Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qXJMsidJ81j9tR3h2UK1FDbmVxg.roa
File: qXJMsidJ81j9tR3h2UK1FDbmVxg.roa (raw, json)
Hash identifier: HLh56C+v712lFsjl7b6ehYsyReTygh+t6WH5+oMMUUc=
Subject key identifier: A9:72:4C:B2:27:49:F3:58:FD:B5:1D:E1:D9:42:B5:14:36:E6:57:18
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0194266BD8AD15E2544C4A531DBC0306AA6F
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qXJMsidJ81j9tR3h2UK1FDbmVxg.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12849
IP address blocks: 185.131.144.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
194.88.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d8:ad:15:e2:54:4c:4a:53:1d:bc:03:06:aa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9724cb22749f358fdb51de1d942b51436e65718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:99:c3:8a:b0:2b:eb:f6:65:f1:40:a8:aa:fd:
6b:ca:14:ab:b9:33:88:56:d6:d6:7f:bb:0a:f3:dd:
2b:df:62:a6:b9:20:4a:2b:3d:19:ca:60:02:8a:47:
83:8f:db:5b:a9:5c:5a:fb:ff:0a:9c:27:a1:8c:bb:
0c:d8:cf:4c:59:77:a0:8e:a9:ec:e6:35:8e:1e:28:
14:87:67:7c:68:25:37:e5:29:b9:89:ea:6d:95:29:
23:4b:5a:bc:90:73:9a:34:b3:6e:54:82:18:4f:6b:
78:3c:67:c0:0c:9e:e0:a9:12:6f:09:49:c1:bf:99:
3c:cd:1b:b1:29:cd:41:22:dd:41:77:b3:cb:46:41:
e1:c7:7e:3b:25:3c:82:9c:e5:27:91:87:85:ff:83:
c4:73:7e:a7:ad:df:64:b8:ac:fe:4c:bf:01:da:f0:
d9:4c:5f:7c:9a:77:16:82:f1:8f:15:f6:a2:ad:55:
f7:c4:15:eb:9e:d2:db:b9:ad:1f:06:2c:a0:bc:fc:
ff:28:ce:2c:f8:a5:d9:93:46:1f:14:88:eb:d6:86:
b0:7e:5d:a3:29:45:3f:82:d7:fd:f6:5d:19:fe:d0:
aa:70:4a:83:fc:5c:a8:f6:df:92:57:42:81:4c:47:
f5:37:d6:f1:98:f7:42:5e:ed:6d:05:c6:e2:8a:70:
13:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:72:4C:B2:27:49:F3:58:FD:B5:1D:E1:D9:42:B5:14:36:E6:57:18
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qXJMsidJ81j9tR3h2UK1FDbmVxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
62:3e:92:f0:5f:82:71:b5:91:f8:2c:df:e7:ab:a0:84:49:f7:
ef:c8:01:a1:a5:05:af:82:a5:88:28:f6:12:6f:27:54:a1:b8:
34:22:45:84:0e:7f:8c:84:2b:ae:50:2e:df:a8:72:78:e1:01:
e9:9b:85:80:c9:cd:59:1b:e6:15:de:7c:74:86:05:c0:51:06:
25:37:ab:fe:77:78:e9:4c:48:83:05:a6:de:bb:58:03:71:5c:
34:51:26:87:e7:83:a0:bd:a3:a8:4a:3f:ec:f9:c0:ed:2d:d0:
58:2e:1a:bd:4f:e9:58:aa:2d:79:3a:eb:7d:c6:51:1a:dc:5d:
5a:03:7f:a2:0b:3c:1e:c7:66:ef:21:4e:e8:78:64:f7:91:a8:
38:65:fa:ec:12:f7:e4:43:c2:42:46:10:f7:ce:da:cc:94:7a:
57:86:c3:2f:49:05:e9:b5:d7:66:8a:45:7f:16:1c:0e:b3:b7:
db:c4:33:ca:1b:7c:df:c1:47:f3:5b:7b:42:97:3c:28:92:13:
38:be:49:20:26:5d:4e:5f:ca:8c:61:a7:72:91:7b:0a:51:1c:
bf:63:dd:e6:61:18:9b:80:6e:8d:65:42:25:8c:2d:81:3f:9e:
28:a3:79:81:cc:ae:e6:a2:62:b7:c3:1a:a1:cc:fd:8d:33:53:
30:ca:55:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma9itFeJUTEpTHbwDBqpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTcyNGNiMjI3NDlmMzU4ZmRiNTFkZTFkOTQyYjUxNDM2ZTY1NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5nDirAr6/Zl8UCoqv1ryhSruTOI
VtbWf7sK890r32KmuSBKKz0ZymACikeDj9tbqVxa+/8KnCehjLsM2M9MWXegjqns
5jWOHigUh2d8aCU35Sm5ieptlSkjS1q8kHOaNLNuVIIYT2t4PGfADJ7gqRJvCUnB
v5k8zRuxKc1BIt1Bd7PLRkHhx347JTyCnOUnkYeF/4PEc36nrd9kuKz+TL8B2vDZ
TF98mncWgvGPFfairVX3xBXrntLbua0fBiygvPz/KM4s+KXZk0YfFIjr1oawfl2j
KUU/gtf99l0Z/tCqcEqD/Fyo9t+SV0KBTEf1N9bxmPdCXu1tBcbiinATHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKlyTLInSfNY/bUd4dlCtRQ25lcYMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvcVhKTXNpZEo4MWo5dFIzaDJVSzFGRGJtVnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQBiPpLwX4JxtZH4LN/nq6CESffvyAGhpQWv
gqWIKPYSbydUobg0IkWEDn+MhCuuUC7fqHJ44QHpm4WAyc1ZG+YV3nx0hgXAUQYl
N6v+d3jpTEiDBabeu1gDcVw0USaH54OgvaOoSj/s+cDtLdBYLhq9T+lYqi15Out9
xlEa3F1aA3+iCzwex2bvIU7oeGT3kag4ZfrsEvfkQ8JCRhD3ztrMlHpXhsMvSQXp
tddmikV/FhwOs7fbxDPKG3zfwUfzW3tClzwokhM4vkkgJl1OX8qMYadykXsKURy/
Y93mYRibgG6NZUIljC2BP54oo3mBzK7momK3wxqhzP2NM1MwylXy
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:16:45 2025 by rpki-client