Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qKIvQ-wWH7-Szbncc4xpxMsg2ac.roa
File: qKIvQ-wWH7-Szbncc4xpxMsg2ac.roa (raw, json)
Hash identifier: jyK6dDN51SPvSZhs8tWa5o4gwhcJ04DqhMLKGPs8DbQ=
Subject key identifier: A8:A2:2F:43:EC:16:1F:BF:92:CD:B9:DC:73:8C:69:C4:CB:20:D9:A7
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A519932069DE5A6198021989DF941
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qKIvQ-wWH7-Szbncc4xpxMsg2ac.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209859
IP address blocks: 45.10.0.0/24 maxlen: 32
195.85.10.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:51:99:32:06:9d:e5:a6:19:80:21:98:9d:f9:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a22f43ec161fbf92cdb9dc738c69c4cb20d9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:86:eb:91:44:10:4d:68:cf:ee:40:4f:b6:69:
a1:7c:87:61:bd:50:38:f4:9c:85:23:64:63:f1:ee:
31:d6:5c:0c:a5:dd:65:66:13:d3:5d:33:fc:26:0e:
58:6b:9c:bc:32:d7:5b:b2:4d:f8:85:5a:54:05:02:
9d:bb:8e:0e:a9:a9:04:83:e7:73:47:cd:95:fa:c9:
27:93:c0:19:7c:67:25:fe:e8:dd:f9:ae:2d:55:29:
e1:62:df:d9:37:f3:db:1b:fc:8a:a5:3c:31:09:46:
d9:19:60:f6:63:ab:ca:42:55:bf:b4:00:75:99:23:
99:6f:b5:4c:d7:de:6d:9c:d1:95:01:4a:27:93:0f:
d5:8c:69:6b:9d:d8:d8:08:9d:08:8d:41:79:f5:ac:
65:a5:7f:db:9d:55:2a:c2:b0:81:6a:a3:23:93:8b:
e5:1a:14:c7:66:f8:65:d7:4c:ce:bb:03:fe:d0:af:
a4:68:9d:02:f3:67:2c:e1:58:44:db:e5:47:fa:26:
27:5d:dd:96:f3:e8:1b:0d:8d:9c:dc:be:87:fe:ec:
5e:46:0d:07:de:2d:aa:3b:d3:ba:35:51:a8:a1:e1:
c9:6f:f5:6e:90:40:8f:8a:ca:78:47:8c:7b:07:07:
3f:d1:0e:9c:91:de:49:74:c2:48:01:c2:20:cc:15:
d5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A2:2F:43:EC:16:1F:BF:92:CD:B9:DC:73:8C:69:C4:CB:20:D9:A7
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/qKIvQ-wWH7-Szbncc4xpxMsg2ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.0.0/24
195.85.10.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:76:99:6a:9b:8c:6f:77:70:ba:f0:06:13:1d:ee:ce:d8:16:
03:36:4b:83:80:13:26:31:43:16:bc:b4:b4:a3:d6:5f:39:b0:
2a:09:54:e8:93:03:f2:77:93:62:08:73:04:85:20:44:e1:8a:
65:8c:f4:40:0e:0b:98:e6:1c:d5:ff:62:f7:a7:85:62:d3:4b:
c4:27:0b:1c:cf:77:85:8b:2a:e7:2d:85:84:86:e7:83:0e:67:
92:9b:47:2c:8f:37:cb:a8:7f:2c:e6:c3:a6:01:14:b0:24:a9:
19:0c:23:96:a4:dd:cc:0d:93:46:5d:a5:21:d2:a2:1a:09:8e:
ce:7b:45:68:7b:73:56:b7:17:88:6c:a1:90:f0:6d:fc:7f:84:
d3:8e:aa:7e:7a:0d:e2:0b:27:84:d7:5e:75:38:82:8c:fe:69:
30:82:4b:12:7a:d0:ab:f0:53:bf:01:8e:6f:bc:6c:89:e6:06:
4c:26:52:a0:03:03:ec:4c:85:bb:94:02:f7:d2:52:11:43:c6:
df:82:a4:16:38:2c:2c:58:b6:6e:5c:a4:b7:88:14:dc:e0:21:
a8:29:9c:bc:ce:2f:69:22:04:30:e5:c1:32:20:29:7c:87:a7:
bf:44:80:ae:6a:9e:cf:bb:87:3f:77:ae:b6:c4:7e:c6:ff:40:
68:bc:1a:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjalGZMgad5aYZgCGYnflBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEyMmY0M2VjMTYxZmJmOTJjZGI5ZGM3MzhjNjljNGNiMjBkOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IbrkUQQTWjP7kBPtmmhfIdhvVA4
9JyFI2Rj8e4x1lwMpd1lZhPTXTP8Jg5Ya5y8Mtdbsk34hVpUBQKdu44OqakEg+dz
R82V+sknk8AZfGcl/ujd+a4tVSnhYt/ZN/PbG/yKpTwxCUbZGWD2Y6vKQlW/tAB1
mSOZb7VM195tnNGVAUonkw/VjGlrndjYCJ0IjUF59axlpX/bnVUqwrCBaqMjk4vl
GhTHZvhl10zOuwP+0K+kaJ0C82cs4VhE2+VH+iYnXd2W8+gbDY2c3L6H/uxeRg0H
3i2qO9O6NVGooeHJb/VukECPisp4R4x7Bwc/0Q6ckd5JdMJIAcIgzBXVKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKiiL0PsFh+/ks253HOMacTLINmnMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvcUtJdlEtd1dINy1TemJuY2M0eHB4TXNnMmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQoAAwQB
w1UKMA0GCSqGSIb3DQEBCwUAA4IBAQC0dplqm4xvd3C68AYTHe7O2BYDNkuDgBMm
MUMWvLS0o9ZfObAqCVTokwPyd5NiCHMEhSBE4YpljPRADguY5hzV/2L3p4Vi00vE
Jwscz3eFiyrnLYWEhueDDmeSm0csjzfLqH8s5sOmARSwJKkZDCOWpN3MDZNGXaUh
0qIaCY7Oe0Voe3NWtxeIbKGQ8G38f4TTjqp+eg3iCyeE1151OIKM/mkwgksSetCr
8FO/AY5vvGyJ5gZMJlKgAwPsTIW7lAL30lIRQ8bfgqQWOCwsWLZuXKS3iBTc4CGo
KZy8zi9pIgQw5cEyICl8h6e/RICuap7Pu4c/d662xH7G/0BovBrV
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:33:14 2025 by rpki-client