Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/qVBLvcjJBUo_ztgWaR8IZxOj2aQ.roa
File: qVBLvcjJBUo_ztgWaR8IZxOj2aQ.roa (raw, json)
Hash identifier: ujPlqLVXbzhznPv780vHNUch+y0gNvpUjy0jAtS3VIc=
Subject key identifier: A9:50:4B:BD:C8:C9:05:4A:3F:CE:D8:16:69:1F:08:67:13:A3:D9:A4
Certificate issuer: /CN=a2bf6de589801fee3c21dadb7e480fc5c58fce8f
Certificate serial: 203158
Authority key identifier: A2:BF:6D:E5:89:80:1F:EE:3C:21:DA:DB:7E:48:0F:C5:C5:8F:CE:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/or9t5YmAH-48IdrbfkgPxcWPzo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/qVBLvcjJBUo_ztgWaR8IZxOj2aQ.roa
Signing time: Sat 01 Jan 2022 01:56:17 +0000
ROA not before: Sat 01 Jan 2022 01:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49453
IP address blocks: 185.202.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2109784 (0x203158)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2bf6de589801fee3c21dadb7e480fc5c58fce8f
Validity
Not Before: Jan 1 01:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9504bbdc8c9054a3fced816691f086713a3d9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:46:5a:93:71:d6:40:8b:b5:bf:e3:93:fb:
20:48:c8:98:d6:c9:46:17:f6:a9:73:91:39:2c:ee:
d2:90:c8:f1:cb:f8:8c:4b:10:af:38:bd:25:ca:35:
f8:eb:44:c9:96:93:ec:4f:f1:a6:88:88:b6:4c:7a:
2b:24:94:8b:dd:65:d8:1e:81:c2:df:1d:f2:ac:be:
da:9c:e9:75:41:eb:5d:01:05:d7:bb:8b:05:8f:c7:
bb:64:f2:f5:0f:6d:34:4e:0a:c9:b2:0b:11:58:01:
06:a1:75:1c:02:02:9c:f9:df:f2:06:1b:5e:ba:50:
b7:2f:20:44:90:d8:07:b7:87:0b:d4:9c:07:31:f5:
b0:0d:fc:78:6d:66:9d:11:e5:60:f9:87:96:f8:77:
75:54:45:8b:d7:a3:37:4f:fa:2e:40:e1:75:76:16:
3e:0c:12:2f:e1:89:31:05:65:03:84:d0:ac:f3:f1:
2e:84:60:2e:ed:b3:f1:7c:2b:2a:01:a0:1c:8d:a1:
ff:c4:99:a9:0e:a0:eb:dc:90:b6:bc:59:68:ef:26:
c1:d6:0a:a6:ec:4f:70:09:a4:f0:4a:cf:e5:3a:cd:
a4:0b:4a:4a:4d:bc:02:bc:80:4b:12:4a:6a:95:ef:
06:f5:7b:dd:d4:7b:a8:11:de:d3:2c:ad:69:e4:61:
d9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:50:4B:BD:C8:C9:05:4A:3F:CE:D8:16:69:1F:08:67:13:A3:D9:A4
X509v3 Authority Key Identifier:
keyid:A2:BF:6D:E5:89:80:1F:EE:3C:21:DA:DB:7E:48:0F:C5:C5:8F:CE:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/or9t5YmAH-48IdrbfkgPxcWPzo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/qVBLvcjJBUo_ztgWaR8IZxOj2aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/or9t5YmAH-48IdrbfkgPxcWPzo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:01:b7:f9:83:d6:7b:25:a3:19:78:4c:3d:11:8f:84:07:35:
