Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/404ba5-c466-43c3-a616-9e0407626667/1/DqSVFNPqA_J9o0vXdKEoqfgBQv0.roa
File: DqSVFNPqA_J9o0vXdKEoqfgBQv0.roa (raw, json)
Hash identifier: ZwggkA5coi0s9FB05nyVzSy5fJIa0mQqtItQ7c3UO84=
Subject key identifier: 0E:A4:95:14:D3:EA:03:F2:7D:A3:4B:D7:74:A1:28:A9:F8:01:42:FD
Certificate issuer: /CN=f7a4a6fa0fc3e3b93657eef10aedac0fb2c4538c
Certificate serial: 0194228E0ABD0A64577014769258E586C96F
Authority key identifier: F7:A4:A6:FA:0F:C3:E3:B9:36:57:EE:F1:0A:ED:AC:0F:B2:C4:53:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96Sm-g_D47k2V-7xCu2sD7LEU4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/404ba5-c466-43c3-a616-9e0407626667/1/DqSVFNPqA_J9o0vXdKEoqfgBQv0.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201896
IP address blocks: 185.59.40.0/22 maxlen: 24
2a02:68e0::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0a:bd:0a:64:57:70:14:76:92:58:e5:86:c9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7a4a6fa0fc3e3b93657eef10aedac0fb2c4538c
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ea49514d3ea03f27da34bd774a128a9f80142fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:03:bf:fd:72:c8:41:a1:d1:ff:19:69:5f:
2f:ef:b5:bf:af:ca:15:a8:b2:fb:a9:40:5f:69:02:
d5:b6:79:4e:46:d8:18:81:c4:05:83:6c:72:b3:78:
2f:31:09:33:1d:e5:fe:ef:87:bd:ce:89:bd:af:ab:
f8:0b:63:22:65:bd:fb:2e:48:aa:d5:e4:18:31:c4:
3f:49:ee:b0:62:44:8e:d8:5a:db:69:a6:86:ca:c2:
dd:30:67:5d:ac:ee:be:b2:6b:38:e6:55:dd:b2:25:
f1:d0:b5:42:49:bc:78:f1:9a:06:04:f0:ce:84:23:
1c:5e:eb:2f:6c:a9:92:48:d1:3b:13:bb:f8:e3:53:
94:af:94:94:15:1f:dc:19:fe:0a:78:f9:f1:51:78:
1e:0e:99:31:a5:3b:87:fe:00:a2:91:9f:01:19:74:
eb:57:dc:af:2b:a2:28:4e:5b:1e:2b:32:b0:2e:b3:
cb:3b:93:dd:b1:47:33:57:4c:59:09:7b:33:46:48:
1e:12:96:25:0e:d5:ab:d3:e3:97:99:16:85:35:21:
fc:5e:f8:f4:cf:eb:b3:de:1f:17:99:af:86:93:2b:
74:d2:dc:56:17:db:78:f2:05:49:75:93:5b:47:71:
dd:f9:e0:7c:5a:8f:fa:8e:9c:b9:bf:e0:a0:e9:fa:
56:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A4:95:14:D3:EA:03:F2:7D:A3:4B:D7:74:A1:28:A9:F8:01:42:FD
X509v3 Authority Key Identifier:
keyid:F7:A4:A6:FA:0F:C3:E3:B9:36:57:EE:F1:0A:ED:AC:0F:B2:C4:53:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96Sm-g_D47k2V-7xCu2sD7LEU4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/404ba5-c466-43c3-a616-9e0407626667/1/DqSVFNPqA_J9o0vXdKEoqfgBQv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/404ba5-c466-43c3-a616-9e0407626667/1/96Sm-g_D47k2V-7xCu2sD7LEU4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.40.0/22
IPv6:
