Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/9SpuyxwY5s_DY9H2HuXrbxGl_AE.roa
File: 9SpuyxwY5s_DY9H2HuXrbxGl_AE.roa (raw, json)
Hash identifier: 8TyA+krjmjGFWghMXqG0FTTJGiUwEj3FhItOTxb8jEU=
Subject key identifier: F5:2A:6E:CB:1C:18:E6:CF:C3:63:D1:F6:1E:E5:EB:6F:11:A5:FC:01
Certificate issuer: /CN=e91f272b13c750143c7ec87e0c802aead8ac6e07
Certificate serial: 0194221FACDA563D311521F63DFF1E87956B
Authority key identifier: E9:1F:27:2B:13:C7:50:14:3C:7E:C8:7E:0C:80:2A:EA:D8:AC:6E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R8nKxPHUBQ8fsh-DIAq6tisbgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/9SpuyxwY5s_DY9H2HuXrbxGl_AE.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206945
IP address blocks: 185.171.8.0/22 maxlen: 24
185.203.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ac:da:56:3d:31:15:21:f6:3d:ff:1e:87:95:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91f272b13c750143c7ec87e0c802aead8ac6e07
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f52a6ecb1c18e6cfc363d1f61ee5eb6f11a5fc01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fa:96:2a:d1:f7:e7:5f:5b:b7:69:10:2e:6d:
1a:07:04:96:35:31:f6:e4:ff:7b:46:32:9f:42:55:
87:24:6d:96:b2:b0:30:a8:d8:14:59:44:72:2c:5e:
ff:39:f8:f2:e7:1b:a1:58:c9:f9:b7:6d:ea:19:0a:
86:76:13:86:aa:de:8c:2f:de:07:c8:51:d2:1c:38:
aa:cf:f4:a8:fa:77:eb:d2:a0:17:9c:d5:1e:b4:45:
5c:2c:80:ed:4c:c3:80:8f:6e:b0:34:f6:05:f5:3f:
d1:5f:96:2f:83:55:77:3d:5c:31:04:43:2f:13:56:
b1:ad:0a:3c:b7:94:7a:3b:74:e0:45:b7:d8:c1:f6:
4f:b2:f9:0b:76:42:38:9d:6c:e6:0a:fa:92:41:e6:
f5:a2:2a:b5:3d:15:bb:d2:12:35:a1:00:ce:91:76:
56:13:40:48:ee:8c:96:a2:a3:8a:61:c1:8a:ae:90:
c5:53:62:d8:42:a0:6c:61:cb:29:53:43:6b:e3:db:
00:b9:b7:88:c7:69:3b:f5:48:03:61:93:c8:c3:5b:
c5:25:ab:62:23:ee:49:a9:de:79:ef:1f:94:55:e3:
8b:46:cb:68:f1:41:b0:0b:9c:4a:f9:80:21:f8:8d:
b5:3a:6a:1a:51:a9:68:ff:9e:cf:f4:31:51:f2:c9:
0d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2A:6E:CB:1C:18:E6:CF:C3:63:D1:F6:1E:E5:EB:6F:11:A5:FC:01
X509v3 Authority Key Identifier:
keyid:E9:1F:27:2B:13:C7:50:14:3C:7E:C8:7E:0C:80:2A:EA:D8:AC:6E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R8nKxPHUBQ8fsh-DIAq6tisbgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/9SpuyxwY5s_DY9H2HuXrbxGl_AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/6R8nKxPHUBQ8fsh-DIAq6tisbgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.8.0/22
