Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/bre9O2wrDggeCO-gClQtVcXHgMs.roa
File: bre9O2wrDggeCO-gClQtVcXHgMs.roa (raw, json)
Hash identifier: TZRQyZuvSyRj0lGzf2b/FG9R/6ZAoSht1L/fXzqCZUg=
Subject key identifier: 6E:B7:BD:3B:6C:2B:0E:08:1E:08:EF:A0:0A:54:2D:55:C5:C7:80:CB
Certificate issuer: /CN=9d4303a0a999d8118bbc7e96ad38efbb14496ea2
Certificate serial: 019423D71D77825E3539429B6C1C528DB980
Authority key identifier: 9D:43:03:A0:A9:99:D8:11:8B:BC:7E:96:AD:38:EF:BB:14:49:6E:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/bre9O2wrDggeCO-gClQtVcXHgMs.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212401
IP address blocks: 185.209.241.0/24 maxlen: 24
2a10:ee00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1d:77:82:5e:35:39:42:9b:6c:1c:52:8d:b9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4303a0a999d8118bbc7e96ad38efbb14496ea2
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eb7bd3b6c2b0e081e08efa00a542d55c5c780cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:00:d0:ad:a7:d5:02:17:18:80:7b:30:25:dc:
ab:b2:c1:79:77:98:1b:ec:22:28:88:81:d2:a4:47:
9c:e4:0f:9d:c9:ec:9a:c2:29:4d:33:98:5d:0e:39:
6b:54:b1:f9:a8:e3:ae:1b:cb:e1:ac:4b:96:64:8a:
32:f3:80:b2:45:3f:8b:bf:76:cc:31:08:9d:8d:61:
f7:fb:dd:5f:5b:1c:61:0b:c1:cc:4c:74:1c:28:9e:
a2:42:44:f0:dc:a8:0c:17:d6:f7:f5:09:89:a1:f8:
44:08:80:5e:c9:bc:66:43:55:63:38:ec:a6:bf:bd:
54:cd:dd:69:ac:e0:cd:85:0b:1f:c6:9d:e1:0a:76:
d9:23:f2:6e:06:87:2b:58:b9:59:48:09:ac:e4:bc:
90:42:0d:47:85:98:01:26:73:75:b7:d1:1e:c6:73:
a1:e7:fc:b3:a9:45:a4:ab:dc:c7:fd:c6:27:96:69:
5c:a3:76:c7:1d:3a:60:04:a5:1d:e0:15:9d:a1:fc:
55:72:3a:92:b0:77:f8:d3:fc:04:bc:a9:99:5b:a9:
d4:e9:2b:68:18:b2:64:dc:7f:f2:03:30:4a:93:3a:
9d:7e:6b:25:da:01:00:98:6f:44:da:45:87:58:a8:
88:a9:1c:ee:df:06:43:b0:18:aa:16:d2:d9:53:ef:
6e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B7:BD:3B:6C:2B:0E:08:1E:08:EF:A0:0A:54:2D:55:C5:C7:80:CB
X509v3 Authority Key Identifier:
keyid:9D:43:03:A0:A9:99:D8:11:8B:BC:7E:96:AD:38:EF:BB:14:49:6E:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/bre9O2wrDggeCO-gClQtVcXHgMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.241.0/24
IPv6:
2a10:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
43:19:7b:06:74:f8:24:98:c0:3e:6b:b5:72:3a:77:7f:85:03:
de:f1:25:4e:ed:c0:70:91:33:fe:38:09:e8:6a:cd:09:78:d3:
