Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/d1dfd6-ccdf-4621-b454-6e3fa62cd2df/1/qIsWYTGGyTWdcMi1EBNZy3-Gz6s.roa
File: qIsWYTGGyTWdcMi1EBNZy3-Gz6s.roa (raw, json)
Hash identifier: 7m+uP5vyUA/FJoMPvZCOt04fNaOUpHbFnR+UKfmp0FA=
Subject key identifier: A8:8B:16:61:31:86:C9:35:9D:70:C8:B5:10:13:59:CB:7F:86:CF:AB
Certificate issuer: /CN=a2f516bf42214086db39847f9f563b4cf4a0ff43
Certificate serial: 01941F8C874E3E0F45A3ACA9E3EF5174BB9E
Authority key identifier: A2:F5:16:BF:42:21:40:86:DB:39:84:7F:9F:56:3B:4C:F4:A0:FF:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ovUWv0IhQIbbOYR_n1Y7TPSg_0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/d1dfd6-ccdf-4621-b454-6e3fa62cd2df/1/qIsWYTGGyTWdcMi1EBNZy3-Gz6s.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5610
IP address blocks: 195.5.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:87:4e:3e:0f:45:a3:ac:a9:e3:ef:51:74:bb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2f516bf42214086db39847f9f563b4cf4a0ff43
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a88b16613186c9359d70c8b5101359cb7f86cfab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8c:6d:d9:ad:a2:47:94:c9:7c:b0:44:35:bc:
5f:38:94:25:f7:0b:77:63:56:17:b5:1b:75:0d:39:
68:a7:b3:c4:29:3b:fa:5d:ba:82:61:60:25:ae:cb:
c8:db:11:2b:e3:ae:d7:fb:66:c8:be:68:2b:8a:96:
40:e0:1b:39:ab:a4:96:8e:6f:39:ca:19:72:c1:00:
6f:bf:ab:e6:43:bb:9d:5b:a0:09:cb:3b:76:4f:11:
d1:72:25:32:45:6d:8a:96:8a:8d:f6:1d:a5:c5:f9:
8d:c6:15:bd:c1:90:2f:54:d0:39:80:0e:37:1d:de:
30:9d:17:bd:a0:e9:f8:53:9e:a8:38:2b:ac:7f:5c:
ce:b0:52:75:88:fd:6c:31:78:31:02:87:c3:4c:32:
55:59:fb:28:d3:11:0e:42:0a:a1:c1:3f:7c:e6:5e:
92:f8:66:73:e0:50:57:f4:e4:b5:dc:cb:ff:7f:14:
77:5e:2c:07:c4:7e:ca:64:4c:f7:86:90:4c:49:53:
af:65:d1:d7:62:a7:7a:89:b1:72:e2:ae:b4:e1:50:
c6:47:a2:af:cb:60:4f:c8:db:f2:72:6a:d2:c4:cc:
d6:98:0b:6f:c2:bf:f2:f8:a9:da:81:86:5b:3d:c6:
bd:19:a2:48:11:6d:38:29:c7:7f:12:bf:e0:de:cb:
d3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8B:16:61:31:86:C9:35:9D:70:C8:B5:10:13:59:CB:7F:86:CF:AB
X509v3 Authority Key Identifier:
keyid:A2:F5:16:BF:42:21:40:86:DB:39:84:7F:9F:56:3B:4C:F4:A0:FF:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ovUWv0IhQIbbOYR_n1Y7TPSg_0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d1dfd6-ccdf-4621-b454-6e3fa62cd2df/1/qIsWYTGGyTWdcMi1EBNZy3-Gz6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d1dfd6-ccdf-4621-b454-6e3fa62cd2df/1/ovUWv0IhQIbbOYR_n1Y7TPSg_0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.186.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:7c:f6:b7:71:a7:85:83:28:6b:79:11:8a:cf:6b:60:78:e5:
