Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/ainOGSMqgrVPlJbCQ0XAVp3Eo1w.roa
File: ainOGSMqgrVPlJbCQ0XAVp3Eo1w.roa (raw, json)
Hash identifier: aUARFD50cGug83O2CiAa13xLrj1Z/zyZ8nx2FGmkrjQ=
Subject key identifier: 6A:29:CE:19:23:2A:82:B5:4F:94:96:C2:43:45:C0:56:9D:C4:A3:5C
Certificate issuer: /CN=1a71810fec8e7b0b5ec2629e99c89635926c6251
Certificate serial: 019425213135425279456B48E50D483F7291
Authority key identifier: 1A:71:81:0F:EC:8E:7B:0B:5E:C2:62:9E:99:C8:96:35:92:6C:62:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnGBD-yOewtewmKemciWNZJsYlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/ainOGSMqgrVPlJbCQ0XAVp3Eo1w.roa
Signing time: Thu 02 Jan 2025 03:48:39 +0000
ROA not before: Thu 02 Jan 2025 03:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60791
IP address blocks: 185.25.248.0/22 maxlen: 22
2a00:7f20::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:31:35:42:52:79:45:6b:48:e5:0d:48:3f:72:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a71810fec8e7b0b5ec2629e99c89635926c6251
Validity
Not Before: Jan 2 03:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a29ce19232a82b54f9496c24345c0569dc4a35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5e:22:78:ae:92:7d:5a:81:d9:ac:2e:70:1b:
92:4b:a0:a9:b1:5c:4e:4a:3f:3f:f9:69:e5:98:1e:
0e:0f:32:49:ed:5c:8f:94:d3:ec:ed:29:d2:30:22:
fd:63:e5:d0:17:6a:d9:e4:8e:32:1b:c9:88:5a:82:
db:9c:4d:e2:86:2e:79:4e:17:f9:9b:18:77:2c:48:
b0:09:64:58:af:e4:13:3e:fb:14:84:8b:57:30:c7:
c0:6d:65:c4:97:62:a9:8f:5a:eb:83:98:6b:ae:9c:
b5:ad:8a:6a:84:c3:47:9d:40:b1:c0:4b:50:11:56:
fb:8e:ad:47:b8:82:49:a7:65:b1:85:ca:c1:98:76:
9a:d9:0d:a5:9a:5b:06:4a:30:68:46:af:e0:0b:bb:
9b:35:5c:db:bb:ab:0a:2c:02:c3:04:b0:79:fb:b4:
81:20:70:15:ad:46:66:e7:5d:f3:d6:0a:05:f8:0c:
fd:7b:27:0d:4f:3d:f3:b9:a4:a0:1b:13:46:39:4e:
65:c1:e8:45:b7:39:4e:08:ac:2e:45:d3:25:b5:e8:
62:47:04:11:53:9f:5e:b4:c7:5d:42:79:d8:bf:52:
b2:4a:e8:f3:eb:7d:04:02:55:cb:fb:1e:5a:1c:21:
b9:08:db:29:6a:19:4c:bb:30:35:36:ab:47:21:fb:
f5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:29:CE:19:23:2A:82:B5:4F:94:96:C2:43:45:C0:56:9D:C4:A3:5C
X509v3 Authority Key Identifier:
keyid:1A:71:81:0F:EC:8E:7B:0B:5E:C2:62:9E:99:C8:96:35:92:6C:62:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnGBD-yOewtewmKemciWNZJsYlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/ainOGSMqgrVPlJbCQ0XAVp3Eo1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cc24b9-5918-4557-a832-4017cef5bca9/1/GnGBD-yOewtewmKemciWNZJsYlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.248.0/22
IPv6:
