Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/iql_pHIeveoYW59yGZr-jstkRyA.roa
File: iql_pHIeveoYW59yGZr-jstkRyA.roa (raw, json)
Hash identifier: L5EnjAkAej+m19O41rh5YeJkwh1fM7uNeaOnpPi1Y+o=
Subject key identifier: 8A:A9:7F:A4:72:1E:BD:EA:18:5B:9F:72:19:9A:FE:8E:CB:64:47:20
Certificate issuer: /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial: 0192048A375B376EEAF8A2E9C2520E5F3C4A
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/iql_pHIeveoYW59yGZr-jstkRyA.roa
Signing time: Wed 18 Sep 2024 09:50:19 +0000
ROA not before: Wed 18 Sep 2024 09:50:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27970
IP address blocks: 185.5.134.0/24 maxlen: 24
185.5.135.0/24 maxlen: 24
193.16.100.0/24 maxlen: 24
195.246.98.0/24 maxlen: 24
195.246.99.0/24 maxlen: 24
2a00:12f0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:8a:37:5b:37:6e:ea:f8:a2:e9:c2:52:0e:5f:3c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Validity
Not Before: Sep 18 09:50:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa97fa4721ebdea185b9f72199afe8ecb644720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:bc:9b:3a:79:d5:3d:38:fd:64:10:8f:86:
2c:6e:1c:d5:b7:de:00:a9:34:f3:b7:20:f4:9c:5c:
be:45:97:e6:59:a1:73:86:e5:86:f2:f2:3d:82:97:
44:e3:fe:79:a6:0d:2a:0d:8b:26:73:a6:5d:4d:53:
e4:3a:14:53:da:e9:17:89:dd:a2:c2:12:8a:75:34:
6a:9e:21:69:f7:9b:dc:62:8d:65:ad:3d:2e:dd:31:
88:f4:cc:fa:bc:e0:66:b8:59:ac:47:4a:5c:5b:c9:
ed:a5:14:26:76:52:0d:c4:2c:9b:9d:4d:13:98:18:
49:d7:f9:f4:86:c4:da:c6:44:49:cc:8c:09:a3:97:
f0:1f:b1:34:3b:8a:08:ff:77:da:75:1f:38:17:35:
90:40:ac:8b:d5:ee:ba:aa:a9:e3:e3:5b:12:36:9c:
3b:ab:d0:2e:06:a8:46:cd:a5:d3:3a:bf:b0:e1:fd:
71:3f:90:a7:85:24:0b:32:16:7e:70:2d:4a:37:5d:
b2:88:4a:24:9d:5f:50:4b:cc:4a:3a:09:d1:d3:74:
f1:84:c1:80:6e:65:03:ed:be:f4:30:d6:b1:41:0b:
23:76:3b:6e:bf:f6:0e:57:f2:31:be:62:66:16:9d:
00:2f:38:7d:81:12:d0:e8:c4:6b:39:9d:0e:7d:cb:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A9:7F:A4:72:1E:BD:EA:18:5B:9F:72:19:9A:FE:8E:CB:64:47:20
X509v3 Authority Key Identifier:
keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/iql_pHIeveoYW59yGZr-jstkRyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.134.0/23
193.16.100.0/24
195.246.98.0/23
IPv6:
2a00:12f0::/32
Signature Algorithm: sha256WithRSAEncryption
99:7a:d0:c2:17:a6:e9:e2:88:30:49:94:de:e9:2e:aa:0b:be:
e9:7f:1a:b8:37:06:00:d9:84:cf:57:ef:ea:84:0b:9b:41:08:
cf:bf:08:c3:64:d3:19:57:9e:9d:1b:6e:2e:e6:e4:fe:9a:11:
04:24:06:c6:7d:28:a9:25:1f:e2:fb:71:9e:ed:4f:5d:a3:de:
87:ae:6f:e9:b7:03:2f:88:66:5f:93:73:bb:95:f6:bf:71:5a:
8f:50:d8:60:45:37:cd:bd:0f:1b:3b:a8:92:ca:1d:78:7a:6f:
d7:15:6c:fa:26:f0:54:f5:9d:8d:cf:cc:5a:10:7b:38:ca:7c:
1b:b3:b4:32:95:92:17:b1:ed:51:63:7c:a3:81:f5:e6:0c:e9:
92:48:7b:00:a7:ce:34:8b:19:d9:69:9d:e8:e3:4a:c1:fa:e0:
ad:1b:93:f5:a7:bf:de:f0:0a:27:27:36:4d:a3:6b:40:93:37:
1b:6b:0e:83:77:ba:7d:76:76:d0:5c:c4:cb:ba:34:fb:7e:6e:
c4:e8:13:f4:35:cc:28:fd:3f:16:f4:f2:81:1d:d6:5d:55:69:
5e:cb:f0:8f:aa:6a:9e:a7:04:0e:03:73:6c:04:bc:02:30:be:
89:b6:52:36:eb:25:32:35:b8:6a:8d:33:26:d1:68:60:e2:35:
95:af:e3:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZIEijdbN27q+KLpwlIOXzxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkM2VlMWE1MmE1ZDY1YjkwOTFkZTVhNWI0NjRmYjk3MDMy
ZDBlOWIwHhcNMjQwOTE4MDk1MDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE5N2ZhNDcyMWViZGVhMTg1YjlmNzIxOTlhZmU4ZWNiNjQ0NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGa8mzp51T04/WQQj4YsbhzVt94A
qTTztyD0nFy+RZfmWaFzhuWG8vI9gpdE4/55pg0qDYsmc6ZdTVPkOhRT2ukXid2i
whKKdTRqniFp95vcYo1lrT0u3TGI9Mz6vOBmuFmsR0pcW8ntpRQmdlINxCybnU0T
mBhJ1/n0hsTaxkRJzIwJo5fwH7E0O4oI/3fadR84FzWQQKyL1e66qqnj41sSNpw7
q9AuBqhGzaXTOr+w4f1xP5CnhSQLMhZ+cC1KN12yiEoknV9QS8xKOgnR03TxhMGA
bmUD7b70MNaxQQsjdjtuv/YOV/IxvmJmFp0ALzh9gRLQ6MRrOZ0OfculnwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIqpf6RyHr3qGFufchma/o7LZEcgMB8GA1UdIwQY
MBaAFG0+4aUqXWW5CR3lpbRk+5cDLQ6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEt
MDU0MzVlZmQ4YmY2LzEvaXFsX3BISWV2ZW9ZVzU5eUdaci1qc3RrUnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEtMDU0MzVlZmQ4YmY2
LzEvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQWGAwQA
wRBkAwQBw/ZiMA0EAgACMAcDBQAqABLwMA0GCSqGSIb3DQEBCwUAA4IBAQCZetDC
F6bp4ogwSZTe6S6qC77pfxq4NwYA2YTPV+/qhAubQQjPvwjDZNMZV56dG24u5uT+
mhEEJAbGfSipJR/i+3Ge7U9do96Hrm/ptwMviGZfk3O7lfa/cVqPUNhgRTfNvQ8b
O6iSyh14em/XFWz6JvBU9Z2Nz8xaEHs4ynwbs7QylZIXse1RY3yjgfXmDOmSSHsA
p840ixnZaZ3o40rB+uCtG5P1p7/e8AonJzZNo2tAkzcbaw6Dd7p9dnbQXMTLujT7
fm7E6BP0Ncwo/T8W9PKBHdZdVWley/CPqmqepwQOA3NsBLwCML6JtlI26yUyNbhq
jTMm0Whg4jWVr+Og
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:03 2025 by rpki-client