Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/pq2QS5SBDS3pAxrbz1jylBKYb1c.roa
File: pq2QS5SBDS3pAxrbz1jylBKYb1c.roa (raw, json)
Hash identifier: kdt9b8eHxviCcBXo3alD6ToqY7JvOLmYwFiRPu6twu8=
Subject key identifier: A6:AD:90:4B:94:81:0D:2D:E9:03:1A:DB:CF:58:F2:94:12:98:6F:57
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 019423D6E945E0623893AD257E9CE821B38A
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/pq2QS5SBDS3pAxrbz1jylBKYb1c.roa
Signing time: Wed 01 Jan 2025 21:47:54 +0000
ROA not before: Wed 01 Jan 2025 21:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36040
IP address blocks: 176.126.58.0/24 maxlen: 24
185.225.248.0/24 maxlen: 26
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e9:45:e0:62:38:93:ad:25:7e:9c:e8:21:b3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 21:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6ad904b94810d2de9031adbcf58f29412986f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:50:9b:b4:e7:a8:0f:5f:55:9c:e2:ce:48:
74:71:fc:9d:61:c9:e0:5e:6a:72:4f:a2:f4:d8:dc:
8f:58:95:4e:56:a2:ab:45:94:3b:c5:b1:4b:1a:2a:
95:ef:8e:7b:46:b7:82:d7:ef:6e:36:87:85:36:51:
22:77:8b:5b:22:a4:a7:ca:6a:9c:ea:c5:39:66:5c:
41:d2:33:2a:22:35:89:b0:34:8f:b4:4f:bc:ef:7f:
1e:5a:8c:00:a3:f9:d7:89:86:b4:92:56:07:fc:c0:
7b:e9:bb:5a:81:fe:29:08:ab:d3:a8:bc:54:ea:cc:
15:45:0c:0b:b6:01:cb:66:46:84:d6:75:48:fb:97:
d3:32:53:63:30:55:0a:9f:bd:42:51:23:94:6d:18:
c6:5a:0a:f5:3d:96:ac:0d:4b:75:8b:8e:72:da:1d:
45:13:1f:76:98:52:70:67:29:7a:ff:6d:12:f3:f2:
f9:21:72:fb:d7:af:e4:5b:d0:96:ed:ef:89:9a:e8:
93:d9:f7:fe:31:a2:1e:f1:ea:33:c6:a1:a7:92:98:
87:31:2b:89:b1:e5:ca:19:aa:c7:25:62:c8:77:2c:
69:d5:59:9f:4d:18:4d:23:09:f9:58:47:4c:a4:98:
20:5b:90:c9:b3:f0:a1:68:d7:bf:98:db:14:d1:5e:
9c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AD:90:4B:94:81:0D:2D:E9:03:1A:DB:CF:58:F2:94:12:98:6F:57
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/pq2QS5SBDS3pAxrbz1jylBKYb1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.58.0/24
185.225.248.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:55:a3:f7:a5:1e:69:3b:e0:3d:e3:8d:68:da:f5:99:dc:8e:
3b:6b:e8:a7:de:6d:c0:24:39:86:ac:bc:9f:79:ea:94:72:96:
fb:4f:38:4e:82:82:69:08:6d:c2:5a:dc:5e:2d:a5:7f:bb:8c:
b9:ab:45:c8:ba:2c:f0:51:a0:49:41:6a:e1:29:68:16:0c:43:
c0:20:16:f7:c8:71:54:91:96:87:86:90:b0:c4:25:28:68:5c:
a4:c3:ef:ff:55:82:c8:95:09:14:29:10:4c:e9:53:00:a5:41:
23:2f:7b:b8:de:ac:c7:71:f0:55:5f:ac:65:dd:9c:68:12:3d:
b9:e2:ee:9d:54:07:0f:b6:dc:1a:23:83:cb:74:4b:6a:c4:ea:
e4:dd:10:f0:2f:6d:a9:3a:09:b6:92:8b:b4:53:4e:c9:ca:9d:
ee:cb:3a:96:41:9a:ed:b6:d0:2c:12:0e:fe:85:20:02:ca:47:
35:0c:3d:4d:94:9c:0c:f7:a4:e0:9d:96:25:be:86:a6:0b:7f:
b7:f5:4b:21:d1:76:bb:af:7d:39:7d:3e:9a:c1:7e:ce:67:04:
7d:99:0b:b1:0b:28:b1:14:55:29:71:98:aa:3c:84:e0:ef:e2:
b4:62:e8:d9:24:33:65:15:92:c4:ce:5d:d0:ff:a5:ce:d6:d5:
84:d6:23:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1ulF4GI4k60lfpzoIbOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjUwMTAxMjE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFkOTA0Yjk0ODEwZDJkZTkwMzFhZGJjZjU4ZjI5NDEyOTg2ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoipQm7TnqA9fVZzizkh0cfydYcng
XmpyT6L02NyPWJVOVqKrRZQ7xbFLGiqV7457RreC1+9uNoeFNlEid4tbIqSnymqc
6sU5ZlxB0jMqIjWJsDSPtE+8738eWowAo/nXiYa0klYH/MB76btagf4pCKvTqLxU
6swVRQwLtgHLZkaE1nVI+5fTMlNjMFUKn71CUSOUbRjGWgr1PZasDUt1i45y2h1F
Ex92mFJwZyl6/20S8/L5IXL716/kW9CW7e+JmuiT2ff+MaIe8eozxqGnkpiHMSuJ
seXKGarHJWLIdyxp1VmfTRhNIwn5WEdMpJggW5DJs/ChaNe/mNsU0V6ciwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKatkEuUgQ0t6QMa289Y8pQSmG9XMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvcHEyUVM1U0JEUzNwQXhyYnoxanlsQktZYjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH46AwQA
ueH4MA0GCSqGSIb3DQEBCwUAA4IBAQC5VaP3pR5pO+A9441o2vWZ3I47a+in3m3A
JDmGrLyfeeqUcpb7TzhOgoJpCG3CWtxeLaV/u4y5q0XIuizwUaBJQWrhKWgWDEPA
IBb3yHFUkZaHhpCwxCUoaFykw+//VYLIlQkUKRBM6VMApUEjL3u43qzHcfBVX6xl
3ZxoEj254u6dVAcPttwaI4PLdEtqxOrk3RDwL22pOgm2kou0U07Jyp3uyzqWQZrt
ttAsEg7+hSACykc1DD1NlJwM96TgnZYlvoamC3+39Ush0Xa7r305fT6awX7OZwR9
mQuxCyixFFUpcZiqPITg7+K0YujZJDNlFZLEzl3Q/6XO1tWE1iP/
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:25:35 2025 by rpki-client