Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/q6cfXUDveWHdgQWTYKqVwvvOAe0.roa
File: q6cfXUDveWHdgQWTYKqVwvvOAe0.roa (raw, json)
Hash identifier: BJPMM6GNYN6IqCj9i2G5fXzbZjuTVnz0OtAPd8t+eZk=
Subject key identifier: AB:A7:1F:5D:40:EF:79:61:DD:81:05:93:60:AA:95:C2:FB:CE:01:ED
Certificate issuer: /CN=cbb525e263a95b1652064bdff8964d4bf62b533d
Certificate serial: 019424B3D0E9336AC053FBA89FA8248789D6
Authority key identifier: CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/q6cfXUDveWHdgQWTYKqVwvvOAe0.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209836
IP address blocks: 185.209.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d0:e9:33:6a:c0:53:fb:a8:9f:a8:24:87:89:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb525e263a95b1652064bdff8964d4bf62b533d
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aba71f5d40ef7961dd81059360aa95c2fbce01ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8d:70:d7:dd:b0:8f:c2:d1:d3:f2:f2:d5:35:
66:15:49:c4:9c:29:8b:b6:12:c8:b8:35:02:05:c9:
84:fa:14:9d:05:63:6d:63:27:4a:07:e4:ce:18:74:
f9:7f:45:92:3b:dc:5d:3e:23:30:af:a1:0b:a6:1c:
7a:6f:3d:b8:58:22:59:fe:43:9a:da:ac:ac:ff:f8:
98:6d:d1:64:6d:1d:ee:7e:c8:0e:a7:09:c1:31:91:
ed:b7:cc:7a:23:6f:6a:b5:b0:23:22:c4:05:da:31:
39:3c:b7:c7:9e:00:6a:17:7f:7d:b1:cd:b4:98:e1:
b8:eb:ce:81:ed:59:ea:c9:53:61:ca:ff:07:cc:6d:
86:5a:20:3f:15:3c:0a:db:9e:8d:04:e1:55:2b:26:
e2:99:94:ea:d0:b0:dc:cc:5e:b7:ee:4d:23:11:64:
7b:83:f0:15:e0:bb:a9:85:2e:b8:87:ab:16:4e:1f:
57:e5:d9:54:f2:c6:9f:27:a4:34:ad:86:2d:77:b8:
15:40:06:d1:f6:5c:a6:9c:6e:20:63:d1:3e:08:18:
c2:fd:a7:15:c2:46:2b:00:03:ab:46:3d:b7:6c:83:
e7:35:2b:fd:bc:da:4d:27:42:c1:ad:63:9d:b3:44:
53:ad:f5:9a:8a:98:4b:93:6a:b8:c6:18:51:02:64:
73:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A7:1F:5D:40:EF:79:61:DD:81:05:93:60:AA:95:C2:FB:CE:01:ED
X509v3 Authority Key Identifier:
keyid:CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/q6cfXUDveWHdgQWTYKqVwvvOAe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.42.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e6:76:b3:b4:14:cc:89:48:18:81:6b:a1:9e:5b:71:1a:0c:
a1:a4:c0:c8:ae:aa:c3:20:bd:19:aa:57:5d:ac:36:df:e3:3f:
fc:d6:d3:ee:4f:e8:aa:4d:83:99:ce:f5:bc:b0:49:09:dd:f1:
6c:5f:ad:8d:95:2b:f8:5e:96:98:f2:9b:30:92:fa:f7:e1:bf:
c3:2d:cf:60:62:b0:1f:dc:af:44:57:5c:09:61:1c:04:80:bd:
c3:7c:4d:59:bf:a4:ac:72:9b:70:cc:ff:e9:02:ad:09:c7:4a:
17:62:86:c6:d6:29:87:4c:eb:d9:68:88:1f:68:70:62:d9:95:
99:15:86:d2:00:8e:64:3c:f4:0a:34:75:33:0e:c0:db:a7:38:
08:eb:1d:8a:43:26:30:30:f0:3e:21:9b:53:6d:ef:15:b8:ca:
3a:20:5f:df:63:52:b7:80:62:e1:07:db:cd:33:48:0c:3e:4f:
93:1a:c0:e0:45:18:9d:b7:b9:79:1f:e9:53:07:90:1b:59:47:
95:70:61:4f:8d:b4:42:77:df:0e:85:fd:88:8e:27:3e:46:dd:
e3:34:eb:c0:4b:0e:d2:77:97:49:9d:40:ae:c1:38:ac:f4:19:
87:d5:38:13:7b:13:d4:08:ca:02:e2:60:b2:fd:17:c1:19:cc:
a0:80:e6:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9DpM2rAU/uon6gkh4nWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjUyNWUyNjNhOTViMTY1MjA2NGJkZmY4OTY0ZDRiZjYy
YjUzM2QwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE3MWY1ZDQwZWY3OTYxZGQ4MTA1OTM2MGFhOTVjMmZiY2UwMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY1w192wj8LR0/Ly1TVmFUnEnCmL
thLIuDUCBcmE+hSdBWNtYydKB+TOGHT5f0WSO9xdPiMwr6ELphx6bz24WCJZ/kOa
2qys//iYbdFkbR3ufsgOpwnBMZHtt8x6I29qtbAjIsQF2jE5PLfHngBqF399sc20
mOG4686B7VnqyVNhyv8HzG2GWiA/FTwK256NBOFVKybimZTq0LDczF637k0jEWR7
g/AV4LuphS64h6sWTh9X5dlU8safJ6Q0rYYtd7gVQAbR9lymnG4gY9E+CBjC/acV
wkYrAAOrRj23bIPnNSv9vNpNJ0LBrWOds0RTrfWaiphLk2q4xhhRAmRzGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKunH11A73lh3YEFk2CqlcL7zgHtMB8GA1UdIwQY
MBaAFMu1JeJjqVsWUgZL3/iWTUv2K1M9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQt
Yjg5ZGM0ZmQ2ZWUwLzEvcTZjZlhVRHZlV0hkZ1FXVFlLcVZ3dnZPQWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQtYjg5ZGM0ZmQ2ZWUw
LzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudEqMA0G
CSqGSIb3DQEBCwUAA4IBAQAD5naztBTMiUgYgWuhnltxGgyhpMDIrqrDIL0Zqldd
rDbf4z/81tPuT+iqTYOZzvW8sEkJ3fFsX62NlSv4XpaY8pswkvr34b/DLc9gYrAf
3K9EV1wJYRwEgL3DfE1Zv6SscptwzP/pAq0Jx0oXYobG1imHTOvZaIgfaHBi2ZWZ
FYbSAI5kPPQKNHUzDsDbpzgI6x2KQyYwMPA+IZtTbe8VuMo6IF/fY1K3gGLhB9vN
M0gMPk+TGsDgRRidt7l5H+lTB5AbWUeVcGFPjbRCd98Ohf2Ijic+Rt3jNOvASw7S
d5dJnUCuwTis9BmH1TgTexPUCMoC4mCy/RfBGcyggObY
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:42:24 2025 by rpki-client