Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/2qJcuD6QXgpix9mcKSP7QtCl_p8.roa
File: 2qJcuD6QXgpix9mcKSP7QtCl_p8.roa (raw, json)
Hash identifier: rCHaYO4zvtNWG/Tx66L/I7h/Oz9Nk+n5nXOPZ6MU2Us=
Subject key identifier: DA:A2:5C:B8:3E:90:5E:0A:62:C7:D9:9C:29:23:FB:42:D0:A5:FE:9F
Certificate issuer: /CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Certificate serial: 0194221FDDCBDE05F617174732232B512627
Authority key identifier: C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/2qJcuD6QXgpix9mcKSP7QtCl_p8.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 185.78.168.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dd:cb:de:05:f6:17:17:47:32:23:2b:51:26:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daa25cb83e905e0a62c7d99c2923fb42d0a5fe9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:cb:e6:8e:7a:de:b2:97:13:8e:26:46:a3:
28:20:1b:4b:f3:0b:ff:98:1b:df:09:41:ec:d3:cb:
5f:31:3a:27:7c:7d:b0:83:57:d6:1b:3f:9f:f0:a3:
9b:11:0a:7f:61:31:ff:59:8b:f1:36:35:99:29:8f:
8f:4a:f3:02:fd:fe:32:55:4c:34:15:36:95:6f:d5:
1c:44:bb:9a:98:6d:88:d3:0b:81:9a:46:00:25:aa:
69:4d:33:96:08:43:a6:40:ed:a1:a4:70:69:7d:8d:
c9:f7:a3:15:d2:88:67:4a:38:f6:7e:24:86:a8:bf:
f4:1c:95:a8:a9:a7:dc:bd:6f:ad:9a:fe:43:00:72:
c7:1e:14:b4:04:32:be:89:9e:da:32:52:74:fb:b5:
f0:d2:85:c6:eb:56:9b:bf:a2:9b:ff:6c:d3:4d:90:
db:9d:ac:a4:56:62:90:6f:e1:f7:cb:73:5b:25:b2:
c0:dd:4a:b8:79:52:b7:5c:00:0a:97:37:9d:8b:1c:
89:1b:1b:2d:63:03:d6:6e:c6:21:81:01:ce:50:6a:
60:25:c5:6f:ff:47:24:27:e1:ed:e3:29:8d:08:03:
72:aa:4d:9a:c6:5d:21:99:b6:f6:69:64:61:5f:24:
ca:2d:fc:e0:79:e2:63:c5:79:2b:dd:c8:7b:7b:14:
1e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A2:5C:B8:3E:90:5E:0A:62:C7:D9:9C:29:23:FB:42:D0:A5:FE:9F
X509v3 Authority Key Identifier:
keyid:C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/2qJcuD6QXgpix9mcKSP7QtCl_p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.168.0/22
Signature Algorithm: sha256WithRSAEncryption
38:35:8a:f6:9a:a4:7f:88:61:d0:df:03:b3:2a:e9:7c:05:87:
3c:91:18:c6:86:38:ee:83:bb:01:e6:4a:79:f9:54:f0:7c:67:
63:d0:15:21:59:66:fb:ce:9a:d7:f3:85:0b:a0:83:ab:22:00:
c8:0e:81:28:2f:fa:bf:2f:b3:cf:e3:a4:e4:10:08:74:81:18:
84:87:07:b5:70:09:ee:e3:ee:c7:ef:3a:43:86:7c:72:f8:e7:
c5:5f:a3:ad:cd:0d:b1:5c:6e:7a:a0:b7:9e:44:c7:94:36:4f:
87:dc:a3:ac:bd:90:c3:81:c9:84:e1:73:12:28:6f:80:dc:87:
e0:82:16:0d:34:69:5f:b5:1f:3e:35:d7:ae:bf:a2:f6:ba:97:
cc:04:32:eb:af:11:c1:b3:8d:ee:b4:9a:9a:31:68:be:19:20:
5c:76:ac:fe:ee:e5:d1:cb:7f:4f:56:31:cb:e5:34:6c:fa:e9:
5e:50:3d:fd:e5:4e:9a:c3:3e:c1:eb:1e:e4:3e:6b:30:62:ed:
5a:ae:dd:5a:a1:71:74:7c:b1:b1:7c:6a:ed:69:a9:cd:52:41:
b2:00:d7:8e:b8:0a:6d:85:ff:db:5e:7d:c2:23:6b:ea:01:94:
0f:90:ae:0c:ed:f9:12:34:12:35:14:4b:ef:95:6e:93:90:c0:
40:4e:b7:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH93L3gX2FxdHMiMrUSYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGVjOWM3ZjFlY2MyN2NiMmVjNzEzYzI3NjRhMDIxNGZj
ZTc4MjgwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWEyNWNiODNlOTA1ZTBhNjJjN2Q5OWMyOTIzZmI0MmQwYTVmZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeHL5o563rKXE44mRqMoIBtL8wv/
mBvfCUHs08tfMTonfH2wg1fWGz+f8KObEQp/YTH/WYvxNjWZKY+PSvMC/f4yVUw0
FTaVb9UcRLuamG2I0wuBmkYAJappTTOWCEOmQO2hpHBpfY3J96MV0ohnSjj2fiSG
qL/0HJWoqafcvW+tmv5DAHLHHhS0BDK+iZ7aMlJ0+7Xw0oXG61abv6Kb/2zTTZDb
naykVmKQb+H3y3NbJbLA3Uq4eVK3XAAKlzedixyJGxstYwPWbsYhgQHOUGpgJcVv
/0ckJ+Ht4ymNCANyqk2axl0hmbb2aWRhXyTKLfzgeeJjxXkr3ch7exQeOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqiXLg+kF4KYsfZnCkj+0LQpf6fMB8GA1UdIwQY
MBaAFMaOycfx7MJ8suxxPCdkoCFPzngoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAt
ODYzMmVlOTQxNDViLzEvMnFKY3VENlFYZ3BpeDltY0tTUDdRdENsX3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAtODYzMmVlOTQxNDVi
LzEveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU6oMA0G
CSqGSIb3DQEBCwUAA4IBAQA4NYr2mqR/iGHQ3wOzKul8BYc8kRjGhjjug7sB5kp5
+VTwfGdj0BUhWWb7zprX84ULoIOrIgDIDoEoL/q/L7PP46TkEAh0gRiEhwe1cAnu
4+7H7zpDhnxy+OfFX6OtzQ2xXG56oLeeRMeUNk+H3KOsvZDDgcmE4XMSKG+A3Ifg
ghYNNGlftR8+Ndeuv6L2upfMBDLrrxHBs43utJqaMWi+GSBcdqz+7uXRy39PVjHL
5TRs+uleUD395U6awz7B6x7kPmswYu1art1aoXF0fLGxfGrtaanNUkGyANeOuApt
hf/bXn3CI2vqAZQPkK4M7fkSNBI1FEvvlW6TkMBATrcb
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:53:53 2025 by rpki-client