Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/0qMVRghLmSWdSNAhWBOt8uMlDGs.roa
File: 0qMVRghLmSWdSNAhWBOt8uMlDGs.roa (raw, json)
Hash identifier: kOLfFL2EFwiaYaCo8C+GmQcPeyIeF+5TOTsfcPc2OmI=
Subject key identifier: D2:A3:15:46:08:4B:99:25:9D:48:D0:21:58:13:AD:F2:E3:25:0C:6B
Certificate issuer: /CN=9a5f0d912b5e747ae568d808a04029b4ebc66e47
Certificate serial: 019423D6C81B47EB088FEDD61A60E47613A4
Authority key identifier: 9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ml8NkStedHrlaNgIoEAptOvGbkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/0qMVRghLmSWdSNAhWBOt8uMlDGs.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12637
IP address blocks: 176.56.128.0/21 maxlen: 24
185.228.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c8:1b:47:eb:08:8f:ed:d6:1a:60:e4:76:13:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5f0d912b5e747ae568d808a04029b4ebc66e47
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2a31546084b99259d48d0215813adf2e3250c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d6:b3:cf:f7:27:6f:49:ad:71:96:89:b5:c5:
1f:3d:32:2d:d9:d9:2b:1b:e3:99:39:73:fa:1e:2d:
3e:73:a4:a6:7d:35:f6:44:21:b9:12:62:69:41:65:
19:82:c1:ce:a1:fb:c9:4a:bd:f3:5c:5c:e9:ac:85:
5c:c9:e1:2e:4e:db:58:59:a6:8e:fb:d1:17:86:36:
52:98:6b:01:8a:70:4e:02:5c:27:46:f8:ba:be:f8:
06:f8:3f:20:00:a2:92:55:2a:8e:48:fa:4f:9a:2c:
bd:1e:33:0a:72:9e:9a:91:57:f4:96:34:8a:41:5f:
5f:ef:fb:8d:d0:be:b7:be:9d:15:6d:33:8f:45:2f:
eb:86:26:52:92:b9:3e:d8:aa:d7:92:6e:51:f0:60:
8d:09:56:01:3d:4a:59:8b:97:92:66:b9:d7:ce:c1:
b0:b7:8c:14:2d:f5:ce:2c:bc:ec:c6:c4:c8:92:c8:
8c:a4:57:63:dc:f2:93:c7:2c:e4:b5:d7:7b:91:14:
38:bf:44:0b:1b:cc:c8:d7:ba:e2:2e:66:9d:d0:82:
7c:3e:de:a0:9c:1d:fb:bd:e0:e0:bd:be:3a:94:05:
53:67:30:df:42:44:43:c1:31:3b:2f:81:59:e1:e5:
78:1a:d3:00:dd:65:aa:44:66:e0:30:9a:87:81:64:
8f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A3:15:46:08:4B:99:25:9D:48:D0:21:58:13:AD:F2:E3:25:0C:6B
X509v3 Authority Key Identifier:
keyid:9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ml8NkStedHrlaNgIoEAptOvGbkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/0qMVRghLmSWdSNAhWBOt8uMlDGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/ml8NkStedHrlaNgIoEAptOvGbkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.128.0/21
185.228.250.0/24
Signature Algorithm: sha256WithRSAEncryption
15:44:cd:ea:dc:cd:6c:9c:33:7d:99:9e:1a:0b:d5:2a:e4:f4:
