Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/qRonRz0lP6v25g416Nv9KduKRpQ.roa
File: qRonRz0lP6v25g416Nv9KduKRpQ.roa (raw, json)
Hash identifier: BblAAkuZ7lKOAoNqkSnh1OQbrzmO29oSPkA4X1nAF2I=
Subject key identifier: A9:1A:27:47:3D:25:3F:AB:F6:E6:0E:35:E8:DB:FD:29:DB:8A:46:94
Certificate issuer: /CN=109192c073862e6220c5f9106d7c55e3fc6c5d4b
Certificate serial: 019420D5F35564CABEC261B0E4A57F9ED86E
Authority key identifier: 10:91:92:C0:73:86:2E:62:20:C5:F9:10:6D:7C:55:E3:FC:6C:5D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJGSwHOGLmIgxfkQbXxV4_xsXUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/qRonRz0lP6v25g416Nv9KduKRpQ.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24971
IP address blocks: 185.239.216.0/22 maxlen: 22
2a0c:6380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f3:55:64:ca:be:c2:61:b0:e4:a5:7f:9e:d8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=109192c073862e6220c5f9106d7c55e3fc6c5d4b
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a91a27473d253fabf6e60e35e8dbfd29db8a4694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:77:eb:58:04:ea:e6:7b:45:1e:c7:81:a6:15:
c8:9a:c7:f8:ce:2d:06:f3:81:6b:cc:e3:0a:a4:11:
2d:1e:57:73:1a:ac:e1:97:ad:3e:19:26:64:1b:9e:
cb:0b:3f:16:19:fa:44:33:14:16:2e:21:16:3a:5b:
e8:1b:23:17:72:7b:18:1d:71:0a:44:5f:04:d5:c9:
8d:19:36:5a:36:e4:ad:2c:a6:d4:6c:8b:a8:49:dd:
40:bc:22:ed:76:97:6a:69:5a:07:3f:94:61:a8:93:
54:42:96:9d:19:7b:02:9d:d5:31:64:e1:8b:4e:26:
75:1a:db:40:73:e6:f0:a0:ad:61:19:e2:ef:44:2b:
be:10:9e:62:ab:79:29:3e:24:30:49:2e:3e:d2:53:
47:75:4d:25:5d:c7:4f:45:d6:44:a1:fe:06:75:98:
b4:32:ee:11:7e:80:c0:d6:62:82:19:6d:e7:9c:a3:
ac:34:07:ed:aa:40:21:54:7d:b4:fc:3a:85:fe:d4:
b4:66:92:25:16:9a:09:1f:a0:c4:12:4d:cf:36:e4:
9b:02:62:d4:8a:bc:36:59:72:a3:17:23:00:96:50:
80:28:d5:7d:d5:99:a8:e2:fe:60:ec:72:74:59:9a:
92:fd:1b:f9:39:3f:cc:62:b3:48:83:99:69:31:a9:
ef:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:1A:27:47:3D:25:3F:AB:F6:E6:0E:35:E8:DB:FD:29:DB:8A:46:94
X509v3 Authority Key Identifier:
keyid:10:91:92:C0:73:86:2E:62:20:C5:F9:10:6D:7C:55:E3:FC:6C:5D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJGSwHOGLmIgxfkQbXxV4_xsXUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/qRonRz0lP6v25g416Nv9KduKRpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/EJGSwHOGLmIgxfkQbXxV4_xsXUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.216.0/22
IPv6:
2a0c:6380::/29
Signature Algorithm: sha256WithRSAEncryption
