Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/jNyaGdXh72CU4r0BXdX9NFKAwCI.roa
File: jNyaGdXh72CU4r0BXdX9NFKAwCI.roa (raw, json)
Hash identifier: KWU48qyL5wzO3wv8boVqiKFZ7+HfPReZF5Tc1JfbGeU=
Subject key identifier: 8C:DC:9A:19:D5:E1:EF:60:94:E2:BD:01:5D:D5:FD:34:52:80:C0:22
Certificate issuer: /CN=76a372b754e49208d646aa7859e348b475e526d2
Certificate serial: 01942520B9B191F008E3CCB766DD8294FC65
Authority key identifier: 76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/jNyaGdXh72CU4r0BXdX9NFKAwCI.roa
Signing time: Thu 02 Jan 2025 03:48:09 +0000
ROA not before: Thu 02 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31549
IP address blocks: 185.211.84.0/24 maxlen: 24
185.211.85.0/24 maxlen: 24
185.211.86.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:b9:b1:91:f0:08:e3:cc:b7:66:dd:82:94:fc:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a372b754e49208d646aa7859e348b475e526d2
Validity
Not Before: Jan 2 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cdc9a19d5e1ef6094e2bd015dd5fd345280c022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:a6:ab:f3:53:64:87:a3:ef:18:24:74:04:
ed:c7:38:77:f0:f8:44:8c:ba:30:93:20:ce:41:9b:
58:10:ff:da:b3:ab:89:11:7b:ca:50:3e:4b:2b:f2:
18:66:ac:9e:dd:15:29:f9:59:34:0e:56:40:17:b8:
a7:4f:48:fb:b9:1a:1a:c7:e6:c6:f9:e7:a8:ab:29:
a8:d0:77:76:c0:6b:7c:23:60:4e:2e:0a:53:b2:e9:
69:b2:7e:87:c7:98:4b:7f:0f:b3:c7:4b:11:07:e5:
08:52:b0:10:99:0d:11:94:4b:20:60:3f:4f:ad:fd:
c0:27:be:25:3b:ad:69:4d:9d:19:32:52:77:b5:ef:
5f:64:e2:13:ab:b6:46:48:14:63:a1:d7:98:52:8a:
34:07:05:13:5e:e2:d9:6e:99:36:65:a5:f9:86:7e:
14:0a:1b:8c:70:b7:7a:61:0d:b8:2f:e8:f0:77:9f:
f3:66:17:d1:3e:cd:d4:ea:fb:e2:0a:bf:1f:63:37:
ce:e0:e0:93:d3:53:c0:3d:6b:69:bf:09:f7:85:63:
dd:1e:c2:a4:48:7c:c7:24:e1:94:39:4a:7b:45:c4:
de:1b:2a:47:b2:c0:57:65:21:ca:fc:8e:2d:c6:74:
38:f7:43:dc:c6:c1:d8:28:27:b1:ab:b1:c6:49:ce:
90:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DC:9A:19:D5:E1:EF:60:94:E2:BD:01:5D:D5:FD:34:52:80:C0:22
X509v3 Authority Key Identifier:
keyid:76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/jNyaGdXh72CU4r0BXdX9NFKAwCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/dqNyt1TkkgjWRqp4WeNItHXlJtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.84.0/22
Signature Algorithm: sha256WithRSAEncryption
15:11:6b:25:a2:69:c9:0b:fd:dd:2a:eb:53:b8:e2:40:d2:7c:
41:e5:1f:a0:5f:9a:91:8d:3b:53:e6:c4:8c:37:07:e9:81:ad:
c8:36:cd:bf:de:40:8a:78:96:4c:75:25:8c:0a:36:5f:8f:de:
a4:b3:0e:4d:4e:fa:16:f8:58:26:19:68:d3:71:e3:7b:71:d4:
dc:51:67:12:65:30:3f:6b:08:56:30:46:f1:1d:6a:bc:4c:93:
31:6c:4e:86:6c:71:40:ee:ee:21:67:ab:f1:b3:19:d0:46:9d:
f6:54:e5:d5:00:29:87:e7:f2:03:3b:c7:4f:6a:4d:5f:a9:a4:
bf:8d:42:3c:4a:57:d3:f1:7f:c0:ca:a7:bd:fe:62:26:b4:80:
cc:25:13:a4:7d:fe:41:53:8c:5c:5a:f1:38:56:5f:c3:de:50:
72:af:70:e5:9b:93:31:fc:6a:1e:84:20:4b:0e:1f:6b:a4:83:
68:59:96:94:7d:69:db:7b:01:17:5a:e7:d7:6e:c4:81:b8:81:
62:47:87:c7:65:91:77:a9:c8:b1:64:a3:5e:58:d0:22:6c:f9:
6e:6b:39:12:da:f8:49:49:c1:bb:6e:2e:b1:ab:d8:11:99:3b:
53:24:b9:d8:7e:6b:54:c7:c7:f1:3f:64:37:94:16:db:aa:6e:
43:5e:e1:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlILmxkfAI48y3Zt2ClPxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTM3MmI3NTRlNDkyMDhkNjQ2YWE3ODU5ZTM0OGI0NzVl
NTI2ZDIwHhcNMjUwMTAyMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RjOWExOWQ1ZTFlZjYwOTRlMmJkMDE1ZGQ1ZmQzNDUyODBjMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjmmq/NTZIej7xgkdATtxzh38PhE
jLowkyDOQZtYEP/as6uJEXvKUD5LK/IYZqye3RUp+Vk0DlZAF7inT0j7uRoax+bG
+eeoqymo0Hd2wGt8I2BOLgpTsulpsn6Hx5hLfw+zx0sRB+UIUrAQmQ0RlEsgYD9P
rf3AJ74lO61pTZ0ZMlJ3te9fZOITq7ZGSBRjodeYUoo0BwUTXuLZbpk2ZaX5hn4U
ChuMcLd6YQ24L+jwd5/zZhfRPs3U6vviCr8fYzfO4OCT01PAPWtpvwn3hWPdHsKk
SHzHJOGUOUp7RcTeGypHssBXZSHK/I4txnQ490PcxsHYKCexq7HGSc6QBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIzcmhnV4e9glOK9AV3V/TRSgMAiMB8GA1UdIwQY
MBaAFHajcrdU5JII1kaqeFnjSLR15SbSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTkt
YTk5ZWE5MWNiNWI5LzEvak55YUdkWGg3MkNVNHIwQlhkWDlORktBd0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTktYTk5ZWE5MWNiNWI5
LzEvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAVEWslomnJC/3dKutTuOJA0nxB5R+gX5qRjTtT5sSM
Nwfpga3INs2/3kCKeJZMdSWMCjZfj96ksw5NTvoW+FgmGWjTceN7cdTcUWcSZTA/
awhWMEbxHWq8TJMxbE6GbHFA7u4hZ6vxsxnQRp32VOXVACmH5/IDO8dPak1fqaS/
jUI8SlfT8X/Ayqe9/mImtIDMJROkff5BU4xcWvE4Vl/D3lByr3Dlm5Mx/GoehCBL
Dh9rpINoWZaUfWnbewEXWufXbsSBuIFiR4fHZZF3qcixZKNeWNAibPluazkS2vhJ
ScG7bi6xq9gRmTtTJLnYfmtUx8fxP2Q3lBbbqm5DXuFN
-----END CERTIFICATE-----
Generated at Thu May 1 09:31:27 2025 by rpki-client