Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa
File: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (raw, json)
Hash identifier: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=
Subject key identifier: 19:03:A5:E8:B4:EF:37:23:CC:C8:6D:CA:8D:6F:40:8E:9D:01:BE:9C
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 0194228D15B1E47BC7586F0F7214C3CDED7E
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa
Signing time: Wed 01 Jan 2025 15:47:38 +0000
ROA not before: Wed 01 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199811
IP address blocks: 185.210.64.0/22 maxlen: 22
2a0b:55c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:15:b1:e4:7b:c7:58:6f:0f:72:14:c3:cd:ed:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1903a5e8b4ef3723ccc86dca8d6f408e9d01be9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:18:19:8c:70:f6:40:17:b2:ab:1d:40:3e:89:
03:c5:d9:1b:93:33:72:a5:ac:d6:a3:89:74:3e:bc:
65:dd:43:5e:8c:d9:f9:73:91:b4:26:04:7e:f6:19:
dc:7a:cc:6c:f7:8d:9e:4d:58:33:68:d8:5f:f7:c7:
23:3a:c1:37:2d:2c:1e:10:2b:68:69:8e:18:a9:57:
ff:89:40:8d:22:dd:a5:14:4d:15:36:5c:54:a7:bf:
48:4b:fc:b9:a6:d8:3a:2d:dd:f2:ed:22:45:91:4a:
29:b7:9d:db:5a:cb:c7:31:eb:a3:d7:69:09:0c:48:
7d:45:bf:4f:23:4e:9a:c3:91:89:88:3c:89:a2:4e:
ba:63:34:92:de:48:b1:6a:2b:ac:15:78:00:48:cf:
f3:32:c0:f4:43:f6:03:71:a0:94:59:e1:bc:2c:29:
d6:99:c1:35:bd:6a:ef:f4:ef:dc:45:b1:dc:c9:be:
c6:5d:5c:83:fe:2d:36:08:c8:10:4b:b5:93:aa:2b:
fe:41:0b:03:f9:1b:0d:07:a8:f4:6c:05:8d:7a:52:
cb:2f:00:8e:bb:dc:d8:35:0d:82:58:23:e5:9c:54:
46:9b:39:63:6b:f4:03:dc:48:bd:ab:a5:83:1a:14:
40:f2:33:7e:68:13:f5:8c:dd:b1:de:56:1f:75:02:
78:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:03:A5:E8:B4:EF:37:23:CC:C8:6D:CA:8D:6F:40:8E:9D:01:BE:9C
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.64.0/22
IPv6:
2a0b:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:6d:f3:3f:e7:eb:b0:2d:80:22:82:a2:bf:32:9f:7d:7a:55:
ae:36:35:c4:02:ad:fd:b8:40:39:c4:ad:bd:67:86:66:51:28:
cb:35:78:dc:a4:32:e7:0a:34:b4:0d:c6:92:0d:c3:48:28:1d:
28:b0:1a:c2:67:d8:dd:5b:45:79:a4:e0:fe:d4:36:b2:05:ad:
b5:63:76:d0:55:23:9f:c9:98:21:1a:9f:1b:a7:7f:b7:ff:61:
ad:db:56:6a:4f:44:79:0b:d3:e3:57:7c:4d:30:da:6b:e0:21:
ed:06:29:67:20:f9:b2:ca:33:8b:c6:d9:c2:98:f2:08:ad:ae:
e1:df:44:94:a0:00:e5:4a:de:d2:52:82:e4:e2:b6:ae:01:ee:
5e:e1:72:65:7a:b9:27:8a:59:28:6d:bd:b2:c5:3a:c8:64:63:
f4:6f:e8:22:c2:c4:b5:5d:91:93:7f:a6:02:3a:a4:d9:fb:70:
0b:f0:17:18:40:15:10:0d:ef:0c:c2:f0:23:02:56:fc:06:86:
12:64:c1:28:90:d4:b2:4c:97:85:42:0d:4b:b8:ea:6b:26:df:
91:1a:0c:4b:d2:f6:b4:da:2f:53:c0:4f:8c:90:12:4b:b2:a5:
2f:12:47:41:30:dd:fb:d4:44:41:4c:27:4b:a7:cf:c7:3e:2b:
55:ac:6b:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijRWx5HvHWG8PchTDze1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTAzYTVlOGI0ZWYzNzIzY2NjODZkY2E4ZDZmNDA4ZTlkMDFiZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RgZjHD2QBeyqx1APokDxdkbkzNy
pazWo4l0Prxl3UNejNn5c5G0JgR+9hncesxs942eTVgzaNhf98cjOsE3LSweECto
aY4YqVf/iUCNIt2lFE0VNlxUp79IS/y5ptg6Ld3y7SJFkUopt53bWsvHMeuj12kJ
DEh9Rb9PI06aw5GJiDyJok66YzSS3kixaiusFXgASM/zMsD0Q/YDcaCUWeG8LCnW
mcE1vWrv9O/cRbHcyb7GXVyD/i02CMgQS7WTqiv+QQsD+RsNB6j0bAWNelLLLwCO
u9zYNQ2CWCPlnFRGmzlja/QD3Ei9q6WDGhRA8jN+aBP1jN2x3lYfdQJ45wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBkDpei07zcjzMhtyo1vQI6dAb6cMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvR1FPbDZMVHZOeVBNeUczS2pXOUFqcDBCdnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudJAMA0E
AgACMAcDBQMqC1XAMA0GCSqGSIb3DQEBCwUAA4IBAQCbbfM/5+uwLYAigqK/Mp99
elWuNjXEAq39uEA5xK29Z4ZmUSjLNXjcpDLnCjS0DcaSDcNIKB0osBrCZ9jdW0V5
pOD+1DayBa21Y3bQVSOfyZghGp8bp3+3/2Gt21ZqT0R5C9PjV3xNMNpr4CHtBiln
IPmyyjOLxtnCmPIIra7h30SUoADlSt7SUoLk4rauAe5e4XJlerknilkobb2yxTrI
ZGP0b+giwsS1XZGTf6YCOqTZ+3AL8BcYQBUQDe8MwvAjAlb8BoYSZMEokNSyTJeF
Qg1LuOprJt+RGgxL0va02i9TwE+MkBJLsqUvEkdBMN371ERBTCdLp8/HPitVrGu0
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:04:19 2025 by rpki-client