:
cf:7b:0a:24:25:90:77:21:f6:b8:79:45:dc:60:62:0d:f6:a0:
41:cd:c5:29:08:78:66:0d:3e:61:2e:08:87:16:ee:95:ac:aa:
b0:ab:58:5e:c7:f0:b6:f4:d7:5d:64:54:53:31:6a:0f:9c:2a:
40:f8:6d:06:40:c0:d2:7b:43:05:7e:f9:88:43:1c:72:f0:ac:
a8:33:ef:02:45:97:a0:0f:d7:95:bd:6b:71:ba:dd:21:f2:c3:
fe:07:c4:1a:e6:cc:ef:24:29:aa:85:52:4b:ca:b8:5d:2e:22:
6b:25:80:5a:05:e0:68:ee:e6:5b:40:7a:15:87:83:2f:f1:52:
14:23:e1:d1:5e:fd:e9:a9:52:de:4b:4f:60:db:77:ee:82:3b:
1c:f8:c3:66:2f:b3:b4:1f:fa:e3:08:d0:5a:38:a1:27:84:50:
44:e0:f0:ae:7b:fb:9a:0e:3d:6f:1a:c3:6f:d1:f3:50:f1:0f:
80:79:db:ce:83:c4:bc:22:43:0c:f2:16:a5:3c:fd:5e:95:0c:
1a:1f:bb:f0:25:8d:c3:cf:89:fd:c0:ef:8a:59:87:bd:29:fc:
cf:af:b3:2a:fa:04:e1:e6:e4:a1:a9:01:85:61:7b:1a:49:c2:
ee:b6:8e:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytC5JGybytHUxwI2r1HzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NTVlYWY3Y2FlZTQ4NDZmMmJjZmY3YzdkYWM3MThiNzdh
ZGY2OGMwHhcNMjMwMTAyMTMzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE5NDdmYWQ5YzU0N2JlODhiNWRhNmIwYWVmMzgxZDlmMTM3MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIsSz0Hiiiijmq1CFgC7Zrkv6SGE
Fi77CzQCnZoze8kgsEIq/2D6nq6qBMVmkE5id4IehtrKnWiXI/L+QB59zwzDRO7s
Co+6Qiu+VCZZqW7KVW4qsRrVRPBmWRKfAgksXlGBnDZNzHFzpnPzaTMl8KWAHtXE
MJQoaCaOh3o8TUA6UoLRhvtI22NCSokULNrnZGRsAK9VffU8JvUHbOskd1Wii3ME
VCfAhzjLIbktqi8LiBeR2N+XFDDEBrPWwe123soosDktYT8+G7V6McHXl33Ns4ng
6yc2Yy8mvY0fL7uYg7TaCcXxaBVFF59L+UmgCTo7xUxmod37OcGX9ijUQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKpR/rZxUe+iLXaawrvOB2fE3C5MB8GA1UdIwQY
MBaAFJlV6vfK7khG8rz/fH2scYt3rfaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVZYcTk4cnVTRWJ5dlA5OGZheHhpM2V0OW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xZjM2MTQtMGMyNi00N2RjLWE4MTUt
NWZmMjVhOGM5MGE5LzEva3FsSC10bkZSNzZJdGRwckN1ODRIWjhUY0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xZjM2MTQtMGMyNi00N2RjLWE4MTUtNWZmMjVhOGM5MGE5
LzEvbVZYcTk4cnVTRWJ5dlA5OGZheHhpM2V0OW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZekMA0G
CSqGSIb3DQEBCwUAA4IBAQBOArGKH61l4RtYBD35g3MKZnbPewokJZB3Ifa4eUXc
YGIN9qBBzcUpCHhmDT5hLgiHFu6VrKqwq1hex/C29NddZFRTMWoPnCpA+G0GQMDS
e0MFfvmIQxxy8KyoM+8CRZegD9eVvWtxut0h8sP+B8Qa5szvJCmqhVJLyrhdLiJr
JYBaBeBo7uZbQHoVh4Mv8VIUI+HRXv3pqVLeS09g23fugjsc+MNmL7O0H/rjCNBa
OKEnhFBE4PCue/uaDj1vGsNv0fNQ8Q+AedvOg8S8IkMM8halPP1elQwaH7vwJY3D
z4n9wO+KWYe9KfzPr7Mq+gTh5uShqQGFYXsaScLuto4v
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:50 2025 by rpki-client