cf:16:f2:42:cb:b4:04:39:8a:25:40:14:3b:51:4a:2b:b3:a4:
a2:08:db:f1:75:45:69:86:22:9b:c2:7a:c4:0a:5c:2d:23:8c:
c6:96:dd:e7:1d:e4:b7:de:1c:f6:e4:18:0d:92:88:d5:e8:16:
40:c2:f8:c4:02:e6:c2:45:c7:05:05:ab:ba:8b:ef:28:35:b3:
97:7f:26:8a:04:aa:3d:22:b5:57:6a:99:13:46:0c:80:d6:10:
d5:23:5e:72:46:1e:4b:97:64:93:3c:fa:83:34:97:20:ee:28:
58:a7:3a:85:fb:b9:0f:78:94:d1:20:eb:c9:6c:d9:07:1b:04:
c0:0a:4f:db:49:0d:df:d0:70:32:71:56:07:27:59:fd:2f:06:
dc:90:6f:1e:49:36:84:01:d7:cf:26:58:7c:b8:52:e2:7f:d2:
c4:77:91:76:37:e6:44:81:d3:64:be:9a:ac:dc:fc:46:c7:f0:
0b:42:b6:d9:ea:11:2b:43:35:e4:21:bb:85:ce:d2:7c:9b:d6:
82:c4:61:47:61:58:1d:04:56:5d:58:4a:3d:6d:2b:d1:28:ee:
2e:8d:0a:f9:17:66:51:c7:82:bc:f3:08:b5:8f:d5:7a:50:27:
8b:59:26:93
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDIDFYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEy
YmY2ZGU1ODk4MDFmZWUzYzIxZGFkYjdlNDgwZmM1YzU4ZmNlOGYwHhcNMjIwMTAx
MDE1NjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOTUwNGJiZGM4Yzkw
NTRhM2ZjZWQ4MTY2OTFmMDg2NzEzYTNkOWE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtr1GWpNx1kCLtb/jk/sgSMiY1slGF/apc5E5LO7SkMjxy/iM
SxCvOL0lyjX460TJlpPsT/GmiIi2THorJJSL3WXYHoHC3x3yrL7anOl1QetdAQXX
u4sFj8e7ZPL1D200TgrJsgsRWAEGoXUcAgKc+d/yBhteulC3LyBEkNgHt4cL1JwH
MfWwDfx4bWadEeVg+YeW+Hd1VEWL16M3T/ouQOF1dhY+DBIv4YkxBWUDhNCs8/Eu
hGAu7bPxfCsqAaAcjaH/xJmpDqDr3JC2vFlo7ybB1gqm7E9wCaTwSs/lOs2kC0pK
TbwCvIBLEkpqle8G9Xvd1HuoEd7TLK1p5GHZ0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKlQS73IyQVKP87YFmkfCGcTo9mkMB8GA1UdIwQYMBaAFKK/beWJgB/uPCHa
235ID8XFj86PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
b3I5dDVZbUFILTQ4SWRyYmZrZ1B4Y1dQem84LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNC8yYmU4N2YtMjgyYy00MTI3LWJmNjgtNTYxNDA3YTgzZTM1LzEv
cVZCTHZjakpCVW9fenRnV2FSOElaeE9qMmFRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8y
YmU4N2YtMjgyYy00MTI3LWJmNjgtNTYxNDA3YTgzZTM1LzEvb3I5dDVZbUFILTQ4
SWRyYmZrZ1B4Y1dQem84LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpsMA0GCSqGSIb3DQEBCwUAA4IB
AQAfAbf5g9Z7JaMZeEw9EY+EBzXPFvJCy7QEOYolQBQ7UUors6SiCNvxdUVphiKb
wnrEClwtI4zGlt3nHeS33hz25BgNkojV6BZAwvjEAubCRccFBau6i+8oNbOXfyaK
BKo9IrVXapkTRgyA1hDVI15yRh5Ll2STPPqDNJcg7ihYpzqF+7kPeJTRIOvJbNkH
GwTACk/bSQ3f0HAycVYHJ1n9LwbckG8eSTaEAdfPJlh8uFLif9LEd5F2N+ZEgdNk
vpqs3PxGx/ALQrbZ6hErQzXkIbuFztJ8m9aCxGFHYVgdBFZdWEo9bSvRKO4ujQr5
F2ZRx4K88wi1j9V6UCeLWSaT
-----END CERTIFICATE-----
Generated at Sun May 11 04:16:14 2025 by rpki-client