Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/ST5QgStVsZ8VLKir2fIMPSp6_jU.roa
File: ST5QgStVsZ8VLKir2fIMPSp6_jU.roa (raw, json)
Hash identifier: 2UGwzfV+8KmtBgovMvwjTZRncLGcWbahxwdG9QTxnao=
Subject key identifier: 49:3E:50:81:2B:55:B1:9F:15:2C:A8:AB:D9:F2:0C:3D:2A:7A:FE:35
Certificate issuer: /CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Certificate serial: 019426D9D50AAAFAE9F806D2905EA4C5E188
Authority key identifier: 1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/ST5QgStVsZ8VLKir2fIMPSp6_jU.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.192.58.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d5:0a:aa:fa:e9:f8:06:d2:90:5e:a4:c5:e1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=493e50812b55b19f152ca8abd9f20c3d2a7afe35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:46:a2:34:88:c5:8a:f9:4f:a1:d5:60:e7:c5:
3b:79:80:4b:f9:b8:58:c8:9a:f5:59:da:d6:6f:1e:
2d:36:d0:c0:19:95:c8:87:f6:4c:59:6d:ab:5a:d5:
4b:08:63:c1:bf:cb:66:8b:a8:6d:bf:90:b8:a1:7a:
f3:b5:d7:6a:97:cc:b1:44:3a:48:5c:2c:33:c0:1d:
d1:8e:f9:65:45:7a:8e:83:ff:d6:8c:c1:fa:c0:18:
2e:97:f6:a8:b7:f4:ca:75:de:3d:19:3c:91:32:e5:
57:ca:ea:ef:5f:e2:d8:b6:3e:e5:a3:04:ff:ca:cd:
bb:a1:57:7f:70:ba:bc:33:e9:fd:fe:fc:16:47:66:
43:f7:06:9e:8e:7f:0a:b3:15:a4:ac:d5:28:b8:c1:
25:cd:83:cd:ae:82:c0:f1:25:b5:3d:7c:bd:a6:89:
e8:27:95:d1:9d:b3:e5:ed:25:2c:da:33:66:c5:1d:
09:2d:19:9b:d3:5f:9c:3d:0e:cf:e0:3b:9c:66:26:
37:80:ca:af:d0:ac:8d:ab:6e:60:79:56:9e:a8:3d:
3b:86:d7:ee:b9:51:d6:1e:f2:a2:03:f1:4f:45:11:
ea:12:f4:e9:86:f4:a2:b6:e1:47:01:28:71:20:e3:
77:42:d7:3f:64:ec:4d:f9:90:ec:59:f9:6b:c2:67:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3E:50:81:2B:55:B1:9F:15:2C:A8:AB:D9:F2:0C:3D:2A:7A:FE:35
X509v3 Authority Key Identifier:
keyid:1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/ST5QgStVsZ8VLKir2fIMPSp6_jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.58.0/23
Signature Algorithm: sha256WithRSAEncryption
07:be:f2:2b:34:8c:0c:ac:cf:8b:7a:dd:7d:d6:b9:92:d7:69:
3b:ad:19:07:1b:7d:1a:95:12:65:b0:c6:42:22:e9:56:ab:22:
53:a8:56:ad:e6:06:c6:d2:67:20:3c:44:bd:72:d6:5e:24:cc:
35:c6:ee:b6:57:8d:d0:b8:a7:c9:c5:d7:a3:ab:49:fb:bc:83:
76:d8:ad:01:c1:1d:7c:8e:83:b7:ce:dd:c3:28:b7:0d:f7:fe:
3c:cc:88:17:9b:5a:18:28:e1:4c:f6:a7:b7:5b:36:b3:54:75:
6c:37:ac:aa:40:1d:2b:f2:1a:1a:29:51:f7:e2:e4:56:1a:75:
a8:dd:07:fb:2a:dd:85:7b:2e:62:6e:b0:6e:68:33:72:b6:32:
11:11:5c:aa:d3:f3:a4:ef:c0:38:f3:c1:f1:0f:6c:0c:6a:51:
db:1c:cd:ca:b2:63:4b:a6:46:a1:1f:d1:c9:06:97:08:bd:b2:
23:20:f4:5d:0c:ea:3f:a3:ea:25:4e:56:07:8a:5b:0d:c7:8c:
ad:75:df:bd:d6:98:3b:63:b9:ee:d3:41:b9:e1:8c:4c:aa:94:
c2:53:4e:2e:87:5c:77:19:c3:c7:82:d0:fe:6d:65:9b:78:c7:
c1:e2:e4:8d:e5:e7:55:2f:48:21:99:e8:d5:a7:2c:61:6c:cb:
09:32:02:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dUKqvrp+AbSkF6kxeGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRkMTE1NTQyNDdiZDJiZDMwMWNlYTQzZmY1MTgwMzcy
YzM4ZTQwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNlNTA4MTJiNTViMTlmMTUyY2E4YWJkOWYyMGMzZDJhN2FmZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0aiNIjFivlPodVg58U7eYBL+bhY
yJr1WdrWbx4tNtDAGZXIh/ZMWW2rWtVLCGPBv8tmi6htv5C4oXrztddql8yxRDpI
XCwzwB3RjvllRXqOg//WjMH6wBgul/aot/TKdd49GTyRMuVXyurvX+LYtj7lowT/
ys27oVd/cLq8M+n9/vwWR2ZD9waejn8KsxWkrNUouMElzYPNroLA8SW1PXy9pono
J5XRnbPl7SUs2jNmxR0JLRmb01+cPQ7P4DucZiY3gMqv0KyNq25geVaeqD07htfu
uVHWHvKiA/FPRRHqEvTphvSituFHAShxION3Qtc/ZOxN+ZDsWflrwmeDxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEk+UIErVbGfFSyoq9nyDD0qev41MB8GA1UdIwQY
MBaAFBpN0RVUJHvSvTAc6kP/UYA3LDjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUt
M2JhNWYzMGNhYWJmLzEvU1Q1UWdTdFZzWjhWTEtpcjJmSU1QU3A2X2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUtM2JhNWYzMGNhYWJm
LzEvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucA6MA0G
CSqGSIb3DQEBCwUAA4IBAQAHvvIrNIwMrM+Let191rmS12k7rRkHG30alRJlsMZC
IulWqyJTqFat5gbG0mcgPES9ctZeJMw1xu62V43QuKfJxdejq0n7vIN22K0BwR18
joO3zt3DKLcN9/48zIgXm1oYKOFM9qe3WzazVHVsN6yqQB0r8hoaKVH34uRWGnWo
3Qf7Kt2Fey5ibrBuaDNytjIREVyq0/Ok78A488HxD2wMalHbHM3KsmNLpkahH9HJ
BpcIvbIjIPRdDOo/o+olTlYHilsNx4ytdd+91pg7Y7nu00G54YxMqpTCU04uh1x3
GcPHgtD+bWWbeMfB4uSN5edVL0ghmejVpyxhbMsJMgK7
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:46:13 2025 by rpki-client