Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/qG5K341kb3h2E7rZoTDgHUpgRn0.roa
File: qG5K341kb3h2E7rZoTDgHUpgRn0.roa (raw, json)
Hash identifier: sSAY774ANoBJ8I/YSkHzgUMD3dk/efHXAZH71Rv6miI=
Subject key identifier: A8:6E:4A:DF:8D:64:6F:78:76:13:BA:D9:A1:30:E0:1D:4A:60:46:7D
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 019420681F24A028E739D382515E057705BD
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/qG5K341kb3h2E7rZoTDgHUpgRn0.roa
Signing time: Wed 01 Jan 2025 05:48:01 +0000
ROA not before: Wed 01 Jan 2025 05:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 185.10.122.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1f:24:a0:28:e7:39:d3:82:51:5e:05:77:05:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Jan 1 05:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86e4adf8d646f787613bad9a130e01d4a60467d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:60:bb:52:ec:ba:bf:b7:89:8c:0c:95:c7:
a2:d0:3b:f3:6e:34:02:72:13:fc:86:42:0a:a6:15:
0d:d9:1e:5f:28:a7:64:c6:42:de:74:be:38:ca:30:
f1:73:3b:ee:6b:1e:80:c1:2c:a2:10:2c:f5:18:d7:
58:2c:9b:91:b5:a2:e2:d0:40:03:c0:a7:3c:a0:e2:
9a:83:5b:f9:5b:39:58:2c:32:f4:9d:ec:42:3e:a9:
25:49:d5:ca:c5:75:bb:44:a5:9b:53:2b:be:a9:49:
f4:cf:9a:c7:70:10:a9:43:8b:97:16:c2:66:7d:62:
a9:18:dd:5b:67:39:68:3d:7e:91:77:44:d3:8b:78:
05:03:11:79:84:24:bd:db:be:be:7d:b9:27:5b:48:
43:60:a4:45:cc:c7:f4:66:01:ed:6f:d8:6d:13:eb:
6b:02:0a:e4:11:b0:63:57:a5:ec:12:b3:92:f4:ec:
1b:27:5f:f1:0e:95:7c:85:bf:74:ef:1d:f8:67:6b:
21:68:06:4b:4a:c0:2a:32:2f:89:c4:89:ff:ab:e8:
14:e0:06:67:d6:ad:01:67:35:81:42:e3:f9:a7:90:
9d:f8:f4:1e:4c:78:6e:a8:9a:e8:e7:b1:f8:66:ad:
a0:ed:7c:6e:9a:60:36:c2:bd:f3:d0:0a:52:58:ab:
98:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6E:4A:DF:8D:64:6F:78:76:13:BA:D9:A1:30:E0:1D:4A:60:46:7D
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/qG5K341kb3h2E7rZoTDgHUpgRn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:4c:eb:a9:46:1a:8d:17:41:7e:c0:41:d5:ba:9a:52:4b:dc:
76:6d:a2:9c:31:31:5a:77:e1:25:13:c8:7f:2e:1b:8d:91:82:
74:3f:26:24:5c:98:58:94:89:2e:b5:bb:4c:93:f2:d6:3c:74:
db:57:0f:09:26:a2:c0:fa:91:f9:24:b3:31:d9:b9:9d:a6:6e:
ec:15:1d:e1:ea:55:eb:5f:41:c0:55:c8:28:33:87:ec:59:94:
61:fb:b2:2b:be:7c:f7:88:a6:c0:57:9b:41:2e:a0:21:4d:0a:
ca:a6:6b:1f:36:79:4d:79:8c:45:d3:b8:6e:dd:75:08:9d:40:
4d:66:2b:8b:de:01:95:d3:17:e1:b1:c6:4d:69:1c:97:69:2a:
02:e0:34:a4:c5:46:07:21:a9:b8:cc:51:9b:3c:77:47:76:38:
58:92:60:06:23:bf:47:e4:25:4b:f1:fb:b2:04:e3:cb:1c:52:
48:b4:2d:d6:fe:44:8a:01:f4:cc:5b:4e:1a:15:92:c5:3b:5c:
33:27:bb:16:50:c2:82:a6:36:aa:64:d0:eb:71:af:f8:3b:b4:
fb:3c:de:d2:ac:bb:00:0c:9c:f7:01:a3:29:ec:a2:f8:0c:ce:
73:13:ec:df:51:2d:b9:b8:0d:cc:7e:46:e6:03:75:a8:3c:88:
b7:06:67:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaB8koCjnOdOCUV4FdwW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjUwMTAxMDU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZlNGFkZjhkNjQ2Zjc4NzYxM2JhZDlhMTMwZTAxZDRhNjA0NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dZgu1Lsur+3iYwMlcei0DvzbjQC
chP8hkIKphUN2R5fKKdkxkLedL44yjDxczvuax6AwSyiECz1GNdYLJuRtaLi0EAD
wKc8oOKag1v5WzlYLDL0nexCPqklSdXKxXW7RKWbUyu+qUn0z5rHcBCpQ4uXFsJm
fWKpGN1bZzloPX6Rd0TTi3gFAxF5hCS9276+fbknW0hDYKRFzMf0ZgHtb9htE+tr
AgrkEbBjV6XsErOS9OwbJ1/xDpV8hb907x34Z2shaAZLSsAqMi+JxIn/q+gU4AZn
1q0BZzWBQuP5p5Cd+PQeTHhuqJro57H4Zq2g7XxummA2wr3z0ApSWKuY4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhuSt+NZG94dhO62aEw4B1KYEZ9MB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvcUc1SzM0MWtiM2gyRTdyWm9URGdIVXBnUm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQp6MA0G
CSqGSIb3DQEBCwUAA4IBAQCgTOupRhqNF0F+wEHVuppSS9x2baKcMTFad+ElE8h/
LhuNkYJ0PyYkXJhYlIkutbtMk/LWPHTbVw8JJqLA+pH5JLMx2bmdpm7sFR3h6lXr
X0HAVcgoM4fsWZRh+7Irvnz3iKbAV5tBLqAhTQrKpmsfNnlNeYxF07hu3XUInUBN
ZiuL3gGV0xfhscZNaRyXaSoC4DSkxUYHIam4zFGbPHdHdjhYkmAGI79H5CVL8fuy
BOPLHFJItC3W/kSKAfTMW04aFZLFO1wzJ7sWUMKCpjaqZNDrca/4O7T7PN7SrLsA
DJz3AaMp7KL4DM5zE+zfUS25uA3MfkbmA3WoPIi3Bme+
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:29 2025 by rpki-client