Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/sqo5PLdWdHMa-3THIwpzThX3MIQ.roa
File: sqo5PLdWdHMa-3THIwpzThX3MIQ.roa (raw, json)
Hash identifier: mkeWzT4DWdeQx69gMonfC3UIQ6XY4x+08EOS1mbWBlo=
Subject key identifier: B2:AA:39:3C:B7:56:74:73:1A:FB:74:C7:23:0A:73:4E:15:F7:30:84
Certificate issuer: /CN=ab87734368d88315f11b329386cc5ef2bb875858
Certificate serial: 0194228E07E50CAFBB271A6783A7ED85102C
Authority key identifier: AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/sqo5PLdWdHMa-3THIwpzThX3MIQ.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198167
IP address blocks: 185.108.28.0/24 maxlen: 24
185.108.29.0/24 maxlen: 24
185.108.30.0/24 maxlen: 24
185.108.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:07:e5:0c:af:bb:27:1a:67:83:a7:ed:85:10:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab87734368d88315f11b329386cc5ef2bb875858
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2aa393cb75674731afb74c7230a734e15f73084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ee:30:d9:37:ee:c3:5a:31:39:52:9d:81:05:
cb:7f:1c:41:ba:40:26:f8:8f:b6:96:8f:5d:d6:f5:
20:9d:bf:0e:06:c8:02:7a:96:ac:9c:80:04:f5:6c:
87:ab:ae:84:b9:d9:0e:53:d8:83:bb:bd:70:6d:1a:
c4:1f:d3:b3:5e:3a:29:50:97:b9:1d:34:40:18:59:
30:6a:be:78:ad:41:17:23:fd:58:a9:d0:09:ed:0c:
2e:75:c7:3c:60:10:ca:a5:7f:3f:2a:88:69:3f:60:
a5:36:99:87:2c:c6:d9:79:7f:00:f1:09:8d:52:0e:
76:6a:dd:36:61:2b:07:97:96:e3:a0:c2:ad:b4:32:
60:8e:73:60:1e:21:66:29:6f:28:97:45:c7:bd:fb:
46:25:43:34:82:39:8f:85:c5:f1:60:26:ba:25:3d:
b2:65:f6:ff:ef:a6:c2:a3:b8:ff:c7:3c:66:dc:a1:
ea:0b:8a:b6:2e:31:9d:4b:7a:42:ba:90:6f:f0:d4:
6d:fb:a5:e2:17:e3:0a:58:75:22:f2:2a:c6:a8:f2:
22:2a:4b:e7:7a:92:12:92:f3:c3:a9:20:5b:81:1d:
ea:8b:dc:b8:78:66:22:5a:e4:a3:4e:87:30:b6:e3:
a4:5f:da:a1:9e:71:d1:03:87:54:37:37:7e:e9:09:
a5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AA:39:3C:B7:56:74:73:1A:FB:74:C7:23:0A:73:4E:15:F7:30:84
X509v3 Authority Key Identifier:
keyid:AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/sqo5PLdWdHMa-3THIwpzThX3MIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/q4dzQ2jYgxXxGzKThsxe8ruHWFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.28.0/22
Signature Algorithm: sha256WithRSAEncryption
82:06:5c:19:ba:5d:9c:d4:16:99:47:45:fe:ea:7c:2d:10:0a:
be:a7:2a:89:2a:43:18:a6:11:b9:63:40:8c:8d:e9:cf:35:7c:
8a:1a:92:c5:c6:37:17:21:eb:95:ca:26:eb:f7:cb:83:65:3c:
98:39:7c:4a:d5:10:1a:21:8b:70:71:f7:54:d0:6e:4b:9e:d7:
f7:f4:c8:cf:51:43:8e:a2:4e:6e:0c:cb:a1:64:fd:12:6e:86:
ce:19:14:16:13:79:37:7e:f7:26:7d:60:f3:11:4f:21:d7:68:
ce:81:0a:58:21:cd:c9:39:7b:2b:ab:fe:9e:bd:06:4c:df:0a:
fe:0d:9d:2d:1b:1a:4f:01:67:c4:81:0b:2a:39:cf:4d:1b:82:
76:5f:78:52:41:d2:d3:ea:e5:0e:0c:c1:14:09:a6:d8:17:40:
fd:5c:47:e6:0c:05:22:96:ca:03:b6:42:ba:d1:c5:52:39:1d:
bb:af:d9:e4:97:9a:9f:36:e1:ed:90:fe:ee:c8:54:00:1a:fc:
ab:8c:2d:1f:46:01:1b:58:24:aa:02:b9:2c:e6:61:17:4b:81:
83:87:5f:f4:fa:a0:8c:ca:ef:96:4d:f5:a9:1c:9c:41:0d:ef:
29:74:5f:a8:cb:3a:09:35:bd:4b:97:d1:1b:2d:d6:4d:a7:6b:
31:0e:9a:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgflDK+7Jxpng6fthRAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODc3MzQzNjhkODgzMTVmMTFiMzI5Mzg2Y2M1ZWYyYmI4
NzU4NTgwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmFhMzkzY2I3NTY3NDczMWFmYjc0YzcyMzBhNzM0ZTE1ZjczMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre4w2Tfuw1oxOVKdgQXLfxxBukAm
+I+2lo9d1vUgnb8OBsgCepasnIAE9WyHq66EudkOU9iDu71wbRrEH9OzXjopUJe5
HTRAGFkwar54rUEXI/1YqdAJ7Qwudcc8YBDKpX8/KohpP2ClNpmHLMbZeX8A8QmN
Ug52at02YSsHl5bjoMKttDJgjnNgHiFmKW8ol0XHvftGJUM0gjmPhcXxYCa6JT2y
Zfb/76bCo7j/xzxm3KHqC4q2LjGdS3pCupBv8NRt+6XiF+MKWHUi8irGqPIiKkvn
epISkvPDqSBbgR3qi9y4eGYiWuSjTocwtuOkX9qhnnHRA4dUNzd+6QmluwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKqOTy3VnRzGvt0xyMKc04V9zCEMB8GA1UdIwQY
MBaAFKuHc0No2IMV8Rsyk4bMXvK7h1hYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUt
MTg1ODVlZDk0YTk4LzEvc3FvNVBMZFdkSE1hLTNUSEl3cHpUaFgzTUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUtMTg1ODVlZDk0YTk4
LzEvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWwcMA0G
CSqGSIb3DQEBCwUAA4IBAQCCBlwZul2c1BaZR0X+6nwtEAq+pyqJKkMYphG5Y0CM
jenPNXyKGpLFxjcXIeuVyibr98uDZTyYOXxK1RAaIYtwcfdU0G5Lntf39MjPUUOO
ok5uDMuhZP0SbobOGRQWE3k3fvcmfWDzEU8h12jOgQpYIc3JOXsrq/6evQZM3wr+
DZ0tGxpPAWfEgQsqOc9NG4J2X3hSQdLT6uUODMEUCabYF0D9XEfmDAUilsoDtkK6
0cVSOR27r9nkl5qfNuHtkP7uyFQAGvyrjC0fRgEbWCSqArks5mEXS4GDh1/0+qCM
yu+WTfWpHJxBDe8pdF+oyzoJNb1Ll9EbLdZNp2sxDppk
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:41:21 2025 by rpki-client