2a02:68e0::/32
Signature Algorithm: sha256WithRSAEncryption
24:54:c2:41:f0:64:e0:e8:34:52:0f:a9:ee:0f:ef:00:14:c8:
58:e4:ac:a6:90:ba:40:fc:60:21:fa:39:35:ac:44:ed:88:a8:
00:80:cc:b5:d9:72:3c:83:5a:80:5e:6b:19:19:1c:33:49:dd:
64:f5:9c:4e:0d:74:f0:7c:9a:7f:1e:c6:c1:a5:86:64:c6:e6:
18:04:d3:2a:f7:f7:2a:af:ce:1f:5d:ca:9e:fb:ff:72:b0:19:
38:d0:0b:1f:78:43:0f:77:c1:df:d7:16:61:48:ab:30:17:66:
45:7f:10:18:80:e3:0b:0e:23:84:86:9f:9e:b5:58:91:4a:e4:
f7:5f:90:e9:97:60:bd:da:25:60:c3:b7:07:05:ff:00:4d:22:
b6:d5:e3:f1:df:1a:83:9d:f2:b0:aa:21:d8:68:d8:8e:3a:49:
eb:ac:4a:cb:dc:9b:51:2c:e9:07:5f:66:6a:e2:e3:36:e9:25:
e5:18:6b:a1:86:36:5e:41:a0:c2:6a:0b:b8:d8:6c:58:23:18:
ec:71:8f:63:46:8f:c8:e5:f5:33:92:0f:0f:ad:d4:3e:37:39:
b0:74:40:5a:12:f1:57:e0:51:60:20:6a:0f:e8:35:bc:d0:27:
a8:4e:3c:6d:fe:54:f5:9f:72:16:02:32:04:c6:29:35:47:4a:
78:b6:6a:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijgq9CmRXcBR2kljlhslvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YTRhNmZhMGZjM2UzYjkzNjU3ZWVmMTBhZWRhYzBmYjJj
NDUzOGMwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWE0OTUxNGQzZWEwM2YyN2RhMzRiZDc3NGExMjhhOWY4MDE0MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyADv/1yyEGh0f8ZaV8v77W/r8oV
qLL7qUBfaQLVtnlORtgYgcQFg2xys3gvMQkzHeX+74e9zom9r6v4C2MiZb37Lkiq
1eQYMcQ/Se6wYkSO2FrbaaaGysLdMGddrO6+sms45lXdsiXx0LVCSbx48ZoGBPDO
hCMcXusvbKmSSNE7E7v441OUr5SUFR/cGf4KePnxUXgeDpkxpTuH/gCikZ8BGXTr
V9yvK6IoTlseKzKwLrPLO5PdsUczV0xZCXszRkgeEpYlDtWr0+OXmRaFNSH8Xvj0
z+uz3h8Xma+Gkyt00txWF9t48gVJdZNbR3Hd+eB8Wo/6jpy5v+Cg6fpWMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA6klRTT6gPyfaNL13ShKKn4AUL9MB8GA1UdIwQY
MBaAFPekpvoPw+O5Nlfu8QrtrA+yxFOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZTbS1nX0Q0N2syVi03eEN1MnNEN0xFVTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MDRiYTUtYzQ2Ni00M2MzLWE2MTYt
OWUwNDA3NjI2NjY3LzEvRHFTVkZOUHFBX0o5bzB2WGRLRW9xZmdCUXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MDRiYTUtYzQ2Ni00M2MzLWE2MTYtOWUwNDA3NjI2NjY3
LzEvOTZTbS1nX0Q0N2syVi03eEN1MnNEN0xFVTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTsoMA0E
AgACMAcDBQAqAmjgMA0GCSqGSIb3DQEBCwUAA4IBAQAkVMJB8GTg6DRSD6nuD+8A
FMhY5KymkLpA/GAh+jk1rETtiKgAgMy12XI8g1qAXmsZGRwzSd1k9ZxODXTwfJp/
HsbBpYZkxuYYBNMq9/cqr84fXcqe+/9ysBk40AsfeEMPd8Hf1xZhSKswF2ZFfxAY
gOMLDiOEhp+etViRSuT3X5Dpl2C92iVgw7cHBf8ATSK21ePx3xqDnfKwqiHYaNiO
OknrrErL3JtRLOkHX2Zq4uM26SXlGGuhhjZeQaDCagu42GxYIxjscY9jRo/I5fUz
kg8PrdQ+NzmwdEBaEvFX4FFgIGoP6DW80CeoTjxt/lT1n3IWAjIExik1R0p4tmqr
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:39:16 2025 by rpki-client