Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/qM88UnBEO7hJIOXTGn5mpC9drZ4.roa
File: qM88UnBEO7hJIOXTGn5mpC9drZ4.roa (raw, json)
Hash identifier: Zjl7M5YF5NfW5doz7UZ6OWeeqYFMW7XiaZIij5TEofI=
Subject key identifier: A8:CF:3C:52:70:44:3B:B8:49:20:E5:D3:1A:7E:66:A4:2F:5D:AD:9E
Certificate issuer: /CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Certificate serial: 01942444ED6A108483DA2AFAE42698C5A163
Authority key identifier: 07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/qM88UnBEO7hJIOXTGn5mpC9drZ4.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51319
IP address blocks: 178.251.144.0/21 maxlen: 21
185.164.8.0/22 maxlen: 22
2a02:2340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ed:6a:10:84:83:da:2a:fa:e4:26:98:c5:a1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8cf3c5270443bb84920e5d31a7e66a42f5dad9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:aa:c9:13:bd:87:58:4b:4e:bf:b8:ad:c2:
b7:53:c0:21:eb:60:03:59:a4:f6:cd:64:23:74:03:
7a:7c:67:c6:fe:2d:ed:3a:25:08:91:68:09:ff:d6:
ab:e6:81:d0:80:6a:a5:79:3e:78:31:3f:dd:01:36:
02:2a:60:4a:ca:f5:9b:41:93:61:5e:0e:e3:10:b4:
95:d9:42:88:fa:46:cd:cc:f5:11:2f:12:e4:cd:96:
e0:d8:e0:31:50:57:44:31:3d:97:40:2f:cb:fe:2e:
a8:7b:a0:eb:d6:fb:a0:0d:70:34:45:f9:21:cb:1e:
b9:20:36:ea:4a:a0:f0:7a:37:0a:fb:69:7a:23:21:
c4:16:b5:79:fc:fb:7d:b0:36:d9:8e:41:dc:4c:95:
07:df:60:4f:78:10:5a:8f:22:5d:d2:13:b8:72:d0:
7a:23:ef:49:e9:67:a4:0a:ca:c7:f6:15:2f:44:69:
38:3f:6f:d1:2b:bc:ac:4f:ab:6e:fe:a9:75:9d:4c:
ae:eb:ba:46:0e:b1:f5:ee:0b:bd:54:87:f9:df:3f:
27:06:08:2e:0d:99:2e:a8:0e:4f:7a:f6:41:bb:b7:
2e:38:a2:20:63:76:f1:e4:18:ff:50:0f:2e:ab:88:
d1:62:43:47:1b:51:43:5e:8a:1b:fa:90:60:5c:c6:
28:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CF:3C:52:70:44:3B:B8:49:20:E5:D3:1A:7E:66:A4:2F:5D:AD:9E
X509v3 Authority Key Identifier:
keyid:07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/qM88UnBEO7hJIOXTGn5mpC9drZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.144.0/21
185.164.8.0/22
IPv6:
2a02:2340::/32
Signature Algorithm: sha256WithRSAEncryption
cc:cb:74:6a:c3:dc:b8:d7:c6:00:8e:13:a8:89:da:31:fe:be:
90:99:f1:d2:6f:07:7c:e4:57:50:7c:5f:56:a0:24:9c:b2:9f:
3f:fe:33:e5:2e:e2:12:a4:37:85:79:1c:d4:ec:5f:1d:1a:8d:
fd:e4:ba:c2:9b:ff:ec:c4:a9:eb:b9:9a:73:5e:46:5b:74:d3:
6c:de:3e:e9:3c:d1:d4:a0:df:17:3b:ea:e7:bf:5a:1e:b1:33:
a8:7c:0e:9a:13:79:66:d1:47:97:38:fc:f8:5d:a6:d5:c8:e6:
ae:ed:ae:80:1a:f4:85:e6:3b:b7:9a:dd:aa:7f:9a:81:69:f4:
5d:7e:5f:db:23:f9:d0:5d:1e:4c:3b:0b:d4:3e:cc:2a:02:8a:
66:9b:ef:2b:69:20:60:1a:bb:77:ee:00:d4:f5:8b:e0:e6:cb:
11:bd:2e:5a:ea:e6:30:75:e1:a4:4f:dd:04:27:15:20:4d:72:
46:63:c2:52:0b:35:ca:c1:d9:5c:da:53:6e:98:0e:60:19:a5:
db:6d:ee:68:f9:b5:2b:52:39:22:76:6e:91:89:ee:4a:ef:55:
70:07:c5:92:24:15:9d:bc:15:df:56:30:cd:bb:2d:54:a9:06:
00:0b:04:1a:4a:b5:df:6e:e0:bd:a7:b6:b0:54:46:a7:8b:94:
24:1a:db:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRO1qEISD2ir65CaYxaFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGEwM2M5YzgyNjg1YWU2ZDZiM2QyMWQ2ODRiYmNmNDY4
YmY3NWIwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNmM2M1MjcwNDQzYmI4NDkyMGU1ZDMxYTdlNjZhNDJmNWRhZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhSqyRO9h1hLTr+4rcK3U8Ah62AD
WaT2zWQjdAN6fGfG/i3tOiUIkWgJ/9ar5oHQgGqleT54MT/dATYCKmBKyvWbQZNh
Xg7jELSV2UKI+kbNzPURLxLkzZbg2OAxUFdEMT2XQC/L/i6oe6Dr1vugDXA0Rfkh
yx65IDbqSqDwejcK+2l6IyHEFrV5/Pt9sDbZjkHcTJUH32BPeBBajyJd0hO4ctB6
I+9J6WekCsrH9hUvRGk4P2/RK7ysT6tu/ql1nUyu67pGDrH17gu9VIf53z8nBggu
DZkuqA5PevZBu7cuOKIgY3bx5Bj/UA8uq4jRYkNHG1FDXoob+pBgXMYojQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKjPPFJwRDu4SSDl0xp+ZqQvXa2eMB8GA1UdIwQY
MBaAFAfaA8nIJoWubWs9IdaEu89Gi/dbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2It
YWEwMWRjZDNkZmE3LzEvcU04OFVuQkVPN2hKSU9YVEduNW1wQzlkclo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2ItYWEwMWRjZDNkZmE3
LzEvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvuQAwQC
uaQIMA0EAgACMAcDBQAqAiNAMA0GCSqGSIb3DQEBCwUAA4IBAQDMy3Rqw9y418YA
jhOoidox/r6QmfHSbwd85FdQfF9WoCScsp8//jPlLuISpDeFeRzU7F8dGo395LrC
m//sxKnruZpzXkZbdNNs3j7pPNHUoN8XO+rnv1oesTOofA6aE3lm0UeXOPz4XabV
yOau7a6AGvSF5ju3mt2qf5qBafRdfl/bI/nQXR5MOwvUPswqAopmm+8raSBgGrt3
7gDU9Yvg5ssRvS5a6uYwdeGkT90EJxUgTXJGY8JSCzXKwdlc2lNumA5gGaXbbe5o
+bUrUjkidm6Rie5K71VwB8WSJBWdvBXfVjDNuy1UqQYACwQaSrXfbuC9p7awVEan
i5QkGtsU
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:39:32 2025 by rpki-client