Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/q2GHYUm5i3WhdcmmiHRV7dHQc3c.roa
File: q2GHYUm5i3WhdcmmiHRV7dHQc3c.roa (raw, json)
Hash identifier: LL/KUGJFOPET+WFhYf5RZ0NrlCKJmdTDtHdJCTBDBnI=
Subject key identifier: AB:61:87:61:49:B9:8B:75:A1:75:C9:A6:88:74:55:ED:D1:D0:73:77
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 019423690C1CE81B955337DED6A291CEB2F9
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/q2GHYUm5i3WhdcmmiHRV7dHQc3c.roa
Signing time: Wed 01 Jan 2025 19:47:54 +0000
ROA not before: Wed 01 Jan 2025 19:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203960
IP address blocks: 185.69.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:0c:1c:e8:1b:95:53:37:de:d6:a2:91:ce:b2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: Jan 1 19:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab61876149b98b75a175c9a6887455edd1d07377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:52:a2:df:75:54:68:70:48:d5:e4:e2:54:
fa:97:3b:c6:2f:1f:cc:2c:98:37:ef:20:2a:1c:7c:
8b:e2:d6:c5:c6:db:13:6a:95:9f:a7:22:9a:0c:7d:
f6:cb:0f:fe:b7:48:64:cc:78:78:6e:f4:76:d1:93:
0d:d8:23:3e:ea:b8:ce:ce:2d:00:e5:d6:9d:5b:b9:
90:eb:cd:9f:84:29:85:3f:aa:1e:3d:1c:d0:ce:f4:
d5:6f:6d:5e:cd:be:2f:8e:46:f7:5f:15:9a:0c:52:
a3:3d:71:f3:2b:32:d8:d2:1a:f2:89:73:2b:1a:62:
d6:60:f9:21:e0:0a:30:ab:70:05:ca:8c:0b:f7:fc:
58:c7:f4:9b:be:fb:a1:51:aa:0b:aa:95:82:98:f4:
95:3f:50:21:de:46:41:66:e9:bf:35:37:5e:b4:24:
55:68:6d:f8:a5:ab:18:30:d9:d6:dc:db:b6:0a:4d:
18:b4:05:28:39:07:76:c2:80:a4:26:ac:4b:a1:07:
ee:5d:f3:cf:16:56:06:e9:33:85:1c:c5:6c:84:0f:
c0:3e:98:93:58:c1:d4:ec:6d:ea:0f:fc:7d:97:0f:
39:de:db:8e:c5:ca:73:f6:f7:67:fc:ba:db:9f:e7:
bc:d4:ab:ce:f0:0a:10:55:22:31:92:0b:e0:48:85:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:61:87:61:49:B9:8B:75:A1:75:C9:A6:88:74:55:ED:D1:D0:73:77
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/q2GHYUm5i3WhdcmmiHRV7dHQc3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.241.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:72:b4:60:b3:d7:5a:4c:58:96:88:02:ec:8a:39:c6:f6:be:
13:2a:7c:f2:4a:89:b4:8a:df:fa:ba:cd:b8:33:4a:86:36:31:
b3:ba:96:dc:e7:75:c2:f8:66:e1:9c:1a:53:b8:c3:8a:3f:ac:
d0:07:da:cb:92:4c:87:68:b2:42:9d:ab:61:b0:c7:b9:53:3e:
1d:7c:86:a8:ec:de:c7:9d:d7:f0:ac:df:bc:02:fc:8f:7f:5c:
3a:31:54:c1:05:0c:43:d3:b4:18:01:c6:a8:f4:c5:4d:ce:17:
20:bf:4f:06:a7:ae:ab:53:83:2d:3f:ee:da:58:c6:6f:6c:5a:
79:7d:c4:8f:1d:ea:88:2f:3e:a2:d9:6e:a0:72:3b:18:d8:00:
a3:5a:7a:f2:67:dd:80:07:b1:5d:08:3b:87:35:68:ce:44:65:
5a:c9:91:3c:dd:37:b2:88:35:4d:c1:7b:2a:c3:fe:27:b2:0d:
a2:21:fb:5d:61:9f:68:ae:56:5f:57:2a:30:c3:b6:2a:2c:40:
4b:46:ec:0c:d0:a3:c4:b0:d5:3a:23:42:da:2c:36:7e:21:40:
56:b8:7c:6f:95:f0:c2:c7:44:1c:da:11:c3:d1:10:1a:80:50:
6d:07:7f:ea:d8:52:68:10:2c:a4:1d:ec:9a:d5:95:f8:1e:f5:
56:40:2a:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaQwc6BuVUzfe1qKRzrL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjUwMTAxMTk0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjYxODc2MTQ5Yjk4Yjc1YTE3NWM5YTY4ODc0NTVlZGQxZDA3Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPZSot91VGhwSNXk4lT6lzvGLx/M
LJg37yAqHHyL4tbFxtsTapWfpyKaDH32yw/+t0hkzHh4bvR20ZMN2CM+6rjOzi0A
5dadW7mQ682fhCmFP6oePRzQzvTVb21ezb4vjkb3XxWaDFKjPXHzKzLY0hryiXMr
GmLWYPkh4Aowq3AFyowL9/xYx/SbvvuhUaoLqpWCmPSVP1Ah3kZBZum/NTdetCRV
aG34pasYMNnW3Nu2Ck0YtAUoOQd2woCkJqxLoQfuXfPPFlYG6TOFHMVshA/APpiT
WMHU7G3qD/x9lw853tuOxcpz9vdn/Lrbn+e81KvO8AoQVSIxkgvgSIW6eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKthh2FJuYt1oXXJpoh0Ve3R0HN3MB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvcTJHSFlVbTVpM1doZGNtbWlIUlY3ZEhRYzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUXxMA0G
CSqGSIb3DQEBCwUAA4IBAQBbcrRgs9daTFiWiALsijnG9r4TKnzySom0it/6us24
M0qGNjGzupbc53XC+GbhnBpTuMOKP6zQB9rLkkyHaLJCnathsMe5Uz4dfIao7N7H
ndfwrN+8AvyPf1w6MVTBBQxD07QYAcao9MVNzhcgv08Gp66rU4MtP+7aWMZvbFp5
fcSPHeqILz6i2W6gcjsY2ACjWnryZ92AB7FdCDuHNWjORGVayZE83TeyiDVNwXsq
w/4nsg2iIftdYZ9orlZfVyoww7YqLEBLRuwM0KPEsNU6I0LaLDZ+IUBWuHxvlfDC
x0Qc2hHD0RAagFBtB3/q2FJoECykHeya1ZX4HvVWQCr1
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:09:11 2025 by rpki-client