Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/etdoPJ4N_qKysB6lFWlNyFlAdhM.roa
File: etdoPJ4N_qKysB6lFWlNyFlAdhM.roa (raw, json)
Hash identifier: uergzr8V4upQN+zWj/HfFoqDh3/cTMWAwIWUnn/1Vl8=
Subject key identifier: 7A:D7:68:3C:9E:0D:FE:A2:B2:B0:1E:A5:15:69:4D:C8:59:40:76:13
Certificate issuer: /CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Certificate serial: 019422FBC2C5946F9FE8F4151F4B7E52B4FA
Authority key identifier: 19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/etdoPJ4N_qKysB6lFWlNyFlAdhM.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202869
IP address blocks: 185.152.52.0/22 maxlen: 22
2a07:7f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c2:c5:94:6f:9f:e8:f4:15:1f:4b:7e:52:b4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ad7683c9e0dfea2b2b01ea515694dc859407613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:ee:11:06:bc:13:cf:5d:cf:7d:24:be:e3:
19:23:b0:85:fc:f1:4d:80:9b:45:2a:8d:ad:67:5a:
94:b2:e0:e6:03:51:b3:92:c0:31:4d:2f:50:95:c4:
de:44:5d:ad:a9:03:e0:24:3c:a7:c4:8b:e6:eb:d6:
eb:f0:07:d1:0d:d0:70:34:04:65:83:4b:0e:6f:3c:
98:79:e3:f9:68:81:20:25:30:03:fe:73:e0:f2:bc:
bd:9f:1f:a7:57:ed:de:1b:5f:d3:ff:df:fc:76:8c:
f3:50:4a:ec:39:58:3f:4d:bf:8a:5f:9e:8a:f2:b1:
19:b2:f3:28:db:da:5e:53:87:b6:3d:2f:c3:e6:18:
9f:87:6a:bb:79:69:47:51:ce:2f:d2:f7:fb:b0:2e:
74:12:da:34:53:45:70:2a:d7:33:bc:da:10:b6:be:
32:49:a1:06:8f:a0:f1:01:f0:e6:3c:58:4b:6b:ed:
89:58:c9:e7:b5:e4:c2:cc:15:1a:77:a0:7c:50:5b:
b2:04:7c:a1:14:d8:9f:f0:7b:53:75:f6:50:58:9f:
70:33:f9:79:97:0e:f5:78:57:5f:bc:ec:9a:6c:7a:
0e:87:d8:be:8e:81:c7:41:60:b5:8f:01:d4:be:85:
89:bb:d7:65:d7:b4:57:9e:1f:b3:69:9f:35:e1:e2:
d2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D7:68:3C:9E:0D:FE:A2:B2:B0:1E:A5:15:69:4D:C8:59:40:76:13
X509v3 Authority Key Identifier:
keyid:19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/etdoPJ4N_qKysB6lFWlNyFlAdhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/GVmXqL_GmLjrnoco7K8SpSezV98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.52.0/22
IPv6:
2a07:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:d6:a2:b4:1b:27:2e:ed:ec:33:12:1f:71:62:0f:25:62:d2:
f4:7d:42:f2:3c:7f:3b:8c:6a:df:99:d0:e7:2a:0e:c7:fb:6a:
a7:c8:eb:65:70:73:c0:c2:22:76:ac:70:f5:a8:60:d4:e4:ed:
55:94:57:82:cf:43:1e:24:a9:f7:39:63:b8:32:21:6b:2e:c7:
f5:c9:75:f3:7d:b9:bb:28:da:15:eb:77:95:f2:fe:1c:da:71:
7e:d4:7f:2c:cb:31:27:2b:89:bf:7e:aa:69:19:06:86:79:7b:
da:2b:98:b3:17:c7:39:f3:24:5b:ba:9f:b6:9d:90:8d:62:a4:
b4:b7:0f:35:00:5d:a0:6d:f5:14:15:38:c1:c2:c5:fb:6c:c1:
ec:03:a3:df:b5:23:d1:f1:a1:a8:85:72:d8:5d:f2:4d:76:4d:
a4:87:38:cb:dd:10:ee:66:b7:c8:d2:97:7c:6e:9f:1a:f6:8d:
1f:ce:c9:9a:65:d5:a8:aa:c9:d8:20:c3:e1:1d:0a:f1:13:8d:
d2:02:50:4c:da:7b:8f:b3:18:c2:48:6d:38:4f:5a:ff:40:e6:
68:8d:c5:55:a5:07:d9:86:32:d5:62:d0:d4:5b:ff:2c:6a:0a:
eb:a4:e9:b4:14:b4:72:79:d6:d6:02:d1:08:79:9f:92:c5:58:
81:4a:b5:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+8LFlG+f6PQVH0t+UrT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTk5N2E4YmZjNjk4YjhlYjllODcyOGVjYWYxMmE1Mjdi
MzU3ZGYwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQ3NjgzYzllMGRmZWEyYjJiMDFlYTUxNTY5NGRjODU5NDA3NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTbuEQa8E89dz30kvuMZI7CF/PFN
gJtFKo2tZ1qUsuDmA1GzksAxTS9QlcTeRF2tqQPgJDynxIvm69br8AfRDdBwNARl
g0sObzyYeeP5aIEgJTAD/nPg8ry9nx+nV+3eG1/T/9/8dozzUErsOVg/Tb+KX56K
8rEZsvMo29peU4e2PS/D5hifh2q7eWlHUc4v0vf7sC50Eto0U0VwKtczvNoQtr4y
SaEGj6DxAfDmPFhLa+2JWMnnteTCzBUad6B8UFuyBHyhFNif8HtTdfZQWJ9wM/l5
lw71eFdfvOyabHoOh9i+joHHQWC1jwHUvoWJu9dl17RXnh+zaZ814eLSeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHrXaDyeDf6isrAepRVpTchZQHYTMB8GA1UdIwQY
MBaAFBlZl6i/xpi4656HKOyvEqUns1ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2Ut
MDkyMTAyMTI3MTRjLzEvZXRkb1BKNE5fcUt5c0I2bEZXbE55RmxBZGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2UtMDkyMTAyMTI3MTRj
LzEvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZg0MA0E
AgACMAcDBQMqB38AMA0GCSqGSIb3DQEBCwUAA4IBAQBq1qK0Gycu7ewzEh9xYg8l
YtL0fULyPH87jGrfmdDnKg7H+2qnyOtlcHPAwiJ2rHD1qGDU5O1VlFeCz0MeJKn3
OWO4MiFrLsf1yXXzfbm7KNoV63eV8v4c2nF+1H8syzEnK4m/fqppGQaGeXvaK5iz
F8c58yRbup+2nZCNYqS0tw81AF2gbfUUFTjBwsX7bMHsA6PftSPR8aGohXLYXfJN
dk2khzjL3RDuZrfI0pd8bp8a9o0fzsmaZdWoqsnYIMPhHQrxE43SAlBM2nuPsxjC
SG04T1r/QOZojcVVpQfZhjLVYtDUW/8sagrrpOm0FLRyedbWAtEIeZ+SxViBSrWt
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:33:03 2025 by rpki-client