Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/qtgbnELTyW65aNCYZpJqV2m2-Jw.roa
File: qtgbnELTyW65aNCYZpJqV2m2-Jw.roa (raw, json)
Hash identifier: BZNYV9kq2qBJjfITSVC14VQZO/Cg3QnROE1UWyqLr8U=
Subject key identifier: AA:D8:1B:9C:42:D3:C9:6E:B9:68:D0:98:66:92:6A:57:69:B6:F8:9C
Certificate issuer: /CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Certificate serial: 019423D715D55C46EF7766A9CDA74B491DB4
Authority key identifier: D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/qtgbnELTyW65aNCYZpJqV2m2-Jw.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.225.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:15:d5:5c:46:ef:77:66:a9:cd:a7:4b:49:1d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aad81b9c42d3c96eb968d09866926a5769b6f89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:8a:13:1e:a8:21:0b:5a:8e:22:72:1e:38:
2c:45:ed:c7:48:84:a5:1b:bd:3a:3a:95:7f:ab:ec:
d5:05:1e:cc:65:2c:e8:97:91:7d:a4:af:c3:73:90:
7d:b5:ca:7d:2d:f6:fd:5e:a7:21:c1:87:3b:86:2e:
a8:16:6d:97:79:44:7c:01:f9:90:f8:5f:02:1f:91:
19:83:2d:2c:2d:03:ae:90:76:13:15:23:83:ec:f9:
08:79:0a:0d:7e:97:60:9d:8f:23:6e:1e:32:ae:fc:
ca:0d:77:36:a1:fc:fb:9a:4e:fa:5c:d7:94:4d:a4:
1e:82:78:45:d7:39:d1:c5:db:d2:44:67:1e:e9:62:
ae:c4:db:d8:c9:81:bf:e1:f3:75:ec:bd:56:5c:14:
66:8a:1f:52:41:21:64:25:ca:4d:d8:da:47:ec:86:
12:77:c2:b8:e5:b6:ec:63:5a:36:95:36:13:bb:da:
34:6d:3f:ae:1e:4d:ab:f9:a3:9d:71:6d:d7:a9:21:
6b:7f:af:22:62:02:61:91:c5:74:9d:80:ee:0f:88:
2c:24:4b:75:05:4f:63:77:80:03:e1:47:2d:8c:84:
1f:aa:c5:71:fe:c4:cf:e9:f3:bd:f7:89:c4:c7:84:
fd:3b:8f:70:5f:ac:49:af:98:ea:e4:26:d2:29:a9:
91:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D8:1B:9C:42:D3:C9:6E:B9:68:D0:98:66:92:6A:57:69:B6:F8:9C
X509v3 Authority Key Identifier:
keyid:D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/qtgbnELTyW65aNCYZpJqV2m2-Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:14:f6:8f:b6:e8:56:1b:64:e8:09:d2:31:f8:0e:92:24:01:
2a:4d:3a:16:be:21:ae:58:f0:0a:a2:9e:7b:ac:81:9a:5c:2f:
d4:56:38:92:47:6a:44:48:09:28:92:ac:c0:50:3e:6c:d5:d9:
94:7f:16:d7:08:3a:49:61:3f:e4:d3:18:39:ed:79:7d:61:bb:
9c:8b:be:75:5e:25:02:d0:6b:85:aa:90:35:37:76:61:4d:e3:
bc:38:98:fe:8c:76:a8:85:48:30:ae:a6:41:06:aa:71:76:8e:
a2:43:ff:df:64:e0:78:ed:1f:b8:e9:46:47:77:9e:eb:79:bd:
53:19:b4:08:f5:c5:72:08:b3:78:5a:80:76:96:80:1c:1e:03:
13:65:a4:5f:a5:18:71:eb:78:12:46:31:f1:58:63:80:7b:5c:
27:ab:d0:ac:37:72:9b:af:44:6e:b8:4f:69:c9:7c:09:5f:d4:
e4:52:d2:b7:dd:b5:12:c0:93:0c:c4:59:f9:c8:b5:6f:19:1f:
03:7f:14:ea:77:ba:86:c6:55:00:7d:c8:9c:e7:7d:1d:19:2a:
15:85:bf:39:b7:37:83:3b:56:80:0f:0d:9c:cd:61:f1:2e:3e:
a0:12:3c:da:fb:aa:9d:31:09:c5:f5:59:47:e3:15:8e:27:18:
cd:ab:5e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xXVXEbvd2apzadLSR20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWE4OWY3YjcyMjI3OWMwMzI5NDJkY2YyNDg2NWY2ZDcy
ZDY1MDEwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ4MWI5YzQyZDNjOTZlYjk2OGQwOTg2NjkyNmE1NzY5YjZmODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+mKEx6oIQtajiJyHjgsRe3HSISl
G706OpV/q+zVBR7MZSzol5F9pK/Dc5B9tcp9Lfb9XqchwYc7hi6oFm2XeUR8AfmQ
+F8CH5EZgy0sLQOukHYTFSOD7PkIeQoNfpdgnY8jbh4yrvzKDXc2ofz7mk76XNeU
TaQegnhF1znRxdvSRGce6WKuxNvYyYG/4fN17L1WXBRmih9SQSFkJcpN2NpH7IYS
d8K45bbsY1o2lTYTu9o0bT+uHk2r+aOdcW3XqSFrf68iYgJhkcV0nYDuD4gsJEt1
BU9jd4AD4UctjIQfqsVx/sTP6fO994nEx4T9O49wX6xJr5jq5CbSKamRVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrYG5xC08luuWjQmGaSaldptvicMB8GA1UdIwQY
MBaAFNaqife3IiecAylC3PJIZfbXLWUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYt
OGJhNjg4ODY2OWNmLzEvcXRnYm5FTFR5VzY1YU5DWVpwSnFWMm0yLUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYtOGJhNjg4ODY2OWNm
LzEvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueH8MA0G
CSqGSIb3DQEBCwUAA4IBAQCdFPaPtuhWG2ToCdIx+A6SJAEqTToWviGuWPAKop57
rIGaXC/UVjiSR2pESAkokqzAUD5s1dmUfxbXCDpJYT/k0xg57Xl9Ybuci751XiUC
0GuFqpA1N3ZhTeO8OJj+jHaohUgwrqZBBqpxdo6iQ//fZOB47R+46UZHd57reb1T
GbQI9cVyCLN4WoB2loAcHgMTZaRfpRhx63gSRjHxWGOAe1wnq9CsN3Kbr0RuuE9p
yXwJX9TkUtK33bUSwJMMxFn5yLVvGR8DfxTqd7qGxlUAfcic530dGSoVhb85tzeD
O1aADw2czWHxLj6gEjza+6qdMQnF9VlH4xWOJxjNq14b
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:34:08 2025 by rpki-client