Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/1-Sq9N9tDpqPpCxfnJu3FOlWH6ZA.roa
File: 1-Sq9N9tDpqPpCxfnJu3FOlWH6ZA.roa (raw, json)
Hash identifier: Tpyvvdu3VZJ5oo8JL4qWFUonGAY9eL3r/UHvnFRq5cY=
Subject key identifier: F9:2A:BD:37:DB:43:A6:A3:E9:0B:17:E7:26:ED:C5:3A:55:87:E9:90
Certificate issuer: /CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Certificate serial: 019425221EDC025A2B284719F50D520D1E44
Authority key identifier: 49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/1-Sq9N9tDpqPpCxfnJu3FOlWH6ZA.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31726
IP address blocks: 185.117.192.0/22 maxlen: 22
2a06:8600::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:1e:dc:02:5a:2b:28:47:19:f5:0d:52:0d:1e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f92abd37db43a6a3e90b17e726edc53a5587e990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:07:0d:fd:72:1e:74:d8:48:9d:be:1e:81:
79:8d:69:45:fc:11:10:45:fc:e6:e9:c2:ea:ac:78:
03:18:aa:59:87:93:69:f6:ed:0e:56:a1:35:0f:49:
cf:64:58:1b:d3:e4:35:88:6a:e1:32:e8:fe:d3:8e:
b8:44:0d:20:f3:8c:77:60:41:f4:f0:ae:a4:8d:85:
68:49:ce:14:7f:fe:74:5b:b5:d4:6e:c0:f5:83:8e:
08:46:d8:aa:5f:3f:e8:64:07:17:c9:29:08:9b:e9:
ec:5d:b7:1a:bf:05:ce:6d:01:3f:b5:79:c4:ff:97:
1f:f5:72:a2:70:4a:c9:f0:22:a4:de:e8:64:78:fc:
4c:8f:3f:61:5a:fa:10:f2:b2:04:55:82:fa:b5:33:
b3:64:05:b4:2e:87:c8:61:64:a0:f0:bf:d9:d5:96:
bd:ed:54:b2:82:8d:b8:44:22:a5:4d:bf:a1:7e:5c:
77:d3:6b:93:85:c4:bf:f9:3e:7a:67:df:ad:fd:3d:
49:91:66:8b:64:b3:b7:92:3c:3e:9a:98:02:3d:db:
b0:40:8c:4c:3a:b0:5f:17:ca:36:19:c0:81:ff:44:
5b:17:f8:e4:a4:b8:3b:b0:d3:ec:02:c3:a1:16:cf:
41:ff:bd:57:83:87:b6:5d:71:8c:6e:d4:de:33:5b:
19:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2A:BD:37:DB:43:A6:A3:E9:0B:17:E7:26:ED:C5:3A:55:87:E9:90
X509v3 Authority Key Identifier:
keyid:49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/1-Sq9N9tDpqPpCxfnJu3FOlWH6ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/SdhmPTuWngJTom1UJb7hxdRDs2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.192.0/22
IPv6:
2a06:8600::/29
Signature Algorithm: sha256WithRSAEncryption
93:b7:08:71:7d:0f:7d:55:bd:5f:b1:a2:a9:16:7a:56:b4:97:
ef:b9:4c:2c:45:ce:bd:37:30:da:e0:eb:aa:42:18:40:a1:8e:
d4:cf:61:cb:0f:51:d0:be:1d:a0:26:21:42:7a:70:67:7b:cf:
10:c8:ab:65:05:cb:58:a8:77:70:af:4e:8d:85:51:ed:0b:95:
08:17:4b:84:f3:4f:a9:af:71:97:3b:e2:77:85:f4:2f:0f:fa:
a8:3a:8e:6a:1e:e9:f7:32:27:99:1f:90:8d:77:32:d5:5f:a9:
51:de:d4:e9:b8:fc:40:c6:ee:6e:b1:6d:2e:04:ab:5f:38:3e:
76:0f:c2:1a:37:31:b2:38:1f:04:f3:53:dc:4e:bf:28:00:02:
59:0e:51:f1:71:98:1c:d0:09:de:40:3c:72:0a:a3:2d:bf:f2:
ed:94:60:cb:20:07:e5:49:38:87:34:7d:11:8e:fd:42:73:95:
74:4a:5b:fb:73:1d:25:a3:b3:7e:1a:37:e9:49:61:9c:3d:a6:
8f:c9:b0:a2:19:5d:e8:e0:ab:7a:51:e9:a1:95:90:85:9d:b7:
ef:ab:8c:ea:d9:e2:41:de:58:66:4c:b1:b2:af:ca:3c:d6:61:
79:41:c9:9f:5c:69:8d:ba:59:ea:c4:9f:eb:b8:38:fa:9c:18:
7c:4f:90:3b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQlIh7cAlorKEcZ9Q1SDR5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDg2NjNkM2I5NjllMDI1M2EyNmQ1NDI1YmVlMWM1ZDQ0
M2IzNjEwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTJhYmQzN2RiNDNhNmEzZTkwYjE3ZTcyNmVkYzUzYTU1ODdlOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNcHDf1yHnTYSJ2+HoF5jWlF/BEQ
Rfzm6cLqrHgDGKpZh5Np9u0OVqE1D0nPZFgb0+Q1iGrhMuj+0464RA0g84x3YEH0
8K6kjYVoSc4Uf/50W7XUbsD1g44IRtiqXz/oZAcXySkIm+nsXbcavwXObQE/tXnE
/5cf9XKicErJ8CKk3uhkePxMjz9hWvoQ8rIEVYL6tTOzZAW0LofIYWSg8L/Z1Za9
7VSygo24RCKlTb+hflx302uThcS/+T56Z9+t/T1JkWaLZLO3kjw+mpgCPduwQIxM
OrBfF8o2GcCB/0RbF/jkpLg7sNPsAsOhFs9B/71Xg4e2XXGMbtTeM1sZrQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPkqvTfbQ6aj6QsX5ybtxTpVh+mQMB8GA1UdIwQY
MBaAFEnYZj07lp4CU6JtVCW+4cXUQ7NhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RobVBUdVduZ0pUb20xVUpiN2h4ZFJEczJFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNWQwMGQtNjI2Ni00NmVhLWJjOGMt
NDE4MmJlZGI5OGExLzEvMS1TcTlOOXREcHFQcEN4Zm5KdTNGT2xXSDZaQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvYTVkMDBkLTYyNjYtNDZlYS1iYzhjLTQxODJiZWRiOThh
MS8xL1NkaG1QVHVXbmdKVG9tMVVKYjdoeGRSRHMyRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl1wDAN
BAIAAjAHAwUDKgaGADANBgkqhkiG9w0BAQsFAAOCAQEAk7cIcX0PfVW9X7GiqRZ6
VrSX77lMLEXOvTcw2uDrqkIYQKGO1M9hyw9R0L4doCYhQnpwZ3vPEMirZQXLWKh3
cK9OjYVR7QuVCBdLhPNPqa9xlzvid4X0Lw/6qDqOah7p9zInmR+QjXcy1V+pUd7U
6bj8QMbubrFtLgSrXzg+dg/CGjcxsjgfBPNT3E6/KAACWQ5R8XGYHNAJ3kA8cgqj
Lb/y7ZRgyyAH5Uk4hzR9EY79QnOVdEpb+3MdJaOzfho36UlhnD2mj8mwohld6OCr
elHpoZWQhZ2376uM6tniQd5YZkyxsq/KPNZheUHJn1xpjbpZ6sSf67g4+pwYfE+Q
Ow==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:14 2025 by rpki-client