Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/QH9tbxKSp0iUql0lb1UYZe-9C60.roa
File: QH9tbxKSp0iUql0lb1UYZe-9C60.roa (raw, json)
Hash identifier: j+EJALijkJNAty5MEqMWdkPqVKhawk2tfizWedc8Uwc=
Subject key identifier: 40:7F:6D:6F:12:92:A7:48:94:AA:5D:25:6F:55:18:65:EF:BD:0B:AD
Certificate issuer: /CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Certificate serial: 019423698F43DA876B188558A6E92A75981E
Authority key identifier: 8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/QH9tbxKSp0iUql0lb1UYZe-9C60.roa
Signing time: Wed 01 Jan 2025 19:48:28 +0000
ROA not before: Wed 01 Jan 2025 19:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212696
IP address blocks: 185.195.128.0/22 maxlen: 24
2a0a:5ac0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8f:43:da:87:6b:18:85:58:a6:e9:2a:75:98:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Validity
Not Before: Jan 1 19:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407f6d6f1292a74894aa5d256f551865efbd0bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f1:ad:7d:e0:b4:03:91:b9:54:f3:a6:c5:bf:
35:dd:90:5c:2c:e1:6f:ed:52:c3:08:4f:aa:3a:a6:
c5:35:8a:60:9f:05:81:c9:d1:33:6c:8a:e8:de:8f:
61:f2:57:d7:62:b9:a0:c6:c9:87:d2:21:04:21:85:
95:c8:9d:91:7b:2f:4c:0a:21:f7:0f:eb:96:d9:bb:
fc:a0:54:75:37:91:b4:d7:43:a3:af:56:c2:9e:97:
29:52:6d:7d:e4:9d:fb:10:93:a9:15:e8:42:2e:67:
c4:c1:d3:7e:94:2e:cb:85:1b:65:bf:0b:4f:f4:e7:
d3:4a:0d:7b:90:95:03:d8:58:cc:3c:4c:04:c9:de:
96:30:28:38:52:b5:13:ed:b1:20:13:55:94:fc:4e:
cf:a9:e3:eb:e5:28:f7:48:9b:d4:5d:ce:a9:11:40:
1e:8c:97:34:7c:d7:74:92:88:14:2d:64:ee:de:0a:
a2:84:4d:a7:21:bb:47:dc:fc:8f:a4:14:12:02:84:
20:d1:5a:6f:86:1a:5b:a4:15:76:53:8d:08:ee:2a:
99:28:5b:5b:1f:be:c1:d4:7b:5b:64:20:05:40:f8:
f3:21:b5:ce:1b:70:23:ee:4a:f3:34:a7:bf:48:e8:
ac:cc:06:43:ac:f7:b6:ee:ce:a6:64:9a:d8:e6:43:
2c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7F:6D:6F:12:92:A7:48:94:AA:5D:25:6F:55:18:65:EF:BD:0B:AD
X509v3 Authority Key Identifier:
keyid:8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/QH9tbxKSp0iUql0lb1UYZe-9C60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/jc5N9oBEmFoXezAy8A_G_iJK2LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.128.0/22
IPv6:
2a0a:5ac0::/32
Signature Algorithm: sha256WithRSAEncryption
51:0d:49:52:77:05:7e:3a:e4:67:32:32:7e:b3:6c:c3:1a:0d:
45:7f:59:b9:02:3f:1b:0e:03:f3:8f:5e:f9:e4:c9:01:4c:f1:
eb:04:07:48:ce:a4:74:6c:ff:f0:f9:7f:db:e2:67:9f:8b:37:
c6:f1:52:71:1c:8d:2c:1b:de:98:ce:01:18:e9:be:9c:ba:1d:
b5:f4:c8:5f:8d:83:b9:e9:34:37:65:e6:8d:96:8e:fa:32:fd:
a1:16:87:0e:87:98:cf:f1:d3:2e:a5:ce:0c:5a:7b:2c:40:49:
a9:2c:cc:d3:2b:03:b3:e5:32:b7:1d:7a:61:cc:ce:af:f1:1d:
7b:54:1d:56:a5:3e:7a:95:03:42:62:99:a8:cb:06:c3:6e:00:
b7:d5:96:fb:69:a5:c9:db:70:a7:7d:68:02:48:f7:6e:f3:e6:
d6:09:1e:e1:e6:57:ef:10:30:a4:1b:4a:1a:10:89:b6:9a:55:
d9:4d:bd:8b:66:94:03:70:72:07:78:e5:94:0a:81:28:e5:03:
b9:02:6b:77:cb:cd:cb:9e:7e:9c:aa:94:bd:c4:f0:47:12:30:
3d:ca:79:9c:c9:9d:f1:4c:7c:f8:9d:b5:7a:c8:c4:2b:a6:6e:
fd:e0:e1:4c:e8:d9:00:5b:7f:f4:0c:51:d9:b7:11:d9:b4:65:
65:fa:7c:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaY9D2odrGIVYpukqdZgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkY2U0ZGY2ODA0NDk4NWExNzdiMzAzMmYwMGZjNmZlMjI0
YWQ4YjMwHhcNMjUwMTAxMTk0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdmNmQ2ZjEyOTJhNzQ4OTRhYTVkMjU2ZjU1MTg2NWVmYmQwYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvGtfeC0A5G5VPOmxb813ZBcLOFv
7VLDCE+qOqbFNYpgnwWBydEzbIro3o9h8lfXYrmgxsmH0iEEIYWVyJ2Rey9MCiH3
D+uW2bv8oFR1N5G010Ojr1bCnpcpUm195J37EJOpFehCLmfEwdN+lC7LhRtlvwtP
9OfTSg17kJUD2FjMPEwEyd6WMCg4UrUT7bEgE1WU/E7PqePr5Sj3SJvUXc6pEUAe
jJc0fNd0kogULWTu3gqihE2nIbtH3PyPpBQSAoQg0VpvhhpbpBV2U40I7iqZKFtb
H77B1HtbZCAFQPjzIbXOG3Aj7krzNKe/SOiszAZDrPe27s6mZJrY5kMszQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEB/bW8SkqdIlKpdJW9VGGXvvQutMB8GA1UdIwQY
MBaAFI3OTfaARJhaF3swMvAPxv4iStizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjkt
MTZiMWQyZWU4OGE2LzEvUUg5dGJ4S1NwMGlVcWwwbGIxVVlaZS05QzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjktMTZiMWQyZWU4OGE2
LzEvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucOAMA0E
AgACMAcDBQAqClrAMA0GCSqGSIb3DQEBCwUAA4IBAQBRDUlSdwV+OuRnMjJ+s2zD
Gg1Ff1m5Aj8bDgPzj1755MkBTPHrBAdIzqR0bP/w+X/b4mefizfG8VJxHI0sG96Y
zgEY6b6cuh219MhfjYO56TQ3ZeaNlo76Mv2hFocOh5jP8dMupc4MWnssQEmpLMzT
KwOz5TK3HXphzM6v8R17VB1WpT56lQNCYpmoywbDbgC31Zb7aaXJ23CnfWgCSPdu
8+bWCR7h5lfvEDCkG0oaEIm2mlXZTb2LZpQDcHIHeOWUCoEo5QO5Amt3y83Lnn6c
qpS9xPBHEjA9ynmcyZ3xTHz4nbV6yMQrpm794OFM6NkAW3/0DFHZtxHZtGVl+nwm
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:02:47 2025 by rpki-client