Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2a2164-1656-44cb-9294-0b1dec375554/1/2bqsQsJql_hwoFMeZ0nmgZGmbEw.roa
File: 2bqsQsJql_hwoFMeZ0nmgZGmbEw.roa (raw, json)
Hash identifier: e5rzAihzL4LX4PAPTH0rwfwcZpBTQn6I0oUQG0cd6f8=
Subject key identifier: D9:BA:AC:42:C2:6A:97:F8:70:A0:53:1E:67:49:E6:81:91:A6:6C:4C
Certificate issuer: /CN=75c88b1c41fbeb5dabef743c57acdffc4fa74699
Certificate serial: 0194221FF6019FEE3600A38DAA0E722DC8B2
Authority key identifier: 75:C8:8B:1C:41:FB:EB:5D:AB:EF:74:3C:57:AC:DF:FC:4F:A7:46:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dciLHEH7612r73Q8V6zf_E-nRpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/2a2164-1656-44cb-9294-0b1dec375554/1/2bqsQsJql_hwoFMeZ0nmgZGmbEw.roa
Signing time: Wed 01 Jan 2025 13:48:27 +0000
ROA not before: Wed 01 Jan 2025 13:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211694
IP address blocks: 185.244.237.0/24 maxlen: 24
2a10:a240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f6:01:9f:ee:36:00:a3:8d:aa:0e:72:2d:c8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75c88b1c41fbeb5dabef743c57acdffc4fa74699
Validity
Not Before: Jan 1 13:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9baac42c26a97f870a0531e6749e68191a66c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:83:b7:3d:3c:f4:7a:a8:32:15:13:dc:40:
ae:cc:7a:ce:1e:02:6e:b8:94:54:36:ce:89:a7:a4:
d3:72:28:ba:c5:e1:5e:6f:8a:9e:7c:9f:d7:63:fb:
9f:b0:4c:ba:5c:2b:ef:07:00:e2:98:90:5b:5e:3a:
88:b7:48:fb:03:2c:ba:f4:cc:50:97:23:e3:6a:be:
c5:e2:30:b7:d8:2e:e6:60:c3:59:aa:5f:b1:3c:c0:
29:4a:ca:dd:72:80:c8:ae:65:7d:61:49:fc:1a:af:
33:65:0d:49:c7:ed:49:18:1e:a0:75:c0:60:b0:15:
cb:4f:ae:2b:56:7a:82:f5:58:1d:a5:22:58:d5:99:
df:c7:b2:0c:fd:be:f1:c4:7c:fd:5a:74:dd:4b:0e:
b4:9f:40:86:5c:27:39:8b:67:24:ee:0b:66:45:d6:
a8:ad:ae:02:68:55:53:2f:1a:ce:42:ce:e6:b9:45:
e3:17:96:6b:be:18:65:7a:c2:2c:70:51:48:b7:73:
c0:34:f4:b0:5c:99:5d:51:8f:54:e7:28:c3:3b:87:
fd:04:af:96:83:09:c0:11:b0:e0:54:28:33:11:b0:
2e:06:6f:32:87:d3:ae:c0:e3:1a:17:ba:d9:50:8d:
37:09:bd:fb:8e:ba:dd:0f:5a:4c:12:d4:7b:8e:84:
ff:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BA:AC:42:C2:6A:97:F8:70:A0:53:1E:67:49:E6:81:91:A6:6C:4C
X509v3 Authority Key Identifier:
keyid:75:C8:8B:1C:41:FB:EB:5D:AB:EF:74:3C:57:AC:DF:FC:4F:A7:46:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dciLHEH7612r73Q8V6zf_E-nRpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2a2164-1656-44cb-9294-0b1dec375554/1/2bqsQsJql_hwoFMeZ0nmgZGmbEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2a2164-1656-44cb-9294-0b1dec375554/1/dciLHEH7612r73Q8V6zf_E-nRpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.237.0/24