3c:e4:e9:cd:0b:00:e8:91:0c:13:c4:c6:ed:01:f3:1c:ea:20:
a9:43:04:b7:5c:7d:5b:7c:44:d5:72:5b:8e:49:5c:3d:39:32:
a0:8d:3c:aa:e9:64:cc:47:f5:68:7f:a0:e2:b0:52:fe:a6:eb:
17:15:c9:bc:7c:64:c5:15:f3:1a:29:81:6a:26:e1:a6:7f:a1:
72:2a:32:c6:18:12:82:3c:ce:92:99:02:e1:6e:f1:74:5e:4e:
2b:6d:a0:cc:1e:8e:53:6d:0a:2f:d0:40:78:c4:d9:37:24:3e:
13:e5:7a:19:76:f5:4a:79:8d:fc:3f:7a:0f:01:20:a2:a4:dd:
48:4d:04:bd:e3:61:5e:dd:41:b5:d4:64:b6:03:43:63:ca:db:
32:99:37:48:5f:af:e1:14:61:d5:a5:e4:37:6a:d4:6d:2e:6c:
f4:bd:0a:fa:e6:7e:47:7a:15:44:c8:3d:3c:1f:33:75:04:bf:
cb:49:76:88:7f:cd:14:27:eb:97:5b:14:a4:6c:59:6f:fc:d3:
fb:8c:49:28:2f:77:60:17:a0:9c:e9:10:2e:d2:16:31:98:cb:
1a:11:8a:f7:88:0a:d5:08:28:44:37:99:71:89:20:10:f3:3e:
2a:89:53:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIdOPg9Fo6yp4+9RdLueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZjUxNmJmNDIyMTQwODZkYjM5ODQ3ZjlmNTYzYjRjZjRh
MGZmNDMwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhiMTY2MTMxODZjOTM1OWQ3MGM4YjUxMDEzNTljYjdmODZjZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Yxt2a2iR5TJfLBENbxfOJQl9wt3
Y1YXtRt1DTlop7PEKTv6XbqCYWAlrsvI2xEr467X+2bIvmgripZA4Bs5q6SWjm85
yhlywQBvv6vmQ7udW6AJyzt2TxHRciUyRW2KloqN9h2lxfmNxhW9wZAvVNA5gA43
Hd4wnRe9oOn4U56oOCusf1zOsFJ1iP1sMXgxAofDTDJVWfso0xEOQgqhwT985l6S
+GZz4FBX9OS13Mv/fxR3XiwHxH7KZEz3hpBMSVOvZdHXYqd6ibFy4q604VDGR6Kv
y2BPyNvycmrSxMzWmAtvwr/y+KnagYZbPca9GaJIEW04Kcd/Er/g3svTMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiLFmExhsk1nXDItRATWct/hs+rMB8GA1UdIwQY
MBaAFKL1Fr9CIUCG2zmEf59WO0z0oP9DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ZVV3YwSWhRSWJiT1lSX24xWTdUUFNnXzBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kMWRmZDYtY2NkZi00NjIxLWI0NTQt
NmUzZmE2MmNkMmRmLzEvcUlzV1lUR0d5VFdkY01pMUVCTlp5My1HejZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kMWRmZDYtY2NkZi00NjIxLWI0NTQtNmUzZmE2MmNkMmRm
LzEvb3ZVV3YwSWhRSWJiT1lSX24xWTdUUFNnXzBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwW6MA0G
CSqGSIb3DQEBCwUAA4IBAQDSfPa3caeFgyhreRGKz2tgeOU85OnNCwDokQwTxMbt
AfMc6iCpQwS3XH1bfETVcluOSVw9OTKgjTyq6WTMR/Vof6DisFL+pusXFcm8fGTF
FfMaKYFqJuGmf6FyKjLGGBKCPM6SmQLhbvF0Xk4rbaDMHo5TbQov0EB4xNk3JD4T
5XoZdvVKeY38P3oPASCipN1ITQS942Fe3UG11GS2A0NjytsymTdIX6/hFGHVpeQ3
atRtLmz0vQr65n5HehVEyD08HzN1BL/LSXaIf80UJ+uXWxSkbFlv/NP7jEkoL3dg
F6Cc6RAu0hYxmMsaEYr3iArVCChEN5lxiSAQ8z4qiVNX
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:06:03 2025 by rpki-client