Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/qMVYOgqIzk9KMROylZiVtF-t3Zc.roa
File: qMVYOgqIzk9KMROylZiVtF-t3Zc.roa (raw, json)
Hash identifier: xqIRDpc2sFOdr1/l4Pzbo0nNaeEXShJ8C0GuGpTGneI=
Subject key identifier: A8:C5:58:3A:0A:88:CE:4F:4A:31:13:B2:95:98:95:B4:5F:AD:DD:97
Certificate issuer: /CN=4fbb63df06de00c843da63977349595471e51a26
Certificate serial: 019426D97AE024D0E18896F76EA3D2D2EBC7
Authority key identifier: 4F:BB:63:DF:06:DE:00:C8:43:DA:63:97:73:49:59:54:71:E5:1A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7tj3wbeAMhD2mOXc0lZVHHlGiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/qMVYOgqIzk9KMROylZiVtF-t3Zc.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199490
IP address blocks: 185.14.232.0/22 maxlen: 22
2a02:f000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7a:e0:24:d0:e1:88:96:f7:6e:a3:d2:d2:eb:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbb63df06de00c843da63977349595471e51a26
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8c5583a0a88ce4f4a3113b2959895b45faddd97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fb:06:bd:20:64:62:f1:b1:7c:73:10:7e:88:
7b:07:f4:88:09:6c:93:2f:e6:e6:56:37:58:cc:0d:
50:a9:a9:8a:80:2b:57:d1:0e:3b:68:f5:2c:5c:1f:
7e:49:1f:cb:6a:03:ee:62:35:38:3e:42:16:8d:48:
30:a7:26:95:61:99:70:61:64:e8:ac:3f:3a:e7:0e:
f2:d0:bc:3f:f3:1e:4b:2d:5a:44:35:6f:12:b2:cf:
3e:b5:b5:57:50:fc:fb:8e:de:80:11:ae:09:6c:88:
fb:43:0a:68:78:28:92:b9:33:17:3d:e5:7f:d8:40:
f1:f7:75:29:cd:e4:8c:cb:98:3c:a8:27:98:84:00:
82:ce:4e:8e:14:5f:3b:50:34:ae:99:9f:73:07:78:
48:ae:eb:7c:ec:9b:42:cc:ce:94:c0:8e:ff:2a:50:
e2:57:ef:5e:c9:32:61:07:a5:27:cc:90:9a:10:6d:
44:67:0e:d0:0e:ad:d4:01:aa:9d:94:56:14:41:06:
85:bc:e3:b9:00:b2:1d:5c:8b:ce:70:94:a1:d5:e5:
bf:3e:be:4a:fd:9d:c1:38:39:cb:5f:d8:c9:50:e3:
48:53:6e:ef:02:bf:0e:7c:45:bb:d9:32:d1:a5:04:
c5:58:e0:31:e6:23:14:a3:cc:59:ad:cf:1e:a9:70:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C5:58:3A:0A:88:CE:4F:4A:31:13:B2:95:98:95:B4:5F:AD:DD:97
X509v3 Authority Key Identifier:
keyid:4F:BB:63:DF:06:DE:00:C8:43:DA:63:97:73:49:59:54:71:E5:1A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7tj3wbeAMhD2mOXc0lZVHHlGiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/qMVYOgqIzk9KMROylZiVtF-t3Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a59ee9-33cd-47df-8403-b9472a2c5b3e/1/T7tj3wbeAMhD2mOXc0lZVHHlGiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.232.0/22
IPv6:
2a02:f000::/32
Signature Algorithm: sha256WithRSAEncryption
