Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/28b15f-e7e8-4da4-bfc7-7480b5a0d973/1/QxYftvw4ScrdmE6izSAuqNiVV-s.roa
File: QxYftvw4ScrdmE6izSAuqNiVV-s.roa (raw, json)
Hash identifier: Ug7LB4EKJVBqtTxRK9aYbiXduDif7sf/a25gAftWyKo=
Subject key identifier: 43:16:1F:B6:FC:38:49:CA:DD:98:4E:A2:CD:20:2E:A8:D8:95:57:EB
Certificate issuer: /CN=1dda2f7e26cb7d7a56ac6405e90c6a61a92ad2d1
Certificate serial: 01941FFA201D3029A6C4F90534362C4A87A2
Authority key identifier: 1D:DA:2F:7E:26:CB:7D:7A:56:AC:64:05:E9:0C:6A:61:A9:2A:D2:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdovfibLfXpWrGQF6QxqYakq0tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/28b15f-e7e8-4da4-bfc7-7480b5a0d973/1/QxYftvw4ScrdmE6izSAuqNiVV-s.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207365
IP address blocks: 185.73.225.0/24 maxlen: 24
2a10:1080::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:20:1d:30:29:a6:c4:f9:05:34:36:2c:4a:87:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dda2f7e26cb7d7a56ac6405e90c6a61a92ad2d1
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43161fb6fc3849cadd984ea2cd202ea8d89557eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:60:b1:f7:5a:38:b7:aa:52:b6:73:85:fa:8e:
bf:07:b2:f1:bb:9a:81:1e:c5:ed:ad:44:3f:ab:87:
c4:89:6f:db:b0:ac:91:eb:32:6e:e6:0e:91:1a:06:
37:da:78:11:04:01:8b:d6:c0:11:43:ad:0f:c9:e8:
4c:a2:fb:af:54:81:5b:37:59:02:22:6d:22:17:96:
e3:44:83:f8:41:62:c9:f8:35:d8:89:54:c3:46:fd:
65:7b:aa:9d:3c:d8:44:68:8f:5e:79:6d:f3:91:82:
3f:65:d2:37:19:63:9e:4e:1c:81:6a:d3:02:f4:b4:
84:ed:6b:3f:4d:e5:09:47:d2:61:3f:55:0e:5b:b8:
17:da:a9:23:bd:64:c1:e7:7a:e3:69:17:b9:c8:9d:
cc:94:7c:65:65:22:66:fd:bd:99:52:72:67:47:e7:
5d:1c:15:fd:76:47:21:21:bc:38:94:2d:e3:31:89:
96:f1:9d:3b:18:9d:88:a3:19:9d:31:b2:1f:60:7a:
dd:ef:7d:c9:65:b8:a3:71:37:7a:f0:f9:0d:d9:a7:
c6:44:2d:dd:ff:da:2b:bc:bf:74:6e:5f:d0:dc:7a:
5b:ae:49:5c:18:f1:27:6d:73:66:e9:43:26:ad:30:
c5:64:df:cc:27:70:b1:7b:c5:a4:2c:67:1d:04:21:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:16:1F:B6:FC:38:49:CA:DD:98:4E:A2:CD:20:2E:A8:D8:95:57:EB
X509v3 Authority Key Identifier:
keyid:1D:DA:2F:7E:26:CB:7D:7A:56:AC:64:05:E9:0C:6A:61:A9:2A:D2:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdovfibLfXpWrGQF6QxqYakq0tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/28b15f-e7e8-4da4-bfc7-7480b5a0d973/1/QxYftvw4ScrdmE6izSAuqNiVV-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/28b15f-e7e8-4da4-bfc7-7480b5a0d973/1/HdovfibLfXpWrGQF6QxqYakq0tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.225.0/24
IPv6:
