Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/SHQabxNAl7yCxPIYXS8QEWqbJ8s.roa
File: SHQabxNAl7yCxPIYXS8QEWqbJ8s.roa (raw, json)
Hash identifier: 8gBiOpFpyvnrW5MWvLhoQ1iXNHnnsflwwhdtkDHOWgw=
Subject key identifier: 48:74:1A:6F:13:40:97:BC:82:C4:F2:18:5D:2F:10:11:6A:9B:27:CB
Certificate issuer: /CN=0502861f923c7ec1132b548f7abb861baca1f406
Certificate serial: 0194221FEB7A8AB93DE5AFAEBC3273993F29
Authority key identifier: 05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/SHQabxNAl7yCxPIYXS8QEWqbJ8s.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50673
IP address blocks: 185.104.28.0/22 maxlen: 24
2a06:2ec0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:eb:7a:8a:b9:3d:e5:af:ae:bc:32:73:99:3f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0502861f923c7ec1132b548f7abb861baca1f406
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48741a6f134097bc82c4f2185d2f10116a9b27cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8b:1a:dc:1a:62:ad:cf:e9:46:9c:45:5c:4f:
9e:ee:55:b1:bb:c7:3e:77:1e:db:61:d1:9d:3f:bf:
d3:0b:65:1a:5e:0c:df:4a:c2:b7:88:a8:6e:71:1f:
f5:b5:a4:4f:b2:b8:5f:3c:e3:a6:98:36:2e:f7:42:
87:b5:1c:f2:f9:e0:f3:48:6d:d3:d9:db:6d:72:62:
0d:a2:6f:b3:79:ad:cc:a1:95:2b:9a:40:60:da:e0:
05:25:4f:b9:34:b1:25:7a:c8:20:69:b6:1e:b9:59:
1a:e4:e9:87:1c:5a:dd:39:de:82:08:10:e5:91:89:
16:e2:5a:05:5d:3f:84:e1:cd:7f:b7:63:e0:21:d8:
b2:fc:3f:f6:73:17:21:ac:e9:01:c9:c0:48:e8:27:
6f:46:c9:0b:fa:d7:36:90:50:d9:73:2b:e0:a5:96:
20:8b:4b:49:ba:9e:41:19:2b:a7:38:93:85:92:a7:
9b:31:1c:6e:d6:a3:12:85:78:3f:c2:6d:b1:c3:db:
e0:ab:a5:5b:67:c8:c6:6f:4b:57:30:cc:31:95:a9:
e3:c8:c3:e8:4b:dd:c7:26:5a:2e:13:90:68:79:07:
0f:07:64:17:91:87:94:9d:5b:26:8f:0d:c9:fe:94:
b4:97:86:7b:31:f3:d2:e5:44:84:82:02:79:d4:29:
df:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:74:1A:6F:13:40:97:BC:82:C4:F2:18:5D:2F:10:11:6A:9B:27:CB
X509v3 Authority Key Identifier:
keyid:05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/SHQabxNAl7yCxPIYXS8QEWqbJ8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.28.0/22
IPv6:
2a06:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:99:24:cc:b6:63:7f:8a:da:50:4e:e5:88:b1:6d:f7:57:d0:
49:01:be:f5:68:b2:ae:b4:43:c0:b7:77:43:38:8a:2e:c1:b9:
11:bb:7c:0e:64:86:af:e5:a0:a5:55:7f:11:33:d9:45:88:47:
94:21:35:dc:0d:6e:22:a4:2f:b5:f6:e6:26:dd:84:fe:2f:0d:
4e:20:9c:54:16:da:26:e5:35:61:fc:54:f2:04:a9:e3:a9:69:
58:f4:3f:87:6a:a7:b2:43:02:b4:43:ca:0f:c2:56:eb:9f:44:
84:e7:e4:a2:f3:10:e3:b5:bd:17:55:2c:b6:89:76:31:88:13:
7c:52:37:0a:aa:62:41:89:20:ff:2a:9e:af:a3:b1:55:5e:f6:
93:c0:66:a2:5d:f4:14:42:e7:a9:68:a7:a6:b9:02:72:30:dd:
c9:ef:1c:29:e1:a5:f2:a9:87:08:98:b3:9c:98:6e:d0:47:68:
06:b1:60:d6:34:cf:95:15:95:bb:33:2d:1e:61:98:76:90:0b:
ab:13:c1:fa:30:cf:21:94:b4:fb:f1:4d:83:34:e1:41:b0:f3:
51:93:d3:ca:ff:11:8b:84:b6:36:6e:5a:3c:1d:39:72:0f:9b:
b9:5d:fb:34:f2:87:d2:94:61:22:b7:08:b8:29:7a:86:b6:21:
92:7c:a3:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH+t6irk95a+uvDJzmT8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI4NjFmOTIzYzdlYzExMzJiNTQ4ZjdhYmI4NjFiYWNh
MWY0MDYwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc0MWE2ZjEzNDA5N2JjODJjNGYyMTg1ZDJmMTAxMTZhOWIyN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYsa3Bpirc/pRpxFXE+e7lWxu8c+
dx7bYdGdP7/TC2UaXgzfSsK3iKhucR/1taRPsrhfPOOmmDYu90KHtRzy+eDzSG3T
2dttcmINom+zea3MoZUrmkBg2uAFJU+5NLElesggabYeuVka5OmHHFrdOd6CCBDl
kYkW4loFXT+E4c1/t2PgIdiy/D/2cxchrOkBycBI6CdvRskL+tc2kFDZcyvgpZYg
i0tJup5BGSunOJOFkqebMRxu1qMShXg/wm2xw9vgq6VbZ8jGb0tXMMwxlanjyMPo
S93HJlouE5BoeQcPB2QXkYeUnVsmjw3J/pS0l4Z7MfPS5USEggJ51CnfbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEh0Gm8TQJe8gsTyGF0vEBFqmyfLMB8GA1UdIwQY
MBaAFAUChh+SPH7BEytUj3q7hhusofQGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQt
MGM2NGRlYmU5ZWM0LzEvU0hRYWJ4TkFsN3lDeFBJWVhTOFFFV3FiSjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQtMGM2NGRlYmU5ZWM0
LzEvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWgcMA0E
AgACMAcDBQMqBi7AMA0GCSqGSIb3DQEBCwUAA4IBAQComSTMtmN/itpQTuWIsW33
V9BJAb71aLKutEPAt3dDOIouwbkRu3wOZIav5aClVX8RM9lFiEeUITXcDW4ipC+1
9uYm3YT+Lw1OIJxUFtom5TVh/FTyBKnjqWlY9D+HaqeyQwK0Q8oPwlbrn0SE5+Si
8xDjtb0XVSy2iXYxiBN8UjcKqmJBiSD/Kp6vo7FVXvaTwGaiXfQUQuepaKemuQJy
MN3J7xwp4aXyqYcImLOcmG7QR2gGsWDWNM+VFZW7My0eYZh2kAurE8H6MM8hlLT7
8U2DNOFBsPNRk9PK/xGLhLY2blo8HTlyD5u5Xfs08ofSlGEitwi4KXqGtiGSfKPx
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:50:57 2025 by rpki-client