Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/o1r9uGgWSMkBr8TYtqeKLaE5QOE.roa
File: o1r9uGgWSMkBr8TYtqeKLaE5QOE.roa (raw, json)
Hash identifier: 7RzPsp3uHfpDYCSJda3tVfo5/SCH0Ae2ssPUnQ5pNnU=
Subject key identifier: A3:5A:FD:B8:68:16:48:C9:01:AF:C4:D8:B6:A7:8A:2D:A1:39:40:E1
Certificate issuer: /CN=0747a36d7768a7b30a4eecbb6964c8c237d74401
Certificate serial: 019423D6D7EC9153EB30B530B2043049EF88
Authority key identifier: 07:47:A3:6D:77:68:A7:B3:0A:4E:EC:BB:69:64:C8:C2:37:D7:44:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B0ejbXdop7MKTuy7aWTIwjfXRAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/o1r9uGgWSMkBr8TYtqeKLaE5QOE.roa
Signing time: Wed 01 Jan 2025 21:47:50 +0000
ROA not before: Wed 01 Jan 2025 21:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203676
IP address blocks: 185.126.172.0/22 maxlen: 24
2a06:ca40::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d7:ec:91:53:eb:30:b5:30:b2:04:30:49:ef:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0747a36d7768a7b30a4eecbb6964c8c237d74401
Validity
Not Before: Jan 1 21:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a35afdb8681648c901afc4d8b6a78a2da13940e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c6:88:34:94:c6:d7:18:63:9c:a1:ae:22:b9:
80:dc:7e:4b:ef:f7:c8:77:96:2b:6f:da:e4:71:e7:
60:4d:58:3b:b3:ab:1e:7c:18:c9:ce:a2:75:e7:36:
2b:e0:24:ae:96:b7:d5:a5:0c:ce:3e:9c:e7:fc:14:
cc:bc:ce:ff:45:40:5d:04:98:66:28:bb:0a:a8:98:
7c:27:df:70:92:ac:b7:96:8c:42:fc:75:a7:d6:a9:
b4:41:0a:31:50:4b:ab:08:2c:84:66:18:96:5c:65:
95:03:74:d2:20:57:e4:e6:93:a3:bd:59:3f:98:b5:
50:f5:62:32:2f:f8:a8:9f:2d:0b:04:46:2f:26:9b:
04:f9:cb:72:aa:76:99:5b:7c:00:72:85:89:24:00:
6e:e4:b2:25:4c:2d:84:cc:fe:aa:cc:9b:a0:da:43:
c1:b1:9e:6b:77:ce:8e:73:43:a1:ec:c3:2e:d6:b0:
6c:dc:7e:48:f7:73:0a:5d:e4:9d:99:9f:94:7b:74:
a6:78:92:d8:39:09:3a:6b:a3:88:27:7d:4b:4e:98:
e0:68:76:16:da:c2:66:90:38:d4:ab:1b:90:b0:3b:
17:a0:83:1c:ea:52:40:88:8b:27:b5:d2:20:6c:58:
82:c2:b1:d3:cb:06:1f:05:90:ad:55:31:02:31:88:
7c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:FD:B8:68:16:48:C9:01:AF:C4:D8:B6:A7:8A:2D:A1:39:40:E1
X509v3 Authority Key Identifier:
keyid:07:47:A3:6D:77:68:A7:B3:0A:4E:EC:BB:69:64:C8:C2:37:D7:44:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B0ejbXdop7MKTuy7aWTIwjfXRAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/o1r9uGgWSMkBr8TYtqeKLaE5QOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/B0ejbXdop7MKTuy7aWTIwjfXRAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.172.0/22
IPv6:
