Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/6997ce-2898-4530-a40c-2f1bfbc7f0f3/1/qv58PcziHSozk6pOK4h_LgXLS7w.roa
File: qv58PcziHSozk6pOK4h_LgXLS7w.roa (raw, json)
Hash identifier: BZchB3z4vvljLfndUGS0R7LquQNr6/obSV/f0pocufU=
Subject key identifier: AA:FE:7C:3D:CC:E2:1D:2A:33:93:AA:4E:2B:88:7F:2E:05:CB:4B:BC
Certificate issuer: /CN=1035ad4faf5c371d3c24ed73fad66cdc6ac6b918
Certificate serial: 019427B544BA354A8A149C98BA45B9BD4316
Authority key identifier: 10:35:AD:4F:AF:5C:37:1D:3C:24:ED:73:FA:D6:6C:DC:6A:C6:B9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EDWtT69cNx08JO1z-tZs3GrGuRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/6997ce-2898-4530-a40c-2f1bfbc7f0f3/1/qv58PcziHSozk6pOK4h_LgXLS7w.roa
Signing time: Thu 02 Jan 2025 15:49:38 +0000
ROA not before: Thu 02 Jan 2025 15:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215961
IP address blocks: 2.57.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:44:ba:35:4a:8a:14:9c:98:ba:45:b9:bd:43:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1035ad4faf5c371d3c24ed73fad66cdc6ac6b918
Validity
Not Before: Jan 2 15:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aafe7c3dcce21d2a3393aa4e2b887f2e05cb4bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2a:1a:a6:04:ee:8d:4e:3e:ce:67:e9:ed:b0:
12:1a:0b:ae:3b:32:a5:65:3d:1c:0f:36:70:1a:3e:
b4:1b:88:59:d4:80:6c:bd:47:3c:a3:1f:63:8b:32:
da:63:54:18:e9:ed:18:8e:7d:ba:5a:61:53:d6:be:
74:25:01:36:eb:7b:b0:c1:35:2f:11:8a:e5:a6:0d:
f3:0a:82:0c:93:66:77:a3:e9:18:65:f2:dc:9e:04:
a2:1d:7c:4c:1f:a8:2a:cf:22:cd:f4:51:7a:9a:d5:
45:a0:e1:8e:fc:39:7e:b4:97:6b:47:f6:6a:d2:95:
a8:52:2f:fe:62:15:d1:8e:6c:54:61:14:38:a9:49:
44:9d:05:53:67:31:99:ff:da:d9:59:ad:4a:20:f3:
1d:a1:1e:aa:99:57:1c:d8:97:3b:56:fb:20:a3:b7:
e1:bb:28:6c:8c:f3:19:4a:0f:bd:a7:23:ac:7c:06:
10:48:d2:d7:ab:04:57:4b:0d:08:1b:bf:3a:b4:56:
4f:71:66:cb:1d:78:8e:47:05:bc:9b:03:f1:aa:9b:
d0:f0:97:fe:7b:ef:96:86:38:16:8e:59:01:d6:af:
e5:96:d1:46:e4:ee:f3:4d:43:00:e0:88:ab:35:f9:
dd:17:33:b1:eb:ad:eb:14:de:fb:0a:2a:1e:4b:6c:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FE:7C:3D:CC:E2:1D:2A:33:93:AA:4E:2B:88:7F:2E:05:CB:4B:BC
X509v3 Authority Key Identifier:
keyid:10:35:AD:4F:AF:5C:37:1D:3C:24:ED:73:FA:D6:6C:DC:6A:C6:B9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDWtT69cNx08JO1z-tZs3GrGuRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/6997ce-2898-4530-a40c-2f1bfbc7f0f3/1/qv58PcziHSozk6pOK4h_LgXLS7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/6997ce-2898-4530-a40c-2f1bfbc7f0f3/1/EDWtT69cNx08JO1z-tZs3GrGuRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.238.0/24
