Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/r23XkTQdFdKFayUIhFOF4SL6nWc.roa
File: r23XkTQdFdKFayUIhFOF4SL6nWc.roa (raw, json)
Hash identifier: Q5cBXjvEd4FzKMPjAAxINMxDmDD6U9ghS7XqogAQVJM=
Subject key identifier: AF:6D:D7:91:34:1D:15:D2:85:6B:25:08:84:53:85:E1:22:FA:9D:67
Certificate issuer: /CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Certificate serial: 01941F8C72CEA2739192503EF53271177B2B
Authority key identifier: 2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/r23XkTQdFdKFayUIhFOF4SL6nWc.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202008
IP address blocks: 185.53.188.0/22 maxlen: 24
2a02:4060::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:72:ce:a2:73:91:92:50:3e:f5:32:71:17:7b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af6dd791341d15d2856b2508845385e122fa9d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:72:74:63:4a:54:e4:6c:8d:36:6a:49:e5:
98:dd:e2:19:68:93:44:67:02:51:cd:7b:17:c7:19:
10:81:5e:5f:05:7d:ef:ab:a9:53:54:fc:00:9a:09:
d4:2a:98:97:bb:3b:09:b1:1d:a0:87:67:c7:04:47:
a8:c7:44:4b:05:e5:d6:ef:49:59:2e:16:3e:f9:ac:
2c:39:97:36:07:d1:96:79:0e:36:23:f3:79:5e:11:
0f:e7:06:f2:9b:09:9e:18:d7:b8:53:09:3f:98:a2:
47:d3:7d:0f:ba:08:91:6b:60:b9:ef:e7:27:0f:43:
d4:a9:fe:a9:19:fc:56:7d:58:f9:ca:bb:89:80:69:
e2:b5:fc:62:b1:64:79:f3:30:9f:cf:62:1c:85:8c:
8d:0a:67:0b:91:9a:ab:6e:f7:b4:1b:b9:0d:e9:a1:
c4:c0:35:29:36:b5:18:cb:bb:1a:09:73:5d:2b:bb:
e8:cc:55:f7:b1:4d:d1:0b:c4:e5:44:25:b6:3e:f9:
7a:84:14:68:9b:d8:c6:c3:17:47:0b:f7:19:50:9c:
30:be:86:e3:e6:83:3f:30:01:84:67:49:5b:8b:54:
57:68:ab:40:54:d2:d8:a2:ff:94:0c:b4:4e:ac:e8:
a8:f0:cd:dc:94:8e:e1:f6:5f:e6:2f:91:b2:bc:70:
6e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6D:D7:91:34:1D:15:D2:85:6B:25:08:84:53:85:E1:22:FA:9D:67
X509v3 Authority Key Identifier:
keyid:2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/r23XkTQdFdKFayUIhFOF4SL6nWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.188.0/22
IPv6:
2a02:4060::/29
Signature Algorithm: sha256WithRSAEncryption
20:c2:8a:7f:fd:1b:22:0d:ae:bc:92:13:64:d1:c8:34:d0:99:
b9:46:39:4b:09:4f:33:db:26:7f:c1:a9:3f:e3:1e:13:07:34:
35:f3:5a:a3:dc:9c:c9:f4:cc:30:81:01:46:40:1a:45:22:c5:
4a:71:2a:37:20:6c:37:01:41:cd:0d:0d:ed:d7:91:d5:03:58:
3a:48:ce:fd:2f:be:29:86:a2:1c:5b:22:9b:d6:6c:08:4d:a9:
55:35:17:55:5b:d6:78:60:19:00:71:5c:50:6a:00:f5:02:a2:
04:26:bb:d3:25:3f:49:ac:51:83:8b:86:b3:92:46:f9:0f:80:
f7:17:51:5c:a1:b1:11:bf:60:4e:e4:62:f6:84:58:24:fc:49:
9f:e8:9b:9f:0a:5d:49:d7:01:62:2d:20:4d:72:c1:d8:19:fe:
ed:cc:a1:d3:99:1d:4a:66:93:d4:45:d4:30:1d:d7:9b:bc:49:
c3:32:28:3b:8c:db:b1:29:86:45:86:6c:56:17:56:3a:c6:cc:
11:d6:1a:98:3d:7b:6d:a9:83:10:c0:71:40:d8:ed:6c:ec:27:
6d:6e:82:03:55:8c:a8:be:2b:90:11:fc:17:f1:e5:26:2f:c7:
f2:8b:32:9f:2b:7a:46:57:ce:e4:32:3c:f8:93:a0:09:86:0b:
2a:7e:6e:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjHLOonORklA+9TJxF3srMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTgyMDJiNGQwYzVjMTExZDM3NGYxZTk4YjczZGI0OTI0
ZDY0YjEwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZkZDc5MTM0MWQxNWQyODU2YjI1MDg4NDUzODVlMTIyZmE5ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohtydGNKVORsjTZqSeWY3eIZaJNE
ZwJRzXsXxxkQgV5fBX3vq6lTVPwAmgnUKpiXuzsJsR2gh2fHBEeox0RLBeXW70lZ
LhY++awsOZc2B9GWeQ42I/N5XhEP5wbymwmeGNe4Uwk/mKJH030PugiRa2C57+cn
D0PUqf6pGfxWfVj5yruJgGnitfxisWR58zCfz2IchYyNCmcLkZqrbve0G7kN6aHE
wDUpNrUYy7saCXNdK7vozFX3sU3RC8TlRCW2Pvl6hBRom9jGwxdHC/cZUJwwvobj
5oM/MAGEZ0lbi1RXaKtAVNLYov+UDLROrOio8M3clI7h9l/mL5GyvHBuewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK9t15E0HRXShWslCIRTheEi+p1nMB8GA1UdIwQY
MBaAFCqoICtNDFwRHTdPHpi3PbSSTWSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEt
NmU3YmFlNWZmODk4LzEvcjIzWGtUUWRGZEtGYXlVSWhGT0Y0U0w2bldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEtNmU3YmFlNWZmODk4
LzEvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTW8MA0E
AgACMAcDBQMqAkBgMA0GCSqGSIb3DQEBCwUAA4IBAQAgwop//RsiDa68khNk0cg0
0Jm5RjlLCU8z2yZ/wak/4x4TBzQ181qj3JzJ9MwwgQFGQBpFIsVKcSo3IGw3AUHN
DQ3t15HVA1g6SM79L74phqIcWyKb1mwITalVNRdVW9Z4YBkAcVxQagD1AqIEJrvT
JT9JrFGDi4azkkb5D4D3F1FcobERv2BO5GL2hFgk/Emf6JufCl1J1wFiLSBNcsHY
Gf7tzKHTmR1KZpPURdQwHdebvEnDMig7jNuxKYZFhmxWF1Y6xswR1hqYPXttqYMQ
wHFA2O1s7CdtboIDVYyoviuQEfwX8eUmL8fyizKfK3pGV87kMjz4k6AJhgsqfm4i
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:02 2025 by rpki-client