Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/cqs27uyShJLHJ19HI0wbuu9K6Mw.roa
File: cqs27uyShJLHJ19HI0wbuu9K6Mw.roa (raw, json)
Hash identifier: Io5SItgYrsPuNxUpvFI/wIElXAajrpA8wR3rTKWJTBI=
Subject key identifier: 72:AB:36:EE:EC:92:84:92:C7:27:5F:47:23:4C:1B:BA:EF:4A:E8:CC
Certificate issuer: /CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905
Certificate serial: 019422FB80E8F2DB5F5C3DD23FDC83484464
Authority key identifier: 06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/cqs27uyShJLHJ19HI0wbuu9K6Mw.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198389
IP address blocks: 176.103.168.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:80:e8:f2:db:5f:5c:3d:d2:3f:dc:83:48:44:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72ab36eeec928492c7275f47234c1bbaef4ae8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5a:7b:11:77:83:d3:d4:a5:b3:2f:53:85:bc:
e4:7c:22:d1:d9:da:ad:65:d9:94:5b:33:1b:e9:42:
3d:30:c3:50:54:2f:a2:06:6d:6b:07:6e:25:82:36:
2c:8d:81:8c:7b:30:ee:78:69:4b:12:ae:00:c4:7d:
69:15:fc:79:59:8e:14:ef:f9:e5:11:2c:36:21:2c:
35:6d:fe:c5:d1:ec:a8:31:c1:d9:18:8a:e3:7f:98:
24:90:ad:16:db:03:e1:b7:82:99:a1:c5:8f:03:07:
7b:4c:a3:9a:d1:46:6c:77:a0:31:af:89:27:27:0b:
ae:f9:ad:de:bc:cf:46:99:bd:2f:bf:43:2f:39:34:
63:92:8d:b1:55:78:6c:3d:c9:e8:ed:52:4a:e6:7b:
68:f5:12:29:af:09:d5:9f:98:f2:c7:e4:aa:5e:f4:
0a:9d:b2:c4:05:79:7e:7d:75:a4:9d:55:f7:d8:2d:
d4:88:76:8f:53:6c:05:54:ab:48:87:22:c6:34:ab:
70:9a:2d:46:73:ca:bc:6b:74:09:cb:33:b8:be:24:
dc:ca:c6:e8:62:ae:d1:41:0f:59:3d:60:4b:ae:f1:
54:e8:db:45:97:00:53:9f:af:69:32:06:b6:27:9a:
20:d5:27:62:8e:7a:1e:cc:45:0e:10:7b:70:c6:bc:
32:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AB:36:EE:EC:92:84:92:C7:27:5F:47:23:4C:1B:BA:EF:4A:E8:CC
X509v3 Authority Key Identifier:
keyid:06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/cqs27uyShJLHJ19HI0wbuu9K6Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.168.0/21
Signature Algorithm: sha256WithRSAEncryption
36:db:bd:78:ed:64:a4:4a:56:76:99:61:04:68:86:21:65:4b:
be:ac:81:08:64:4b:50:ae:f7:97:a6:78:c0:59:e4:c5:a4:e7:
03:b6:5a:91:f5:e9:24:75:26:ce:04:3c:36:36:ee:49:83:94:
c4:d9:32:68:79:68:78:40:03:b8:cc:26:e5:40:22:7d:b8:7d:
8f:a7:6c:90:30:6d:1a:93:b7:13:1f:ca:aa:33:74:b4:79:a6:
0e:e1:b8:7a:71:76:1a:15:48:c2:32:83:60:1c:60:23:9e:1e:
00:d4:0f:a6:2f:94:cd:5c:11:3f:d8:c5:6b:bf:44:a3:c6:f6:
4f:e3:d2:55:b3:b9:fa:73:af:c6:0e:36:af:d8:c4:e5:7d:f1:
f2:ae:a4:f8:ca:93:13:43:23:4f:14:21:57:03:25:9e:10:52:
3a:ea:1e:7e:17:3f:c8:8a:cb:78:cb:fa:ea:1b:44:32:76:0d:
8a:99:c8:ca:14:05:20:61:86:5a:96:b1:23:3b:c6:8f:c5:64:
7c:2f:03:bb:95:b0:70:1b:5f:4e:23:b9:66:7d:1b:44:84:33:
d0:91:48:6e:59:ca:ae:94:2a:f7:7e:0a:a4:81:77:bd:29:27:
d8:1e:6e:fc:dd:cf:4e:7e:75:5a:b8:2f:62:c1:74:c9:fd:ff:
aa:a5:2f:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4Do8ttfXD3SP9yDSERkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzdkMWNlNWRjM2ZhODAwZTFkMWRjZmJkYWE4NDFmZGRk
NDM5MDUwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmFiMzZlZWVjOTI4NDkyYzcyNzVmNDcyMzRjMWJiYWVmNGFlOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlp7EXeD09Slsy9ThbzkfCLR2dqt
ZdmUWzMb6UI9MMNQVC+iBm1rB24lgjYsjYGMezDueGlLEq4AxH1pFfx5WY4U7/nl
ESw2ISw1bf7F0eyoMcHZGIrjf5gkkK0W2wPht4KZocWPAwd7TKOa0UZsd6Axr4kn
Jwuu+a3evM9Gmb0vv0MvOTRjko2xVXhsPcno7VJK5nto9RIprwnVn5jyx+SqXvQK
nbLEBXl+fXWknVX32C3UiHaPU2wFVKtIhyLGNKtwmi1Gc8q8a3QJyzO4viTcysbo
Yq7RQQ9ZPWBLrvFU6NtFlwBTn69pMga2J5og1SdijnoezEUOEHtwxrwyywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKrNu7skoSSxydfRyNMG7rvSujMMB8GA1UdIwQY
MBaAFAY30c5dw/qADh0dz72qhB/d1DkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2Ut
M2Q4MGQ2ODZlNzQ3LzEvY3FzMjd1eVNoSkxISjE5SEkwd2J1dTlLNk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2UtM2Q4MGQ2ODZlNzQ3
LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGeoMA0G
CSqGSIb3DQEBCwUAA4IBAQA227147WSkSlZ2mWEEaIYhZUu+rIEIZEtQrveXpnjA
WeTFpOcDtlqR9ekkdSbOBDw2Nu5Jg5TE2TJoeWh4QAO4zCblQCJ9uH2Pp2yQMG0a
k7cTH8qqM3S0eaYO4bh6cXYaFUjCMoNgHGAjnh4A1A+mL5TNXBE/2MVrv0SjxvZP
49JVs7n6c6/GDjav2MTlffHyrqT4ypMTQyNPFCFXAyWeEFI66h5+Fz/Iist4y/rq
G0Qydg2KmcjKFAUgYYZalrEjO8aPxWR8LwO7lbBwG19OI7lmfRtEhDPQkUhuWcqu
lCr3fgqkgXe9KSfYHm783c9OfnVauC9iwXTJ/f+qpS/w
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:58:59 2025 by rpki-client