Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/SQ8WO3hellEKsQ4Y9NCRSIjTvBQ.roa
File: SQ8WO3hellEKsQ4Y9NCRSIjTvBQ.roa (raw, json)
Hash identifier: BhoaWfa6WtuVRoo3cEi7UmyVvyoDyPTAAx6/lySfFlU=
Subject key identifier: 49:0F:16:3B:78:5E:96:51:0A:B1:0E:18:F4:D0:91:48:88:D3:BC:14
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0194228D844D6EDE1FC31792A06076D913B2
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/SQ8WO3hellEKsQ4Y9NCRSIjTvBQ.roa
Signing time: Wed 01 Jan 2025 15:48:07 +0000
ROA not before: Wed 01 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31679
IP address blocks: 84.16.32.0/19 maxlen: 19
185.165.36.0/22 maxlen: 24
212.55.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:84:4d:6e:de:1f:c3:17:92:a0:60:76:d9:13:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=490f163b785e96510ab10e18f4d0914888d3bc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:83:0e:95:76:52:50:31:8c:df:fa:13:15:9a:
f8:de:d7:ad:da:ca:fc:4e:6f:4c:c1:8f:66:c6:20:
c8:90:76:67:40:85:74:45:a0:17:6f:93:f4:07:21:
1d:75:1c:9c:50:f2:de:d5:41:3d:04:1c:be:0c:b3:
cd:9f:7e:7e:11:59:db:0e:79:5d:50:21:f1:25:d2:
d6:09:b0:86:d3:0a:7d:f4:aa:fd:58:05:f8:7d:38:
fb:5a:c8:ca:94:e1:58:8f:da:0a:ba:71:c3:50:0a:
aa:bc:14:35:50:b0:91:f0:81:9a:01:1d:03:0c:16:
8b:89:b5:6f:78:c3:73:84:5b:7e:e6:d0:63:ed:87:
7f:9f:80:bd:ce:8a:9a:66:02:94:e2:cd:3c:cf:37:
7b:d2:b8:69:ff:ae:31:5d:7b:63:de:c7:1b:3a:65:
16:71:41:ad:b9:8c:82:8e:39:7d:93:19:52:06:05:
5e:c2:d2:43:ba:5b:5f:e6:3b:05:f2:3e:cb:dc:76:
31:e1:02:4f:d2:a5:dc:13:d5:7a:aa:28:e6:1b:fd:
c7:74:a3:93:28:3c:26:26:3c:ce:32:7c:bd:2e:10:
6c:29:86:6b:98:ad:a7:2b:15:56:02:54:14:94:b1:
b1:c8:07:5a:d1:46:dc:71:08:99:d3:77:8f:fb:ea:
28:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0F:16:3B:78:5E:96:51:0A:B1:0E:18:F4:D0:91:48:88:D3:BC:14
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/SQ8WO3hellEKsQ4Y9NCRSIjTvBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.16.32.0/19
185.165.36.0/22
212.55.224.0/19
Signature Algorithm: sha256WithRSAEncryption
64:50:2e:52:f3:4c:db:1d:ed:5b:f8:78:f8:dd:4d:a2:b8:3b:
de:2e:fe:0f:a3:fc:fe:d8:e7:3e:c7:52:4e:72:12:1f:45:84:
c2:25:1b:55:80:fe:61:ca:3d:68:b2:68:af:2d:b9:cb:5e:cf:
4e:2b:2a:05:eb:9f:c9:73:5d:bb:10:5d:44:24:28:09:0e:9c:
a1:58:d0:72:99:34:1e:b2:98:53:33:5a:49:b1:f9:74:95:90:
80:94:c7:52:16:6e:e5:35:34:a0:01:fe:08:06:df:81:82:0d:
9d:d6:b1:5f:5e:c9:24:ac:55:82:ee:9b:49:30:5e:8d:ad:26:
af:4a:88:f5:de:e3:3e:75:77:97:78:bf:64:b6:46:41:b3:bc:
90:d0:41:89:e1:a0:9e:92:2e:18:87:e9:83:ae:d5:c3:a5:d3:
ec:35:8f:92:91:0d:c6:a2:4b:b1:b8:65:56:4c:08:2b:8f:32:
6c:4d:41:10:b2:38:e8:55:9b:35:77:38:a3:e7:bf:b7:3f:d1:
0b:61:fa:38:fc:98:7e:d0:39:5b:3d:8e:87:e3:3b:c7:27:50:
6a:a4:40:8e:f9:64:9a:ed:93:a7:93:1e:cb:b8:e1:a5:15:01:
c5:9a:1b:8f:88:52:8f:c6:47:14:34:a1:a3:26:6a:96:1c:7b:
c4:b6:2e:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijYRNbt4fwxeSoGB22ROyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjUwMTAxMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBmMTYzYjc4NWU5NjUxMGFiMTBlMThmNGQwOTE0ODg4ZDNiYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YMOlXZSUDGM3/oTFZr43tet2sr8
Tm9MwY9mxiDIkHZnQIV0RaAXb5P0ByEddRycUPLe1UE9BBy+DLPNn35+EVnbDnld
UCHxJdLWCbCG0wp99Kr9WAX4fTj7WsjKlOFYj9oKunHDUAqqvBQ1ULCR8IGaAR0D
DBaLibVveMNzhFt+5tBj7Yd/n4C9zoqaZgKU4s08zzd70rhp/64xXXtj3scbOmUW
cUGtuYyCjjl9kxlSBgVewtJDultf5jsF8j7L3HYx4QJP0qXcE9V6qijmG/3HdKOT
KDwmJjzOMny9LhBsKYZrmK2nKxVWAlQUlLGxyAda0UbccQiZ03eP++ooJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEkPFjt4XpZRCrEOGPTQkUiI07wUMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvU1E4V08zaGVsbEVLc1E0WTlOQ1JTSWpUdkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVBAgAwQC
uaUkAwQF1DfgMA0GCSqGSIb3DQEBCwUAA4IBAQBkUC5S80zbHe1b+Hj43U2iuDve
Lv4Po/z+2Oc+x1JOchIfRYTCJRtVgP5hyj1osmivLbnLXs9OKyoF65/Jc127EF1E
JCgJDpyhWNBymTQesphTM1pJsfl0lZCAlMdSFm7lNTSgAf4IBt+Bgg2d1rFfXskk
rFWC7ptJMF6NrSavSoj13uM+dXeXeL9ktkZBs7yQ0EGJ4aCeki4Yh+mDrtXDpdPs
NY+SkQ3GokuxuGVWTAgrjzJsTUEQsjjoVZs1dzij57+3P9ELYfo4/Jh+0DlbPY6H
4zvHJ1BqpECO+WSa7ZOnkx7LuOGlFQHFmhuPiFKPxkcUNKGjJmqWHHvEti7N
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:40 2025 by rpki-client