Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QEhcrK1XOqK6HwjW1XTv9rjAnaQ.roa
File: QEhcrK1XOqK6HwjW1XTv9rjAnaQ.roa (raw, json)
Hash identifier: DADtknnyv+2xjIA7x+GaoPuoxo/A5eWaXKT/ySgtZ0E=
Subject key identifier: 40:48:5C:AC:AD:57:3A:A2:BA:1F:08:D6:D5:74:EF:F6:B8:C0:9D:A4
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D72B2E46E28B3418CD389D6AFCE828
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QEhcrK1XOqK6HwjW1XTv9rjAnaQ.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211641
IP address blocks: 185.109.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2b:2e:46:e2:8b:34:18:cd:38:9d:6a:fc:e8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40485cacad573aa2ba1f08d6d574eff6b8c09da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:ce:b0:60:a6:ec:d7:e4:2f:f2:35:53:7f:
87:65:84:e1:85:9e:94:6b:ac:b7:19:7c:ba:d5:14:
2c:7c:07:0a:3e:47:d8:f8:d9:d4:d5:b5:e6:57:67:
9b:36:4d:ac:24:7d:f0:8c:01:c5:a9:99:d1:80:f5:
54:93:85:5f:f2:1a:6c:d0:49:13:19:f3:06:95:01:
e1:7f:12:4c:fc:e1:fc:77:d3:c8:7e:17:59:05:24:
87:07:be:e1:5f:7e:7b:42:7f:7c:19:57:40:40:a4:
3b:04:49:25:c1:b9:23:40:c2:1e:34:a4:79:15:dd:
fc:ff:86:b3:88:bb:4c:08:2b:30:4d:fd:88:8c:80:
3c:80:e8:e9:a1:58:29:b8:37:7e:1a:1e:da:b0:ba:
de:93:1b:ee:c1:ae:78:e2:b8:4e:de:24:7f:0e:b5:
e3:0b:c6:b5:99:22:f4:bd:ff:dc:5f:3f:6d:36:3a:
b3:74:3f:59:bc:bf:a8:03:fc:56:46:de:6b:74:9f:
0f:89:f3:b0:66:f9:24:65:d1:fc:3f:7b:a4:96:41:
22:4d:a7:59:3e:37:8b:60:5f:66:1d:f9:f8:bc:6e:
0c:4e:08:2c:00:25:c3:34:63:31:fc:01:c8:80:c8:
cb:b2:3a:3f:0c:fe:c8:07:7b:a0:0b:fb:91:cb:6c:
9a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:48:5C:AC:AD:57:3A:A2:BA:1F:08:D6:D5:74:EF:F6:B8:C0:9D:A4
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QEhcrK1XOqK6HwjW1XTv9rjAnaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:39:88:f1:7a:0b:4f:fb:e0:14:15:4a:69:ce:ce:09:96:4c:
7c:e0:4c:a8:aa:c6:19:ea:1a:b7:2f:dc:92:51:5f:61:39:4c:
32:22:29:d6:8c:fe:2c:f2:44:f7:bb:8e:ad:0e:f7:2f:60:35:
f6:35:44:d7:71:0f:59:f3:dc:d1:5d:d3:2e:5c:79:f9:14:6d:
32:1f:8e:dc:25:e6:4a:be:07:3f:db:9f:a2:12:b1:f4:2e:2d:
db:15:60:c4:ae:fe:76:11:65:53:14:05:d4:3b:58:af:29:80:
b4:1c:e9:b0:38:45:43:fe:96:2e:2d:be:75:68:f3:6f:29:48:
9a:b5:96:e5:dc:bc:3a:ff:29:cd:d8:16:8f:e5:e9:dd:e3:65:
6c:c4:a1:bb:40:5e:b6:a2:07:67:52:39:12:21:37:be:65:f4:
9a:18:e7:eb:c2:94:69:55:0b:7d:05:a2:22:ec:f4:b2:89:4a:
6a:d4:ac:6e:23:7c:1c:ca:a4:f0:04:4a:f5:b3:6d:24:8c:cd:
74:45:25:27:85:9e:2b:da:38:4b:83:aa:42:c3:4f:d9:ef:81:
f4:9e:26:0d:53:54:b0:a0:cd:af:f4:60:af:12:3c:ae:69:38:
57:1d:56:75:ac:39:44:88:c8:96:d4:e1:27:99:1b:77:5d:49:
e8:91:9a:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1ysuRuKLNBjNOJ1q/OgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQ4NWNhY2FkNTczYWEyYmExZjA4ZDZkNTc0ZWZmNmI4YzA5ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4TOsGCm7NfkL/I1U3+HZYThhZ6U
a6y3GXy61RQsfAcKPkfY+NnU1bXmV2ebNk2sJH3wjAHFqZnRgPVUk4Vf8hps0EkT
GfMGlQHhfxJM/OH8d9PIfhdZBSSHB77hX357Qn98GVdAQKQ7BEklwbkjQMIeNKR5
Fd38/4aziLtMCCswTf2IjIA8gOjpoVgpuDd+Gh7asLrekxvuwa544rhO3iR/DrXj
C8a1mSL0vf/cXz9tNjqzdD9ZvL+oA/xWRt5rdJ8PifOwZvkkZdH8P3uklkEiTadZ
PjeLYF9mHfn4vG4MTggsACXDNGMx/AHIgMjLsjo/DP7IB3ugC/uRy2yadwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBIXKytVzqiuh8I1tV07/a4wJ2kMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUUVoY3JLMVhPcUs2SHdqVzFYVHY5cmpBbmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW0UMA0G
CSqGSIb3DQEBCwUAA4IBAQC0OYjxegtP++AUFUppzs4Jlkx84EyoqsYZ6hq3L9yS
UV9hOUwyIinWjP4s8kT3u46tDvcvYDX2NUTXcQ9Z89zRXdMuXHn5FG0yH47cJeZK
vgc/25+iErH0Li3bFWDErv52EWVTFAXUO1ivKYC0HOmwOEVD/pYuLb51aPNvKUia
tZbl3Lw6/ynN2BaP5end42VsxKG7QF62ogdnUjkSITe+ZfSaGOfrwpRpVQt9BaIi
7PSyiUpq1KxuI3wcyqTwBEr1s20kjM10RSUnhZ4r2jhLg6pCw0/Z74H0niYNU1Sw
oM2v9GCvEjyuaThXHVZ1rDlEiMiW1OEnmRt3XUnokZqM
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:46:53 2025 by rpki-client