18:ed:9f:3a:a5:ec:7a:59:3b:f2:bb:dd:b2:07:a7:3a:87:1a:
16:6d:b2:4f:a9:91:64:2a:02:60:ed:96:51:9a:7d:34:af:fd:
46:a7:c3:8b:7b:b5:c0:80:83:29:36:58:33:bd:ff:41:7e:6f:
27:0d:bb:0c:fa:23:74:9b:27:57:1d:ff:db:6f:86:94:87:01:
a8:45:78:c2:70:9f:dc:59:22:bf:dd:4a:4d:1a:21:f8:c4:12:
f3:88:aa:ac:3e:62:1a:fc:da:03:4e:4b:27:20:c1:e7:6c:ae:
3e:22:04:8d:c0:d8:73:f1:e6:65:a4:0d:ca:54:29:2a:78:96:
1c:64:0a:97:08:78:af:ea:87:bb:27:ea:83:ae:fa:b6:a9:fb:
8a:dc:8a:f8:99:fd:e6:d8:23:2f:6b:27:41:12:c6:61:ff:54:
3c:fa:77:d1:6e:da:41:cd:f9:04:af:39:f7:ce:27:1f:56:76:
b0:d5:95:ff:c6:d1:74:c8:a4:e5:a5:4c:be:e4:3b:40:ce:49:
9a:2a:91:56:01:a9:2d:14:4f:e0:ad:c9:6a:de:77:b7:2a:6a:
d4:de:73:e4:d4:d6:95:9c:d4:27:97:19:b9:51:a8:be:17:77:
f4:d8:fe:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1sgbR+sIj+3WGmDkdhOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNWYwZDkxMmI1ZTc0N2FlNTY4ZDgwOGEwNDAyOWI0ZWJj
NjZlNDcwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEzMTU0NjA4NGI5OTI1OWQ0OGQwMjE1ODEzYWRmMmUzMjUwYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tazz/cnb0mtcZaJtcUfPTIt2dkr
G+OZOXP6Hi0+c6SmfTX2RCG5EmJpQWUZgsHOofvJSr3zXFzprIVcyeEuTttYWaaO
+9EXhjZSmGsBinBOAlwnRvi6vvgG+D8gAKKSVSqOSPpPmiy9HjMKcp6akVf0ljSK
QV9f7/uN0L63vp0VbTOPRS/rhiZSkrk+2KrXkm5R8GCNCVYBPUpZi5eSZrnXzsGw
t4wULfXOLLzsxsTIksiMpFdj3PKTxyzktdd7kRQ4v0QLG8zI17riLmad0IJ8Pt6g
nB37veDgvb46lAVTZzDfQkRDwTE7L4FZ4eV4GtMA3WWqRGbgMJqHgWSPpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKjFUYIS5klnUjQIVgTrfLjJQxrMB8GA1UdIwQY
MBaAFJpfDZErXnR65WjYCKBAKbTrxm5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWw4TmtTdGVkSHJsYU5nSW9FQXB0T3ZHYmtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNTMzYjItYWU5ZC00NDcwLWI5ODIt
ZjU0MDQzOWE0YWUyLzEvMHFNVlJnaExtU1dkU05BaFdCT3Q4dU1sREdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNTMzYjItYWU5ZC00NDcwLWI5ODItZjU0MDQzOWE0YWUy
LzEvbWw4TmtTdGVkSHJsYU5nSW9FQXB0T3ZHYmtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsDiAAwQA
ueT6MA0GCSqGSIb3DQEBCwUAA4IBAQAVRM3q3M1snDN9mZ4aC9Uq5PQY7Z86pex6
WTvyu92yB6c6hxoWbbJPqZFkKgJg7ZZRmn00r/1Gp8OLe7XAgIMpNlgzvf9Bfm8n
DbsM+iN0mydXHf/bb4aUhwGoRXjCcJ/cWSK/3UpNGiH4xBLziKqsPmIa/NoDTksn
IMHnbK4+IgSNwNhz8eZlpA3KVCkqeJYcZAqXCHiv6oe7J+qDrvq2qfuK3Ir4mf3m
2CMvaydBEsZh/1Q8+nfRbtpBzfkErzn3zicfVnaw1ZX/xtF0yKTlpUy+5DtAzkma
KpFWAaktFE/grclq3ne3KmrU3nPk1NaVnNQnlxm5Uai+F3f02P7L
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:52:19 2025 by rpki-client