2a00:7f20::/32
Signature Algorithm: sha256WithRSAEncryption
1f:d4:56:74:95:eb:b0:2a:e3:9c:31:85:b0:37:42:f6:08:2d:
68:11:07:1a:f1:f0:53:05:92:a1:95:d2:06:4c:78:45:53:0a:
fe:4c:ba:c5:a3:46:72:e2:0b:f7:4a:b9:8d:8b:30:8a:2a:fa:
3b:14:78:d0:d0:b5:3d:f3:21:50:a8:52:3a:be:5c:91:3c:e7:
b1:04:97:4a:e7:4f:68:eb:65:3f:35:ba:76:90:41:4c:ad:87:
85:33:c4:0e:82:a5:fe:07:da:06:f2:c8:65:10:8d:c0:65:2a:
ef:be:5e:ef:e3:4e:f5:f0:cb:2b:49:1b:45:d4:46:44:41:e4:
25:69:42:58:fd:29:7f:f8:9b:fa:46:87:c3:6d:c8:62:3d:92:
8c:3d:52:c3:c0:99:e5:ea:96:91:e5:e0:dc:b0:5b:55:e6:0d:
f8:75:91:2c:4e:a2:31:ca:46:a2:37:ba:db:3b:3d:12:f9:b4:
2e:1f:bc:54:b1:88:06:57:32:31:b6:e7:ac:74:3e:dc:50:0f:
77:8c:35:1f:d5:ce:21:c6:8c:e2:02:08:fe:06:b3:3c:18:05:
44:02:7f:b3:37:72:4c:01:53:d5:f8:d9:54:05:e5:58:79:c7:
61:c0:40:3c:cd:39:15:08:62:6b:a7:c6:ae:53:d4:e7:60:aa:
50:5a:01:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlITE1QlJ5RWtI5Q1IP3KRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzE4MTBmZWM4ZTdiMGI1ZWMyNjI5ZTk5Yzg5NjM1OTI2
YzYyNTEwHhcNMjUwMTAyMDM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI5Y2UxOTIzMmE4MmI1NGY5NDk2YzI0MzQ1YzA1NjlkYzRhMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV4ieK6SfVqB2awucBuSS6CpsVxO
Sj8/+WnlmB4ODzJJ7VyPlNPs7SnSMCL9Y+XQF2rZ5I4yG8mIWoLbnE3ihi55Thf5
mxh3LEiwCWRYr+QTPvsUhItXMMfAbWXEl2Kpj1rrg5hrrpy1rYpqhMNHnUCxwEtQ
EVb7jq1HuIJJp2WxhcrBmHaa2Q2lmlsGSjBoRq/gC7ubNVzbu6sKLALDBLB5+7SB
IHAVrUZm513z1goF+Az9eycNTz3zuaSgGxNGOU5lwehFtzlOCKwuRdMltehiRwQR
U59etMddQnnYv1KySujz630EAlXL+x5aHCG5CNspahlMuzA1NqtHIfv1KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGopzhkjKoK1T5SWwkNFwFadxKNcMB8GA1UdIwQY
MBaAFBpxgQ/sjnsLXsJinpnIljWSbGJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25HQkQteU9ld3Rld21LZW1jaVdOWkpzWWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jYzI0YjktNTkxOC00NTU3LWE4MzIt
NDAxN2NlZjViY2E5LzEvYWluT0dTTXFnclZQbEpiQ1EwWEFWcDNFbzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jYzI0YjktNTkxOC00NTU3LWE4MzItNDAxN2NlZjViY2E5
LzEvR25HQkQteU9ld3Rld21LZW1jaVdOWkpzWWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRn4MA0E
AgACMAcDBQAqAH8gMA0GCSqGSIb3DQEBCwUAA4IBAQAf1FZ0leuwKuOcMYWwN0L2
CC1oEQca8fBTBZKhldIGTHhFUwr+TLrFo0Zy4gv3SrmNizCKKvo7FHjQ0LU98yFQ
qFI6vlyRPOexBJdK509o62U/Nbp2kEFMrYeFM8QOgqX+B9oG8shlEI3AZSrvvl7v
40718MsrSRtF1EZEQeQlaUJY/Sl/+Jv6RofDbchiPZKMPVLDwJnl6paR5eDcsFtV
5g34dZEsTqIxykaiN7rbOz0S+bQuH7xUsYgGVzIxtuesdD7cUA93jDUf1c4hxozi
Agj+BrM8GAVEAn+zN3JMAVPV+NlUBeVYecdhwEA8zTkVCGJrp8auU9TnYKpQWgFx
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:06:42 2025 by rpki-client