bc:80:ba:f8:18:30:5b:d7:74:1c:03:c9:29:40:83:04:fa:32:
78:e1:70:87:9d:32:b6:21:5e:2d:88:b3:20:c8:c6:84:d0:ae:
6d:83:f8:da:a7:24:2c:65:4f:e3:30:a7:30:95:fc:f7:23:bc:
34:9c:bc:62:c2:06:90:dc:60:f9:5a:9c:d5:9e:e8:08:f9:16:
d3:bc:a9:6b:4e:d3:09:72:5f:91:62:cd:14:8a:0f:95:05:76:
9c:47:3c:d2:38:31:36:9a:8e:d3:85:07:4e:69:0a:05:a3:38:
77:eb:ae:52:6d:26:56:66:c9:dc:6e:c3:65:2a:b1:88:99:53:
50:25:cb:43:62:4b:72:f1:34:68:ca:d3:5d:56:77:ee:4e:c6:
6a:68:93:19:28:ad:0f:bc:81:c4:9f:45:3a:11:74:d3:f1:5b:
c8:62:f0:3f:5e:14:7d:25:51:0d:45:44:d3:6d:76:7a:4b:62:
92:dd:a5:a0:11:11:87:4c:52:01:4a:dd:6e:c0:e5:47:96:7a:
8d:9d:42:66:9e:65:27:fa:44:ee:0b:bf:1d:ec:d1:33:9d:fd:
33:00:55:c1:b3:f7:43:60:f0:f7:b3:b2:bb:38:f6:0b:5d:1f:
a5:73:70:da:e8:58:cf:95:6a:48:bf:61:31:1b:e0:2a:c1:8c:
b1:8b:14:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2XrgJNDhiJb3bqPS0uvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmI2M2RmMDZkZTAwYzg0M2RhNjM5NzczNDk1OTU0NzFl
NTFhMjYwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM1NTgzYTBhODhjZTRmNGEzMTEzYjI5NTk4OTViNDVmYWRkZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PsGvSBkYvGxfHMQfoh7B/SICWyT
L+bmVjdYzA1QqamKgCtX0Q47aPUsXB9+SR/LagPuYjU4PkIWjUgwpyaVYZlwYWTo
rD865w7y0Lw/8x5LLVpENW8Sss8+tbVXUPz7jt6AEa4JbIj7QwpoeCiSuTMXPeV/
2EDx93UpzeSMy5g8qCeYhACCzk6OFF87UDSumZ9zB3hIrut87JtCzM6UwI7/KlDi
V+9eyTJhB6UnzJCaEG1EZw7QDq3UAaqdlFYUQQaFvOO5ALIdXIvOcJSh1eW/Pr5K
/Z3BODnLX9jJUONIU27vAr8OfEW72TLRpQTFWOAx5iMUo8xZrc8eqXAplQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKjFWDoKiM5PSjETspWYlbRfrd2XMB8GA1UdIwQY
MBaAFE+7Y98G3gDIQ9pjl3NJWVRx5RomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDd0ajN3YmVBTWhEMm1PWGMwbFpWSEhsR2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hNTllZTktMzNjZC00N2RmLTg0MDMt
Yjk0NzJhMmM1YjNlLzEvcU1WWU9ncUl6azlLTVJPeWxaaVZ0Ri10M1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hNTllZTktMzNjZC00N2RmLTg0MDMtYjk0NzJhMmM1YjNl
LzEvVDd0ajN3YmVBTWhEMm1PWGMwbFpWSEhsR2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ7oMA0E
AgACMAcDBQAqAvAAMA0GCSqGSIb3DQEBCwUAA4IBAQC8gLr4GDBb13QcA8kpQIME
+jJ44XCHnTK2IV4tiLMgyMaE0K5tg/japyQsZU/jMKcwlfz3I7w0nLxiwgaQ3GD5
WpzVnugI+RbTvKlrTtMJcl+RYs0Uig+VBXacRzzSODE2mo7ThQdOaQoFozh3665S
bSZWZsncbsNlKrGImVNQJctDYkty8TRoytNdVnfuTsZqaJMZKK0PvIHEn0U6EXTT
8VvIYvA/XhR9JVENRUTTbXZ6S2KS3aWgERGHTFIBSt1uwOVHlnqNnUJmnmUn+kTu
C78d7NEznf0zAFXBs/dDYPD3s7K7OPYLXR+lc3Da6FjPlWpIv2ExG+AqwYyxixQQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:26 2025 by rpki-client