Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/2q7qFO0SAjMdaNENG8krQrfpEsw.roa
File: 2q7qFO0SAjMdaNENG8krQrfpEsw.roa (raw, json)
Hash identifier: MRyfRcQ3vFTbqLu3EtrXWQ8bXorq49HiuJbhIqPCu2k=
Subject key identifier: DA:AE:EA:14:ED:12:02:33:1D:68:D1:0D:1B:C9:2B:42:B7:E9:12:CC
Certificate issuer: /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial: 01941F8C4F3692AAD6720E14ECC8B4D9932F
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/2q7qFO0SAjMdaNENG8krQrfpEsw.roa
Signing time: Wed 01 Jan 2025 01:47:56 +0000
ROA not before: Wed 01 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212865
IP address blocks: 185.82.103.0/24 maxlen: 24
2a05:8f00:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4f:36:92:aa:d6:72:0e:14:ec:c8:b4:d9:93:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Validity
Not Before: Jan 1 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daaeea14ed1202331d68d10d1bc92b42b7e912cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:c5:51:5c:fa:7f:12:c1:91:10:da:84:bb:
d8:83:1d:54:33:e8:b4:be:39:87:51:ff:8e:cf:6a:
3b:7c:d8:a8:35:b1:cf:f1:f5:b8:2a:19:45:63:c9:
66:0c:4b:f4:77:d4:36:32:93:67:ed:b2:3a:c9:6f:
fd:4e:4a:e1:a0:ac:ef:32:af:95:6e:1a:ec:44:1c:
fb:12:1b:ef:42:c4:74:6d:88:42:47:06:fa:86:94:
16:57:85:65:ea:f5:2d:f6:36:c8:77:1e:9d:29:00:
1e:ca:e6:c7:72:f8:2e:fe:3a:8d:56:36:a3:fa:1f:
95:e8:24:c0:a5:09:9d:31:5e:6e:f8:fe:73:7a:8e:
f7:0d:0c:c7:04:d4:05:4c:41:51:b6:ee:52:50:0d:
8b:0f:b9:51:d0:b4:be:65:7a:60:f4:5d:26:92:60:
67:42:31:e1:5d:ef:10:85:a2:88:e4:59:e9:7a:26:
10:96:08:3a:9e:ab:95:eb:9c:d8:bd:76:bb:20:0a:
00:87:5d:a9:42:f8:81:a4:e0:46:f5:65:cb:be:aa:
f7:9c:36:49:82:59:e8:73:9d:09:d1:dd:de:e6:86:
3e:07:26:8f:7e:9f:80:29:fe:d3:37:5b:f9:2c:76:
31:ff:2d:e4:25:04:7d:76:dd:6d:36:57:ec:75:6f:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AE:EA:14:ED:12:02:33:1D:68:D1:0D:1B:C9:2B:42:B7:E9:12:CC
X509v3 Authority Key Identifier:
keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/2q7qFO0SAjMdaNENG8krQrfpEsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.103.0/24
IPv6:
2a05:8f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
48:88:1c:f2:c9:d7:46:4d:12:87:a5:84:9d:c5:16:be:d9:22:
c3:ea:a4:7a:97:f2:1f:b6:cc:a2:51:26:0b:0f:e8:b1:e8:72:
35:4f:06:82:af:e3:ea:c5:f9:73:81:f8:7a:8f:f5:93:f7:83:
9a:cd:af:24:cb:a4:46:e0:77:69:00:2b:7b:00:da:81:c6:20:
0d:68:8a:41:6b:2f:c6:ed:c6:9d:c4:5f:07:ca:1d:f4:c3:7f:
5f:2f:cd:f6:bb:9e:d6:82:de:21:9b:09:0a:b1:9a:e6:35:48:
ad:08:eb:45:5f:50:9f:86:d5:8d:a5:c8:68:31:ac:35:73:74:
3d:db:6b:9f:2e:05:88:a0:59:db:67:1a:14:25:8c:32:6a:c4:
b3:24:4f:36:14:5d:6c:5d:37:97:40:b8:6e:84:a3:5b:12:fc:
d5:77:3e:b8:62:0f:de:25:d7:dd:ee:60:27:5a:b3:62:c8:df:
7f:82:9e:2a:3b:22:2c:44:8c:e4:90:e3:0d:7e:8e:69:ea:c5:
21:c7:02:9f:30:88:a0:8b:6b:4d:9f:11:08:d1:98:b6:8d:52:
a4:d1:b4:0e:80:ec:2b:de:89:8a:d8:5d:ec:8e:64:ed:81:79:
a7:30:fd:df:66:a5:9b:08:61:84:be:0c:8c:dc:b9:00:6f:1b:
a2:6c:e0:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjE82kqrWcg4U7Mi02ZMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjUwMTAxMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFlZWExNGVkMTIwMjMzMWQ2OGQxMGQxYmM5MmI0MmI3ZTkxMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC7FUVz6fxLBkRDahLvYgx1UM+i0
vjmHUf+Oz2o7fNioNbHP8fW4KhlFY8lmDEv0d9Q2MpNn7bI6yW/9TkrhoKzvMq+V
bhrsRBz7EhvvQsR0bYhCRwb6hpQWV4Vl6vUt9jbIdx6dKQAeyubHcvgu/jqNVjaj
+h+V6CTApQmdMV5u+P5zeo73DQzHBNQFTEFRtu5SUA2LD7lR0LS+ZXpg9F0mkmBn
QjHhXe8QhaKI5FnpeiYQlgg6nquV65zYvXa7IAoAh12pQviBpOBG9WXLvqr3nDZJ
glnoc50J0d3e5oY+ByaPfp+AKf7TN1v5LHYx/y3kJQR9dt1tNlfsdW827wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqu6hTtEgIzHWjRDRvJK0K36RLMMB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvMnE3cUZPMFNBak1kYU5FTkc4a3JRcmZwRXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuVJnMA8E
AgACMAkDBwAqBY8AAAgwDQYJKoZIhvcNAQELBQADggEBAEiIHPLJ10ZNEoelhJ3F
Fr7ZIsPqpHqX8h+2zKJRJgsP6LHocjVPBoKv4+rF+XOB+HqP9ZP3g5rNryTLpEbg
d2kAK3sA2oHGIA1oikFrL8btxp3EXwfKHfTDf18vzfa7ntaC3iGbCQqxmuY1SK0I
60VfUJ+G1Y2lyGgxrDVzdD3ba58uBYigWdtnGhQljDJqxLMkTzYUXWxdN5dAuG6E
o1sS/NV3PrhiD94l193uYCdas2LI33+Cnio7IixEjOSQ4w1+jmnqxSHHAp8wiKCL
a02fEQjRmLaNUqTRtA6A7CveiYrYXeyOZO2Beacw/d9mpZsIYYS+DIzcuQBvG6Js
4Lo=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:54 2025 by rpki-client