Signature Algorithm: sha256WithRSAEncryption
91:2a:b5:53:8e:1d:12:23:77:84:8b:9b:29:15:6c:b4:39:c0:
8b:fc:9d:03:b9:5d:b5:cb:87:4d:85:4e:22:b5:2e:17:7a:06:
95:06:1f:0c:06:1b:34:5d:49:72:72:ae:47:b8:60:19:0e:4a:
b1:27:1e:75:bf:d1:fd:2a:e3:dc:ac:06:f9:1e:ca:81:31:5c:
7a:49:04:5f:77:45:48:5f:28:96:4d:9b:59:38:80:a3:72:60:
01:6d:8f:5a:85:e8:fe:7a:00:85:7d:8f:3e:2e:21:3c:f8:67:
51:4d:31:8c:81:87:a4:d4:fa:04:dd:67:16:82:65:27:5c:8f:
dd:41:88:e6:7c:80:e1:7d:9f:f4:88:0b:bf:14:3e:66:10:b0:
2e:52:aa:a1:e2:f0:6e:5e:0b:42:1d:30:cd:1a:29:70:04:e9:
70:4f:14:a4:48:5e:17:c1:0a:40:48:3f:ee:30:4f:ff:1e:76:
65:0f:57:ad:e0:98:0f:1e:50:c3:1e:d7:c9:ba:6a:91:0e:de:
79:f6:71:90:75:eb:f7:0e:fc:a6:77:2f:db:8e:f5:e1:d6:37:
31:ba:57:9a:86:70:c5:44:8c:d4:14:7e:15:e9:03:3f:fa:2c:
18:cd:43:fb:e4:41:70:3c:9e:12:e8:2a:0e:a3:1c:3d:2b:29:
85:f0:77:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntUS6NUqKFJyYukW5vUMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzVhZDRmYWY1YzM3MWQzYzI0ZWQ3M2ZhZDY2Y2RjNmFj
NmI5MTgwHhcNMjUwMTAyMTU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZlN2MzZGNjZTIxZDJhMzM5M2FhNGUyYjg4N2YyZTA1Y2I0YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yoapgTujU4+zmfp7bASGguuOzKl
ZT0cDzZwGj60G4hZ1IBsvUc8ox9jizLaY1QY6e0Yjn26WmFT1r50JQE263uwwTUv
EYrlpg3zCoIMk2Z3o+kYZfLcngSiHXxMH6gqzyLN9FF6mtVFoOGO/Dl+tJdrR/Zq
0pWoUi/+YhXRjmxUYRQ4qUlEnQVTZzGZ/9rZWa1KIPMdoR6qmVcc2Jc7Vvsgo7fh
uyhsjPMZSg+9pyOsfAYQSNLXqwRXSw0IG786tFZPcWbLHXiORwW8mwPxqpvQ8Jf+
e++WhjgWjlkB1q/lltFG5O7zTUMA4IirNfndFzOx663rFN77CioeS2yKiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKr+fD3M4h0qM5OqTiuIfy4Fy0u8MB8GA1UdIwQY
MBaAFBA1rU+vXDcdPCTtc/rWbNxqxrkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURXdFQ2OWNOeDA4Sk8xei10WnMzR3JHdVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82OTk3Y2UtMjg5OC00NTMwLWE0MGMt
MmYxYmZiYzdmMGYzLzEvcXY1OFBjemlIU296azZwT0s0aF9MZ1hMUzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82OTk3Y2UtMjg5OC00NTMwLWE0MGMtMmYxYmZiYzdmMGYz
LzEvRURXdFQ2OWNOeDA4Sk8xei10WnMzR3JHdVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjnuMA0G
CSqGSIb3DQEBCwUAA4IBAQCRKrVTjh0SI3eEi5spFWy0OcCL/J0DuV21y4dNhU4i
tS4XegaVBh8MBhs0XUlycq5HuGAZDkqxJx51v9H9KuPcrAb5HsqBMVx6SQRfd0VI
XyiWTZtZOICjcmABbY9ahej+egCFfY8+LiE8+GdRTTGMgYek1PoE3WcWgmUnXI/d
QYjmfIDhfZ/0iAu/FD5mELAuUqqh4vBuXgtCHTDNGilwBOlwTxSkSF4XwQpASD/u
ME//HnZlD1et4JgPHlDDHtfJumqRDt559nGQdev3Dvymdy/bjvXh1jcxuleahnDF
RIzUFH4V6QM/+iwYzUP75EFwPJ4S6CoOoxw9KymF8Hfo
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:01:17 2025 by rpki-client