2a06:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:8d:c4:9d:d0:2a:4c:6e:d3:0f:74:d9:13:1f:84:e7:3a:2c:
39:e2:ff:16:52:ce:6d:3f:7a:4e:0f:39:8f:6c:5c:fb:dc:0e:
27:8f:d2:82:9f:84:04:1d:5e:0c:94:58:f0:95:5b:c1:f8:fd:
18:0f:10:c7:09:7c:f3:42:6e:a7:b5:bb:50:62:35:4a:11:02:
c4:cc:49:50:76:f3:53:75:f4:b7:2d:b4:ed:90:06:63:ac:22:
be:aa:23:e2:f6:82:20:26:20:69:a0:ce:29:96:46:a5:df:e0:
49:b2:4b:f5:59:f7:55:f0:d5:b5:52:46:ed:8b:fa:1f:f4:ae:
45:57:1b:12:11:2e:63:bd:5a:c8:84:34:4c:b1:fd:c9:44:3e:
3d:32:b9:57:55:9f:a2:d3:f6:b0:9f:0e:c1:4d:ea:ee:3a:80:
cb:19:40:eb:ac:56:a1:85:44:37:da:16:80:b1:32:5b:dd:dd:
95:25:3e:eb:0c:d2:80:bf:11:bb:32:35:c6:a2:a1:5c:10:52:
f2:c5:4b:2c:c7:61:03:d5:ef:c3:cd:3c:ce:9d:ad:da:60:64:
59:6d:0e:aa:71:ab:9f:fc:35:5b:7a:e7:55:6e:5e:9e:c9:02:
35:77:f1:d4:f5:3a:91:c6:99:07:73:7e:5a:cb:64:b0:7b:25:
2b:32:e3:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1tfskVPrMLUwsgQwSe+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NDdhMzZkNzc2OGE3YjMwYTRlZWNiYjY5NjRjOGMyMzdk
NzQ0MDEwHhcNMjUwMTAxMjE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVhZmRiODY4MTY0OGM5MDFhZmM0ZDhiNmE3OGEyZGExMzk0MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3caINJTG1xhjnKGuIrmA3H5L7/fI
d5Yrb9rkcedgTVg7s6sefBjJzqJ15zYr4CSulrfVpQzOPpzn/BTMvM7/RUBdBJhm
KLsKqJh8J99wkqy3loxC/HWn1qm0QQoxUEurCCyEZhiWXGWVA3TSIFfk5pOjvVk/
mLVQ9WIyL/iony0LBEYvJpsE+ctyqnaZW3wAcoWJJABu5LIlTC2EzP6qzJug2kPB
sZ5rd86Oc0Oh7MMu1rBs3H5I93MKXeSdmZ+Ue3SmeJLYOQk6a6OIJ31LTpjgaHYW
2sJmkDjUqxuQsDsXoIMc6lJAiIsntdIgbFiCwrHTywYfBZCtVTECMYh8SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKNa/bhoFkjJAa/E2Lanii2hOUDhMB8GA1UdIwQY
MBaAFAdHo213aKezCk7su2lkyMI310QBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjBlamJYZG9wN01LVHV5N2FXVEl3amZYUkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85ZWFmMWUtYzllYy00NjZkLTgzNzEt
YWFiYWRkMDcxOWJhLzEvbzFyOXVHZ1dTTWtCcjhUWXRxZUtMYUU1UU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85ZWFmMWUtYzllYy00NjZkLTgzNzEtYWFiYWRkMDcxOWJh
LzEvQjBlamJYZG9wN01LVHV5N2FXVEl3amZYUkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX6sMA0E
AgACMAcDBQMqBspAMA0GCSqGSIb3DQEBCwUAA4IBAQBfjcSd0CpMbtMPdNkTH4Tn
Oiw54v8WUs5tP3pODzmPbFz73A4nj9KCn4QEHV4MlFjwlVvB+P0YDxDHCXzzQm6n
tbtQYjVKEQLEzElQdvNTdfS3LbTtkAZjrCK+qiPi9oIgJiBpoM4plkal3+BJskv1
WfdV8NW1Ukbti/of9K5FVxsSES5jvVrIhDRMsf3JRD49MrlXVZ+i0/awnw7BTeru
OoDLGUDrrFahhUQ32haAsTJb3d2VJT7rDNKAvxG7MjXGoqFcEFLyxUssx2ED1e/D
zTzOna3aYGRZbQ6qcauf/DVbeudVbl6eyQI1d/HU9TqRxpkHc35ay2SweyUrMuNZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:45:47 2025 by rpki-client