Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/9vSYuCdAG_e0E6RGGzb6agTE0BM.roa
File: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (raw, json)
Hash identifier: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=
Subject key identifier: F6:F4:98:B8:27:40:1B:F7:B4:13:A4:46:1B:36:FA:6A:04:C4:D0:13
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 01941FFA79E7D6C6E5E4C2CED09088A96856
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/9vSYuCdAG_e0E6RGGzb6agTE0BM.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201020
IP address blocks: 185.204.224.0/24 maxlen: 24
185.204.225.0/24 maxlen: 24
185.204.226.0/24 maxlen: 24
185.204.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:79:e7:d6:c6:e5:e4:c2:ce:d0:90:88:a9:68:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6f498b827401bf7b413a4461b36fa6a04c4d013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4f:9d:cf:7f:9c:3b:39:23:8c:a5:dd:87:c1:
08:c3:d5:1a:a9:d3:b4:16:df:d1:4c:69:ed:57:f4:
58:f9:29:af:94:01:e5:12:1e:bd:b6:5b:06:5d:88:
27:3f:ed:95:5b:31:c3:23:ba:05:02:8a:4c:76:5f:
34:9f:40:cb:de:9d:41:f1:22:3d:42:db:21:ad:2b:
b9:2b:b6:ef:f4:4f:a1:d3:87:e1:97:0f:e1:97:44:
b9:40:6b:67:92:1f:ce:14:d2:d5:2d:60:2a:5c:a9:
8e:3b:2e:b3:59:19:9d:af:a0:f9:17:be:91:aa:6e:
df:f7:84:5d:a3:aa:63:26:44:10:46:8a:df:c7:99:
9f:8b:5f:41:0a:b0:a0:77:06:1e:29:60:b1:e2:a2:
ce:ac:b5:18:2b:e6:bc:41:7a:9f:80:40:98:42:5b:
ae:d7:66:af:c6:df:fb:d6:f5:8b:9c:86:25:93:0c:
ff:8b:fd:6c:6f:02:db:5a:a7:70:ff:0c:03:db:dd:
49:4d:ac:4d:71:26:4c:35:2b:a8:41:9e:c9:59:23:
69:89:a1:df:db:ea:ff:61:96:a5:47:e1:3a:22:67:
32:49:06:1a:25:f9:47:93:fd:2c:d0:28:57:e5:95:
fb:2d:cd:9b:99:a6:8d:3d:f4:e8:fe:b6:39:af:a6:
34:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F4:98:B8:27:40:1B:F7:B4:13:A4:46:1B:36:FA:6A:04:C4:D0:13
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/9vSYuCdAG_e0E6RGGzb6agTE0BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.224.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:55:2f:30:fa:2e:3b:37:0f:5e:48:2d:6c:46:cc:4f:7b:de:
f3:bd:a3:3b:a0:33:72:e9:23:60:dc:d3:af:29:f8:e9:18:24:
64:12:b7:5c:aa:99:a1:c2:09:02:94:de:40:21:cc:41:17:aa:
85:50:e6:af:ba:22:fd:eb:53:26:34:d9:a9:0f:e8:e4:e7:77:
9a:be:97:a9:de:3c:00:6e:fa:7a:01:0a:b9:6b:d3:97:3d:55:
b0:a7:fe:c0:10:dd:48:5d:e6:a6:77:41:57:bb:4a:45:c0:04:
ef:e4:f6:4f:19:37:b0:c6:62:5b:62:23:15:82:07:57:38:83:
40:b7:da:fb:aa:57:91:2a:be:7a:7e:60:4b:aa:a7:7b:af:c4:
6f:e7:3c:81:b0:ba:d2:e6:e6:99:2d:d8:4b:67:f9:95:41:38:
8a:4b:9a:80:f8:89:19:2a:d7:d6:c2:7a:32:6e:3e:66:39:29:
c0:a5:67:32:c8:7c:a9:fd:91:d4:61:08:ae:04:94:55:2a:83:
4c:df:92:78:00:c5:66:a1:ef:e5:d6:25:dc:f5:54:83:13:d3:
74:27:8c:9d:30:aa:25:71:24:3f:d7:e3:16:c4:8d:8f:1e:a8:
d4:be:8c:e1:b4:52:02:ae:04:05:01:5f:63:34:9e:e0:14:88:
b1:0c:04:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nnn1sbl5MLO0JCIqWhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY0OThiODI3NDAxYmY3YjQxM2E0NDYxYjM2ZmE2YTA0YzRkMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0+dz3+cOzkjjKXdh8EIw9UaqdO0
Ft/RTGntV/RY+SmvlAHlEh69tlsGXYgnP+2VWzHDI7oFAopMdl80n0DL3p1B8SI9
QtshrSu5K7bv9E+h04fhlw/hl0S5QGtnkh/OFNLVLWAqXKmOOy6zWRmdr6D5F76R
qm7f94Rdo6pjJkQQRorfx5mfi19BCrCgdwYeKWCx4qLOrLUYK+a8QXqfgECYQluu
12avxt/71vWLnIYlkwz/i/1sbwLbWqdw/wwD291JTaxNcSZMNSuoQZ7JWSNpiaHf
2+r/YZalR+E6ImcySQYaJflHk/0s0ChX5ZX7Lc2bmaaNPfTo/rY5r6Y03QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPb0mLgnQBv3tBOkRhs2+moExNATMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvOXZTWXVDZEFHX2UwRTZSR0d6YjZhZ1RFMEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuczgMA0G
CSqGSIb3DQEBCwUAA4IBAQC/VS8w+i47Nw9eSC1sRsxPe97zvaM7oDNy6SNg3NOv
KfjpGCRkErdcqpmhwgkClN5AIcxBF6qFUOavuiL961MmNNmpD+jk53eavpep3jwA
bvp6AQq5a9OXPVWwp/7AEN1IXeamd0FXu0pFwATv5PZPGTewxmJbYiMVggdXOINA
t9r7qleRKr56fmBLqqd7r8Rv5zyBsLrS5uaZLdhLZ/mVQTiKS5qA+IkZKtfWwnoy
bj5mOSnApWcyyHyp/ZHUYQiuBJRVKoNM35J4AMVmoe/l1iXc9VSDE9N0J4ydMKol
cSQ/1+MWxI2PHqjUvozhtFICrgQFAV9jNJ7gFIixDAQU
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:34:27 2025 by rpki-client