Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/qG28szwgzKPw-jxxXZAb6g2XGqU.roa
File: qG28szwgzKPw-jxxXZAb6g2XGqU.roa (raw, json)
Hash identifier: izxZJRDh1PNPhAdwizTZ+zNrbkp/H2QNfLC0QfnH8sI=
Subject key identifier: A8:6D:BC:B3:3C:20:CC:A3:F0:FA:3C:71:5D:90:1B:EA:0D:97:1A:A5
Certificate issuer: /CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Certificate serial: 019425222C45A39023BD9D3C04E0651390A3
Authority key identifier: 2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/qG28szwgzKPw-jxxXZAb6g2XGqU.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60163
IP address blocks: 185.54.28.0/24 maxlen: 24
185.54.29.0/24 maxlen: 24
185.54.30.0/24 maxlen: 24
185.54.31.0/24 maxlen: 24
2a02:4260::/32 maxlen: 32
2a02:4261::/32 maxlen: 32
2a02:4262::/32 maxlen: 32
2a02:4263::/32 maxlen: 32
2a02:4264::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2c:45:a3:90:23:bd:9d:3c:04:e0:65:13:90:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86dbcb33c20cca3f0fa3c715d901bea0d971aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e3:02:2b:04:f6:78:be:c1:46:cf:9d:5f:be:
33:d1:9e:17:e7:f3:6b:39:a7:19:c5:07:0e:2e:80:
c7:9c:f9:78:3a:bb:7d:48:5f:99:93:66:f7:5d:e2:
67:7c:35:15:c2:03:78:a5:c2:c2:8b:99:82:95:ac:
28:3a:9d:9f:67:1f:1a:0c:83:63:03:da:68:f6:14:
c7:7c:a5:5e:f4:fc:d0:29:ef:28:7a:de:96:b3:10:
0a:44:f7:6b:62:69:74:9a:8e:0a:a4:8d:78:a0:85:
a2:c3:ad:ef:f6:d2:14:92:bd:66:29:fd:4d:3e:6a:
20:70:c3:28:1d:0b:52:77:fa:7f:2d:56:db:08:d1:
2b:e9:4f:1d:de:90:1d:22:81:24:73:45:da:4b:32:
d6:19:21:58:dd:3c:af:ae:4a:85:b6:74:41:cb:18:
33:17:8e:6c:ef:ce:00:b6:ed:94:86:e8:39:4c:95:
70:c2:7a:29:9c:3b:ee:e9:71:82:fe:80:fd:61:48:
d0:fb:15:f7:a9:fe:78:02:30:dd:19:78:3b:71:5b:
29:4a:2d:35:62:d0:4d:a7:b9:0f:30:40:34:8e:0f:
ba:2a:94:a3:93:c1:22:63:9c:65:bc:37:76:44:8d:
09:c1:2d:a3:e7:b5:80:0e:4b:95:85:49:bc:f8:e8:
1a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6D:BC:B3:3C:20:CC:A3:F0:FA:3C:71:5D:90:1B:EA:0D:97:1A:A5
X509v3 Authority Key Identifier:
keyid:2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/qG28szwgzKPw-jxxXZAb6g2XGqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.28.0/22
IPv6:
2a02:4260::/29
Signature Algorithm: sha256WithRSAEncryption
93:73:78:c8:84:63:04:18:0f:77:cd:b9:69:c0:c2:1d:e6:8c:
b0:f2:f0:03:3b:73:a1:fc:5f:ee:13:ca:4e:f2:52:06:50:9b:
c1:d8:ec:f1:19:fa:fa:45:a8:61:e2:7d:fc:52:d8:11:74:38:
e0:38:3f:c2:f1:bf:38:df:10:45:ed:12:10:47:45:3d:ca:3b:
ad:97:1a:97:1f:61:86:ea:55:62:42:6d:6b:71:59:b7:96:b9:
69:51:a6:36:21:7b:92:ae:ce:b9:07:ef:ca:02:85:e6:21:6b:
17:b7:ef:b9:04:68:1a:09:70:9c:44:eb:3d:65:08:a9:fd:fd:
00:62:c5:07:12:ae:1c:95:15:7d:77:63:99:43:9d:3a:30:7a:
79:dd:17:82:58:61:85:14:82:00:5c:ac:49:e0:7a:59:57:6e:
b8:33:c1:af:d4:b7:56:74:aa:1e:1f:1c:bf:25:c1:28:86:52:
20:d2:36:d9:69:1e:ff:44:86:c2:b2:e0:69:06:34:7a:e0:a9:
72:0b:2c:80:d4:d0:dc:29:54:13:4c:a5:be:2b:d6:d3:37:88:
82:b6:0e:f5:67:e0:e4:38:16:93:47:4c:6f:96:66:d7:2d:0a:
a5:19:3b:3e:ad:77:ca:78:3d:21:8f:12:fe:82:25:24:4a:c1:
c8:0e:ee:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIixFo5AjvZ08BOBlE5CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWFkZTNjMTkxMjc4YjJhYThhZDc2NzQyZWViYmRlZmU3
Mjg1ZTYwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZkYmNiMzNjMjBjY2EzZjBmYTNjNzE1ZDkwMWJlYTBkOTcxYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+MCKwT2eL7BRs+dX74z0Z4X5/Nr
OacZxQcOLoDHnPl4Ort9SF+Zk2b3XeJnfDUVwgN4pcLCi5mClawoOp2fZx8aDINj
A9po9hTHfKVe9PzQKe8oet6WsxAKRPdrYml0mo4KpI14oIWiw63v9tIUkr1mKf1N
PmogcMMoHQtSd/p/LVbbCNEr6U8d3pAdIoEkc0XaSzLWGSFY3TyvrkqFtnRByxgz
F45s784Atu2Uhug5TJVwwnopnDvu6XGC/oD9YUjQ+xX3qf54AjDdGXg7cVspSi01
YtBNp7kPMEA0jg+6KpSjk8EiY5xlvDd2RI0JwS2j57WADkuVhUm8+OgaNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKhtvLM8IMyj8Po8cV2QG+oNlxqlMB8GA1UdIwQY
MBaAFCua3jwZEniyqorXZ0Luu97+coXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMt
Y2MwNTNmNmExZWU2LzEvcUcyOHN6d2d6S1B3LWp4eFhaQWI2ZzJYR3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMtY2MwNTNmNmExZWU2
LzEvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTYcMA0E
AgACMAcDBQMqAkJgMA0GCSqGSIb3DQEBCwUAA4IBAQCTc3jIhGMEGA93zblpwMId
5oyw8vADO3Oh/F/uE8pO8lIGUJvB2OzxGfr6Rahh4n38UtgRdDjgOD/C8b843xBF
7RIQR0U9yjutlxqXH2GG6lViQm1rcVm3lrlpUaY2IXuSrs65B+/KAoXmIWsXt++5
BGgaCXCcROs9ZQip/f0AYsUHEq4clRV9d2OZQ506MHp53ReCWGGFFIIAXKxJ4HpZ
V264M8Gv1LdWdKoeHxy/JcEohlIg0jbZaR7/RIbCsuBpBjR64KlyCyyA1NDcKVQT
TKW+K9bTN4iCtg71Z+DkOBaTR0xvlmbXLQqlGTs+rXfKeD0hjxL+giUkSsHIDu6G
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:45:21 2025 by rpki-client