83:32:69:ee:92:95:21:e9:5c:4e:e7:78:0a:35:20:71:03:3c:
2c:c3:09:ef:8a:0d:c0:82:b9:ff:bf:c1:7b:cb:cc:3f:be:f5:
ab:62:72:fe:c8:0e:90:44:91:ad:9f:d5:7e:ba:3f:46:ee:0d:
68:ab:cc:d5:9f:34:91:9b:ec:05:92:06:9d:24:3c:7b:65:8b:
26:0f:46:21:44:17:38:62:e9:b4:12:8c:8f:7f:a3:60:4e:75:
b7:8f:5b:1a:ee:cb:cb:6d:2c:6b:3e:d2:4d:d7:63:0c:bb:e2:
5f:c0:26:5f:bc:4b:95:87:7b:69:c6:d0:1e:70:e5:63:22:fd:
12:fb:4b:fb:0c:4b:2d:e5:02:db:14:63:f2:53:40:39:ee:e8:
4f:ed:bd:05:8b:04:08:4c:af:00:0b:35:13:a8:7f:0c:e2:34:
28:2a:b6:6d:76:ae:6f:e2:98:d3:4e:c9:8c:48:4b:a8:7b:04:
66:ca:b0:cc:ac:e3:92:19:a0:a9:ab:10:c3:24:9b:95:17:08:
4d:c4:ec:2c:f1:73:7f:e3:af:3b:de:37:9b:55:e7:87:fa:72:
93:98:ae:b4:9d:18:98:c4:23:29:b7:0a:51:bf:81:37:d9:58:
e8:a9:db:1c:ac:ad:cb:b7:5b:65:6e:d3:ff:ac:e8:21:00:65:
80:d4:97:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1fNVZMq+wmGw5KV/nthuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTE5MmMwNzM4NjJlNjIyMGM1ZjkxMDZkN2M1NWUzZmM2
YzVkNGIwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTFhMjc0NzNkMjUzZmFiZjZlNjBlMzVlOGRiZmQyOWRiOGE0Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHfrWATq5ntFHseBphXImsf4zi0G
84FrzOMKpBEtHldzGqzhl60+GSZkG57LCz8WGfpEMxQWLiEWOlvoGyMXcnsYHXEK
RF8E1cmNGTZaNuStLKbUbIuoSd1AvCLtdpdqaVoHP5RhqJNUQpadGXsCndUxZOGL
TiZ1GttAc+bwoK1hGeLvRCu+EJ5iq3kpPiQwSS4+0lNHdU0lXcdPRdZEof4GdZi0
Mu4RfoDA1mKCGW3nnKOsNAftqkAhVH20/DqF/tS0ZpIlFpoJH6DEEk3PNuSbAmLU
irw2WXKjFyMAllCAKNV91Zmo4v5g7HJ0WZqS/Rv5OT/MYrNIg5lpManvxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkaJ0c9JT+r9uYONejb/SnbikaUMB8GA1UdIwQY
MBaAFBCRksBzhi5iIMX5EG18VeP8bF1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpHU3dIT0dMbUlneGZrUWJYeFY0X3hzWFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81M2MwNTEtNTU3Mi00ZjgzLWE3ZDYt
ZTZmZTY5MWQ5NDg5LzEvcVJvblJ6MGxQNnYyNWc0MTZOdjlLZHVLUnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81M2MwNTEtNTU3Mi00ZjgzLWE3ZDYtZTZmZTY5MWQ5NDg5
LzEvRUpHU3dIT0dMbUlneGZrUWJYeFY0X3hzWFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue/YMA0E
AgACMAcDBQMqDGOAMA0GCSqGSIb3DQEBCwUAA4IBAQCDMmnukpUh6VxO53gKNSBx
Azwswwnvig3Agrn/v8F7y8w/vvWrYnL+yA6QRJGtn9V+uj9G7g1oq8zVnzSRm+wF
kgadJDx7ZYsmD0YhRBc4Yum0EoyPf6NgTnW3j1sa7svLbSxrPtJN12MMu+JfwCZf
vEuVh3tpxtAecOVjIv0S+0v7DEst5QLbFGPyU0A57uhP7b0FiwQITK8ACzUTqH8M
4jQoKrZtdq5v4pjTTsmMSEuoewRmyrDMrOOSGaCpqxDDJJuVFwhNxOws8XN/4687
3jebVeeH+nKTmK60nRiYxCMptwpRv4E32VjoqdscrK3Lt1tlbtP/rOghAGWA1Jd0
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:03:42 2025 by rpki-client