7c:c5:2e:ea:2d:a6:a8:cf:a2:a7:6f:2b:3d:3b:5b:61:03:bf:
88:9b:74:64:8b:a1:91:38:d9:6b:b8:73:5c:d5:f8:19:12:bf:
97:c9:5e:c8:8a:8f:75:ec:41:66:7a:ab:c5:d3:bf:7d:9b:79:
71:be:bc:b3:31:33:2a:d4:27:d2:cd:23:40:ae:48:08:9d:fd:
64:f4:12:f0:7e:f4:77:88:ee:1e:2b:24:26:f7:eb:17:51:b8:
22:a8:cf:f3:ea:c6:66:a7:6a:7b:ff:df:cc:1f:1b:ec:e0:05:
93:c2:81:1b:9d:0a:af:d6:9f:6b:f4:40:c3:74:a7:10:3d:95:
37:f5:8d:b0:4e:97:23:23:45:b5:16:d5:c9:f9:f3:2d:58:1e:
cd:c0:c5:bb:b5:af:bd:0a:9e:d3:c8:e5:99:c6:a3:58:01:20:
39:ab:04:24:c3:96:06:04:96:d1:ac:2e:56:0d:97:fd:41:19:
76:8b:1c:a0:88:d6:69:68:ef:32:90:3c:4f:b0:7e:b2:94:d9:
a3:02:46:4a:de:1e:ba:fd:2e:19:aa:d8:f2:24:12:79:38:c9:
71:a6:3e:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1x13gl41OUKbbBxSjbmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDMwM2EwYTk5OWQ4MTE4YmJjN2U5NmFkMzhlZmJiMTQ0
OTZlYTIwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI3YmQzYjZjMmIwZTA4MWUwOGVmYTAwYTU0MmQ1NWM1Yzc4MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gDQrafVAhcYgHswJdyrssF5d5gb
7CIoiIHSpEec5A+dyeyawilNM5hdDjlrVLH5qOOuG8vhrEuWZIoy84CyRT+Lv3bM
MQidjWH3+91fWxxhC8HMTHQcKJ6iQkTw3KgMF9b39QmJofhECIBeybxmQ1VjOOym
v71Uzd1prODNhQsfxp3hCnbZI/JuBocrWLlZSAms5LyQQg1HhZgBJnN1t9EexnOh
5/yzqUWkq9zH/cYnlmlco3bHHTpgBKUd4BWdofxVcjqSsHf40/wEvKmZW6nU6Sto
GLJk3H/yAzBKkzqdfmsl2gEAmG9E2kWHWKiIqRzu3wZDsBiqFtLZU+9uDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG63vTtsKw4IHgjvoApULVXFx4DLMB8GA1UdIwQY
MBaAFJ1DA6CpmdgRi7x+lq0477sUSW6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVNRG9LbVoyQkdMdkg2V3JUanZ1eFJKYnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iZDllMDItYzQyNC00ZTE0LWFhYjct
Mzk0NjFhYWE1YmU3LzEvYnJlOU8yd3JEZ2dlQ08tZ0NsUXRWY1hIZ01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iZDllMDItYzQyNC00ZTE0LWFhYjctMzk0NjFhYWE1YmU3
LzEvblVNRG9LbVoyQkdMdkg2V3JUanZ1eFJKYnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudHxMA0E
AgACMAcDBQAqEO4AMA0GCSqGSIb3DQEBCwUAA4IBAQBDGXsGdPgkmMA+a7VyOnd/
hQPe8SVO7cBwkTP+OAnoas0JeNN8xS7qLaaoz6Knbys9O1thA7+Im3Rki6GRONlr
uHNc1fgZEr+XyV7Iio917EFmeqvF0799m3lxvryzMTMq1CfSzSNArkgInf1k9BLw
fvR3iO4eKyQm9+sXUbgiqM/z6sZmp2p7/9/MHxvs4AWTwoEbnQqv1p9r9EDDdKcQ
PZU39Y2wTpcjI0W1FtXJ+fMtWB7NwMW7ta+9Cp7TyOWZxqNYASA5qwQkw5YGBJbR
rC5WDZf9QRl2ixygiNZpaO8ykDxPsH6ylNmjAkZK3h66/S4ZqtjyJBJ5OMlxpj57
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:25:38 2025 by rpki-client