IPv6:
2a10:a240::/29
Signature Algorithm: sha256WithRSAEncryption
28:1d:fb:e4:04:9c:87:e0:8d:78:9b:e4:3d:ca:c0:77:30:2d:
1a:6b:93:6b:07:98:79:5f:b6:1f:4c:05:1f:c7:8e:e5:98:f2:
f7:3c:0f:05:34:d6:e9:d5:50:c9:a0:35:1c:b8:10:6e:5f:1c:
4e:60:d0:34:e3:7c:f0:7d:68:7f:72:64:d0:92:ab:b1:22:14:
5a:9b:c2:91:9f:fb:be:2b:9a:27:34:e9:f7:54:cd:59:8a:8e:
2e:a3:64:fb:d7:6b:1c:2f:e5:cf:2a:b3:53:30:08:8e:2c:b3:
c3:87:88:48:7c:b3:e4:9b:e8:34:64:b3:41:dd:51:d6:ac:65:
25:92:33:8e:91:b9:0f:20:b8:f8:f9:d6:a8:86:1d:5f:2d:b2:
b5:dd:34:19:d5:01:60:92:d0:b8:03:e4:2e:ac:39:2a:80:66:
75:22:33:07:ea:26:1a:d0:04:8f:a2:e2:f0:51:dc:1b:20:79:
4b:96:9e:51:ed:e2:1d:0e:34:a7:fb:d9:7b:af:be:4b:62:e6:
43:8e:85:45:8c:18:95:b3:7e:ab:09:fa:1b:1d:a7:0c:39:f4:
1a:c3:c7:79:e7:06:77:ea:2a:b7:c2:c0:10:21:89:97:e5:d2:
ac:de:91:1c:c9:91:a7:58:27:c2:24:dc:34:f1:57:a3:7a:4b:
74:43:60:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH/YBn+42AKONqg5yLciyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yzg4YjFjNDFmYmViNWRhYmVmNzQzYzU3YWNkZmZjNGZh
NzQ2OTkwHhcNMjUwMTAxMTM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJhYWM0MmMyNmE5N2Y4NzBhMDUzMWU2NzQ5ZTY4MTkxYTY2YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCuDtz089HqoMhUT3ECuzHrOHgJu
uJRUNs6Jp6TTcii6xeFeb4qefJ/XY/ufsEy6XCvvBwDimJBbXjqIt0j7Ayy69MxQ
lyPjar7F4jC32C7mYMNZql+xPMApSsrdcoDIrmV9YUn8Gq8zZQ1Jx+1JGB6gdcBg
sBXLT64rVnqC9VgdpSJY1Znfx7IM/b7xxHz9WnTdSw60n0CGXCc5i2ck7gtmRdao
ra4CaFVTLxrOQs7muUXjF5ZrvhhlesIscFFIt3PANPSwXJldUY9U5yjDO4f9BK+W
gwnAEbDgVCgzEbAuBm8yh9OuwOMaF7rZUI03Cb37jrrdD1pMEtR7joT/hwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNm6rELCapf4cKBTHmdJ5oGRpmxMMB8GA1UdIwQY
MBaAFHXIixxB++tdq+90PFes3/xPp0aZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGNpTEhFSDc2MTJyNzNROFY2emZfRS1uUnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yYTIxNjQtMTY1Ni00NGNiLTkyOTQt
MGIxZGVjMzc1NTU0LzEvMmJxc1FzSnFsX2h3b0ZNZVowbm1nWkdtYkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yYTIxNjQtMTY1Ni00NGNiLTkyOTQtMGIxZGVjMzc1NTU0
LzEvZGNpTEhFSDc2MTJyNzNROFY2emZfRS1uUnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufTtMA0E
AgACMAcDBQMqEKJAMA0GCSqGSIb3DQEBCwUAA4IBAQAoHfvkBJyH4I14m+Q9ysB3
MC0aa5NrB5h5X7YfTAUfx47lmPL3PA8FNNbp1VDJoDUcuBBuXxxOYNA043zwfWh/
cmTQkquxIhRam8KRn/u+K5onNOn3VM1Zio4uo2T712scL+XPKrNTMAiOLLPDh4hI
fLPkm+g0ZLNB3VHWrGUlkjOOkbkPILj4+daohh1fLbK13TQZ1QFgktC4A+QurDkq
gGZ1IjMH6iYa0ASPouLwUdwbIHlLlp5R7eIdDjSn+9l7r75LYuZDjoVFjBiVs36r
CfobHacMOfQaw8d55wZ36iq3wsAQIYmX5dKs3pEcyZGnWCfCJNw08Vejekt0Q2Az
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:10:35 2025 by rpki-client