2a10:1080::/29
Signature Algorithm: sha256WithRSAEncryption
32:2d:df:ad:b9:c1:b5:88:97:0e:2c:36:3f:3f:f6:e7:7c:35:
f8:f9:0e:1b:63:a5:77:6e:5c:c1:e1:49:21:70:b8:81:9c:cd:
15:77:12:00:81:06:37:7f:41:45:88:aa:f7:12:5b:d9:2f:a3:
3d:47:dc:1f:9f:38:17:b7:fb:30:5b:6f:ef:8f:83:7f:7e:61:
8e:e8:66:1b:2e:8a:13:e4:1c:5c:df:57:36:7d:56:40:1e:a9:
43:bc:3d:ea:fa:bd:bc:a7:88:1f:7a:b1:d5:27:7d:a1:4d:fb:
fb:be:72:97:8a:47:d7:b7:6c:c1:10:4f:14:cb:63:47:0d:f1:
86:fa:35:92:15:1e:99:f7:e5:be:08:b3:d2:d3:f7:a3:02:bb:
90:b0:d6:5f:af:59:c8:bf:0d:73:01:48:3f:b3:1e:2e:46:92:
1c:5b:5f:ba:08:79:e2:5e:84:cf:a1:2c:f4:b2:6c:4d:58:d0:
b7:55:79:23:c6:1a:36:17:7a:44:e2:48:fb:9b:8f:41:b8:a8:
69:93:d6:e2:1e:95:81:ea:a2:e1:75:82:bd:25:c5:ae:14:6b:
7d:19:08:97:66:73:6d:6f:c5:12:e9:11:2e:4b:d8:e5:c6:68:
0f:eb:4d:28:68:74:d5:94:30:d7:b7:1b:17:e9:d5:1b:d7:7d:
8a:ee:3d:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+iAdMCmmxPkFNDYsSoeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGEyZjdlMjZjYjdkN2E1NmFjNjQwNWU5MGM2YTYxYTky
YWQyZDEwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE2MWZiNmZjMzg0OWNhZGQ5ODRlYTJjZDIwMmVhOGQ4OTU1N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGCx91o4t6pStnOF+o6/B7Lxu5qB
HsXtrUQ/q4fEiW/bsKyR6zJu5g6RGgY32ngRBAGL1sARQ60PyehMovuvVIFbN1kC
Im0iF5bjRIP4QWLJ+DXYiVTDRv1le6qdPNhEaI9eeW3zkYI/ZdI3GWOeThyBatMC
9LSE7Ws/TeUJR9JhP1UOW7gX2qkjvWTB53rjaRe5yJ3MlHxlZSJm/b2ZUnJnR+dd
HBX9dkchIbw4lC3jMYmW8Z07GJ2IoxmdMbIfYHrd733JZbijcTd68PkN2afGRC3d
/9orvL90bl/Q3HpbrklcGPEnbXNm6UMmrTDFZN/MJ3Cxe8WkLGcdBCHSDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEMWH7b8OEnK3ZhOos0gLqjYlVfrMB8GA1UdIwQY
MBaAFB3aL34my316VqxkBekMamGpKtLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRvdmZpYkxmWHBXckdRRjZReHFZYWtxMHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8yOGIxNWYtZTdlOC00ZGE0LWJmYzct
NzQ4MGI1YTBkOTczLzEvUXhZZnR2dzRTY3JkbUU2aXpTQXVxTmlWVi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8yOGIxNWYtZTdlOC00ZGE0LWJmYzctNzQ4MGI1YTBkOTcz
LzEvSGRvdmZpYkxmWHBXckdRRjZReHFZYWtxMHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUnhMA0E
AgACMAcDBQMqEBCAMA0GCSqGSIb3DQEBCwUAA4IBAQAyLd+tucG1iJcOLDY/P/bn
fDX4+Q4bY6V3blzB4UkhcLiBnM0VdxIAgQY3f0FFiKr3ElvZL6M9R9wfnzgXt/sw
W2/vj4N/fmGO6GYbLooT5Bxc31c2fVZAHqlDvD3q+r28p4gferHVJ32hTfv7vnKX
ikfXt2zBEE8Uy2NHDfGG+jWSFR6Z9+W+CLPS0/ejAruQsNZfr1nIvw1zAUg/sx4u
RpIcW1+6CHniXoTPoSz0smxNWNC3VXkjxho2F3pE4kj7m49BuKhpk9biHpWB6qLh
dYK9JcWuFGt9GQiXZnNtb8US6REuS9jlxmgP600oaHTVlDDXtxsX6dUb132K7j3O
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:50:00 2025 by rpki-client