Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/GuglbdgQwP1s68zPxpBUKeDH1GE.roa
File: GuglbdgQwP1s68zPxpBUKeDH1GE.roa (raw, json)
Hash identifier: Sf12fpSS/gSIfCrOMCQf0QxlhogqDHOYf+4YlIW4mDA=
Subject key identifier: 1A:E8:25:6D:D8:10:C0:FD:6C:EB:CC:CF:C6:90:54:29:E0:C7:D4:61
Certificate issuer: /CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac
Certificate serial: 0194DF004F39BC620F40FA115FFA3BDA8D29
Authority key identifier: E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/GuglbdgQwP1s68zPxpBUKeDH1GE.roa
Signing time: Fri 07 Feb 2025 06:02:06 +0000
ROA not before: Fri 07 Feb 2025 06:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206564
IP address blocks: 185.59.248.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:00:4f:39:bc:62:0f:40:fa:11:5f:fa:3b:da:8d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac
Validity
Not Before: Feb 7 06:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ae8256dd810c0fd6cebcccfc6905429e0c7d461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:39:97:c0:a3:d1:ff:de:10:5b:84:69:17:
ea:25:6b:d1:c6:eb:bb:4c:c8:7f:0f:1a:a6:57:f8:
be:55:49:45:fd:4d:cd:7d:c3:51:13:87:97:c4:ad:
8d:fc:fc:da:4c:1b:ab:6c:bf:a3:ff:ae:f9:40:dc:
08:6a:c2:14:51:85:91:30:1e:21:36:20:a1:52:dc:
06:d6:c5:1c:82:07:fd:c5:8f:1a:80:d6:8a:56:ac:
c7:4a:11:8e:32:7c:b1:19:df:f9:cf:19:ce:00:18:
a5:bb:28:66:40:01:82:c5:2a:15:80:84:85:e4:af:
f4:97:c5:5d:33:08:80:d3:80:43:58:1a:89:93:68:
72:f1:51:69:77:b4:0c:c4:06:68:e6:c1:eb:ca:93:
e5:5f:16:43:10:65:22:e3:95:38:a0:1e:de:7c:a8:
22:37:e1:79:95:55:a9:d3:e8:d6:c7:41:ce:b4:a8:
62:89:5b:db:9f:02:95:cf:e0:cb:e4:11:46:1f:6c:
81:fa:94:79:a6:e3:8f:31:af:dd:d4:71:de:30:f2:
6b:cc:2e:c3:6a:0f:e8:d5:0f:e2:87:16:de:95:21:
85:85:cb:d1:52:c5:38:56:50:28:84:1b:ca:1d:80:
ad:2e:63:60:51:2b:2e:90:28:a4:aa:57:90:20:4b:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E8:25:6D:D8:10:C0:FD:6C:EB:CC:CF:C6:90:54:29:E0:C7:D4:61
X509v3 Authority Key Identifier:
keyid:E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/GuglbdgQwP1s68zPxpBUKeDH1GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/5S2LXLp8LSuK8EbrfzEBBawMCaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.248.0/22
Signature Algorithm: sha256WithRSAEncryption
47:99:60:b7:43:6c:6d:1b:67:95:1c:3f:93:e7:c4:f8:28:ef:
5c:70:6a:35:d9:a1:8d:22:97:c4:69:bd:d1:95:e2:c6:f2:a3:
6f:03:da:85:4a:ee:91:a2:ec:00:69:d2:6c:82:e0:4c:42:b4:
92:39:f5:d5:e8:91:1f:8a:78:61:70:48:5f:96:02:70:c2:df:
a8:7a:aa:17:82:0e:30:48:2c:ce:1f:78:c1:1e:9d:36:91:0c:
3b:21:70:02:75:ec:ff:13:79:ce:8d:5b:75:54:c6:24:2c:7f:
6b:26:5e:13:b8:c5:a9:80:9b:63:85:af:42:10:6f:29:c5:66:
6b:d3:1c:00:95:6b:0f:dd:57:20:6c:dc:4b:86:8f:8b:9c:f2:
2b:46:49:1f:d5:85:af:75:78:e0:9f:31:75:65:ff:62:e0:6c:
31:18:1a:d9:df:0e:2c:1d:29:35:74:9d:aa:c2:4e:fd:ad:5a:
53:4e:42:75:84:71:8d:9c:8d:9f:b9:7f:ba:ea:22:01:a2:d5:
1a:a3:ba:6a:01:19:bd:26:45:2c:d6:44:b3:53:ca:1a:cf:e8:
d0:95:34:d4:cf:6b:b6:6e:19:c8:ef:b4:8d:91:8e:b0:31:a5:
7f:c6:6b:2c:db:0c:f4:f3:62:bc:93:43:55:a3:04:58:c0:86:
07:2e:15:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTfAE85vGIPQPoRX/o72o0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmQ4YjVjYmE3YzJkMmI4YWYwNDZlYjdmMzEwMTA1YWMw
YzA5YWMwHhcNMjUwMjA3MDYwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU4MjU2ZGQ4MTBjMGZkNmNlYmNjY2ZjNjkwNTQyOWUwYzdkNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRk5l8Cj0f/eEFuEaRfqJWvRxuu7
TMh/DxqmV/i+VUlF/U3NfcNRE4eXxK2N/PzaTBurbL+j/675QNwIasIUUYWRMB4h
NiChUtwG1sUcggf9xY8agNaKVqzHShGOMnyxGd/5zxnOABiluyhmQAGCxSoVgISF
5K/0l8VdMwiA04BDWBqJk2hy8VFpd7QMxAZo5sHrypPlXxZDEGUi45U4oB7efKgi
N+F5lVWp0+jWx0HOtKhiiVvbnwKVz+DL5BFGH2yB+pR5puOPMa/d1HHeMPJrzC7D
ag/o1Q/ihxbelSGFhcvRUsU4VlAohBvKHYCtLmNgUSsukCikqleQIEs+nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBroJW3YEMD9bOvMz8aQVCngx9RhMB8GA1UdIwQY
MBaAFOUti1y6fC0rivBG638xAQWsDAmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQt
YzBkMDYyYTc1MzU0LzEvR3VnbGJkZ1F3UDFzNjh6UHhwQlVLZURIMUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQtYzBkMDYyYTc1MzU0
LzEvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTv4MA0G
CSqGSIb3DQEBCwUAA4IBAQBHmWC3Q2xtG2eVHD+T58T4KO9ccGo12aGNIpfEab3R
leLG8qNvA9qFSu6RouwAadJsguBMQrSSOfXV6JEfinhhcEhflgJwwt+oeqoXgg4w
SCzOH3jBHp02kQw7IXACdez/E3nOjVt1VMYkLH9rJl4TuMWpgJtjha9CEG8pxWZr
0xwAlWsP3VcgbNxLho+LnPIrRkkf1YWvdXjgnzF1Zf9i4GwxGBrZ3w4sHSk1dJ2q
wk79rVpTTkJ1hHGNnI2fuX+66iIBotUao7pqARm9JkUs1kSzU8oaz+jQlTTUz2u2
bhnI77SNkY6wMaV/xmss2wz082K8k0NVowRYwIYHLhUe
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:37 2025 by rpki-client