Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/KpqhmDN4PwGeQOyx1F2chMnA50g.roa
File: KpqhmDN4PwGeQOyx1F2chMnA50g.roa (raw, json)
Hash identifier: DNgLDFTg3cwMMhN86OnAoSqZ+ZXAhdxntU2zCCbmG4E=
Subject key identifier: 2A:9A:A1:98:33:78:3F:01:9E:40:EC:B1:D4:5D:9C:84:C9:C0:E7:48
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444D478B21DC4F2D9E2C9458F48557A
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/KpqhmDN4PwGeQOyx1F2chMnA50g.roa
Signing time: Wed 01 Jan 2025 23:47:58 +0000
ROA not before: Wed 01 Jan 2025 23:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35761
IP address blocks: 185.58.20.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d4:78:b2:1d:c4:f2:d9:e2:c9:45:8f:48:55:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a9aa19833783f019e40ecb1d45d9c84c9c0e748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:f9:32:c6:8a:3a:20:14:9c:82:31:0e:3b:
61:04:eb:63:c8:c4:d2:e8:e4:0b:92:61:2f:2e:97:
c1:58:78:88:d5:2e:8d:4e:66:7d:14:93:82:0d:9e:
1e:92:2c:79:88:b9:90:9d:a2:a5:56:e8:5d:4b:a3:
10:2d:a7:f0:ae:63:8f:e7:5f:b9:da:1e:5f:56:98:
91:8b:d7:46:d2:5d:d9:e2:3e:6e:0e:19:11:21:73:
5d:87:54:26:bf:ac:ef:20:dc:c7:74:aa:e4:84:ef:
dd:44:c7:ba:47:fc:c0:5b:c7:a0:83:99:28:cf:9e:
26:e1:e5:fa:d2:c5:48:e6:bb:54:23:c7:01:93:f2:
c4:3e:9f:f0:94:3d:87:96:7c:27:77:45:0b:51:62:
20:e4:4a:23:6d:d7:56:ef:42:b5:3e:38:02:fc:c8:
34:0f:ad:9e:a7:d6:f5:b4:a8:ea:89:21:d2:31:79:
0f:e4:32:4b:e5:5a:5b:2b:1a:55:83:d4:7d:7b:c2:
10:8b:38:bd:ab:ca:99:63:aa:7c:7d:d7:5b:08:16:
00:5a:89:49:bc:d8:c2:90:03:79:ca:55:74:24:cf:
d3:d4:e0:78:30:58:d5:9b:b2:24:1c:52:e9:8d:80:
68:20:86:e5:45:90:16:ca:8d:88:be:09:3b:28:d3:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9A:A1:98:33:78:3F:01:9E:40:EC:B1:D4:5D:9C:84:C9:C0:E7:48
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/KpqhmDN4PwGeQOyx1F2chMnA50g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.20.0/23
Signature Algorithm: sha256WithRSAEncryption
92:64:24:73:8a:17:5a:4b:e3:ae:fb:76:f3:4b:27:03:f4:48:
94:21:a9:8e:aa:98:b3:65:32:49:65:34:99:70:48:b4:0c:b1:
22:43:cd:e0:cb:ff:46:cb:06:97:ab:b3:bc:8a:cb:c1:3c:26:
82:79:08:49:de:b6:a5:01:8f:4f:9b:9b:37:35:3f:02:61:37:
10:2c:77:ed:0e:72:2f:fb:64:91:a5:5d:e9:7f:8e:3e:46:f3:
2d:6f:eb:9b:89:c0:de:81:13:17:b4:f9:54:fc:dc:61:bc:22:
18:8c:27:7d:9a:c7:09:4e:98:f1:53:31:a7:dc:9f:ab:46:25:
09:6b:44:01:8f:33:c3:13:55:ed:21:e8:c7:b6:d5:64:c9:30:
81:fc:26:8e:59:2f:37:67:93:b1:64:02:31:19:6c:ff:f9:18:
11:3e:76:eb:42:16:5a:38:0c:b9:bd:b3:7d:b3:9b:4f:93:22:
a9:d4:0b:00:9b:de:24:6d:25:34:4d:9a:e4:75:a8:c1:da:4a:
1e:cb:4f:59:99:af:cd:e9:a7:1a:9e:f1:a4:07:8f:d7:67:bc:
9f:27:ae:ac:db:83:45:63:8c:3d:04:46:3a:29:10:67:fc:ec:
6d:f5:f3:82:67:76:72:22:67:28:10:e7:4d:a7:b8:01:d5:fc:
60:2f:27:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNR4sh3E8tniyUWPSFV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTlhYTE5ODMzNzgzZjAxOWU0MGVjYjFkNDVkOWM4NGM5YzBlNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyT5MsaKOiAUnIIxDjthBOtjyMTS
6OQLkmEvLpfBWHiI1S6NTmZ9FJOCDZ4ekix5iLmQnaKlVuhdS6MQLafwrmOP51+5
2h5fVpiRi9dG0l3Z4j5uDhkRIXNdh1Qmv6zvINzHdKrkhO/dRMe6R/zAW8egg5ko
z54m4eX60sVI5rtUI8cBk/LEPp/wlD2Hlnwnd0ULUWIg5EojbddW70K1PjgC/Mg0
D62ep9b1tKjqiSHSMXkP5DJL5VpbKxpVg9R9e8IQizi9q8qZY6p8fddbCBYAWolJ
vNjCkAN5ylV0JM/T1OB4MFjVm7IkHFLpjYBoIIblRZAWyo2Ivgk7KNN7HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqaoZgzeD8BnkDssdRdnITJwOdIMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvS3BxaG1ETjRQd0dlUU95eDFGMmNoTW5BNTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuToUMA0G
CSqGSIb3DQEBCwUAA4IBAQCSZCRzihdaS+Ou+3bzSycD9EiUIamOqpizZTJJZTSZ
cEi0DLEiQ83gy/9GywaXq7O8isvBPCaCeQhJ3ralAY9Pm5s3NT8CYTcQLHftDnIv
+2SRpV3pf44+RvMtb+ubicDegRMXtPlU/NxhvCIYjCd9mscJTpjxUzGn3J+rRiUJ
a0QBjzPDE1XtIejHttVkyTCB/CaOWS83Z5OxZAIxGWz/+RgRPnbrQhZaOAy5vbN9
s5tPkyKp1AsAm94kbSU0TZrkdajB2koey09Zma/N6acanvGkB4/XZ7yfJ66s24NF
Y4w9BEY6KRBn/Oxt9fOCZ3ZyImcoEOdNp7gB1fxgLydQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:28 2025 by rpki-client