185.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:0f:a1:27:4d:d9:77:80:d9:a0:5f:06:c6:d0:1f:b1:9b:4b:
b0:40:46:78:43:40:ac:7b:97:76:b9:c2:a5:8c:6b:68:f0:8a:
20:e1:e7:46:b6:46:e1:99:a0:91:6c:c1:83:1a:23:a4:6f:f4:
58:be:8d:f2:24:33:ba:24:e2:4c:27:a5:2f:4f:6f:76:a4:cf:
8f:85:2c:94:2f:fd:51:62:a6:f3:cf:5a:18:1d:b9:e9:ec:af:
15:66:9f:26:1e:d1:b3:dc:98:98:1a:8e:1c:a4:68:83:2f:68:
af:1b:51:e5:00:48:4e:16:43:54:52:45:96:bb:d7:ad:a8:06:
4a:d4:e9:24:ab:41:24:93:11:6e:16:a2:4f:24:98:c5:2f:40:
43:d9:00:b7:39:f5:cf:62:d9:78:af:35:ff:f7:4c:71:6c:15:
8b:d4:49:a5:45:3d:a8:e1:78:44:d6:80:ef:b0:67:d6:1a:30:
26:73:7c:68:88:4f:0d:d5:f3:0b:8d:f2:60:49:78:e5:2a:04:
cd:45:e1:61:c6:59:7e:e4:cc:83:1c:97:2b:2c:5d:7f:be:d7:
0a:31:73:74:43:cf:47:f1:2a:ee:7e:56:20:94:a4:d1:ed:1d:
9c:2d:63:2f:bf:16:95:13:bc:a9:04:4b:42:b7:0e:23:3f:1e:
64:99:36:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH6zaVj0xFSH2Pf8eh5VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWYyNzJiMTNjNzUwMTQzYzdlYzg3ZTBjODAyYWVhZDhh
YzZlMDcwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJhNmVjYjFjMThlNmNmYzM2M2QxZjYxZWU1ZWI2ZjExYTVmYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfqWKtH3519bt2kQLm0aBwSWNTH2
5P97RjKfQlWHJG2WsrAwqNgUWURyLF7/Ofjy5xuhWMn5t23qGQqGdhOGqt6ML94H
yFHSHDiqz/So+nfr0qAXnNUetEVcLIDtTMOAj26wNPYF9T/RX5Yvg1V3PVwxBEMv
E1axrQo8t5R6O3TgRbfYwfZPsvkLdkI4nWzmCvqSQeb1oiq1PRW70hI1oQDOkXZW
E0BI7oyWoqOKYcGKrpDFU2LYQqBsYcspU0Nr49sAubeIx2k79UgDYZPIw1vFJati
I+5Jqd557x+UVeOLRsto8UGwC5xK+YAh+I21OmoaUalo/57P9DFR8skNjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPUqbsscGObPw2PR9h7l628RpfwBMB8GA1UdIwQY
MBaAFOkfJysTx1AUPH7IfgyAKurYrG4HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI4bkt4UEhVQlE4ZnNoLURJQXE2dGlzYmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kNjJkMjItODJmMi00YjIwLWJhYzQt
NjAxYTcyNWEwMGY1LzEvOVNwdXl4d1k1c19EWTlIMkh1WHJieEdsX0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kNjJkMjItODJmMi00YjIwLWJhYzQtNjAxYTcyNWEwMGY1
LzEvNlI4bkt4UEhVQlE4ZnNoLURJQXE2dGlzYmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuasIAwQC
ucukMA0GCSqGSIb3DQEBCwUAA4IBAQAvD6EnTdl3gNmgXwbG0B+xm0uwQEZ4Q0Cs
e5d2ucKljGto8Iog4edGtkbhmaCRbMGDGiOkb/RYvo3yJDO6JOJMJ6UvT292pM+P
hSyUL/1RYqbzz1oYHbnp7K8VZp8mHtGz3JiYGo4cpGiDL2ivG1HlAEhOFkNUUkWW
u9etqAZK1Okkq0EkkxFuFqJPJJjFL0BD2QC3OfXPYtl4rzX/90xxbBWL1EmlRT2o
4XhE1oDvsGfWGjAmc3xoiE8N1fMLjfJgSXjlKgTNReFhxll+5MyDHJcrLF1/vtcK
MXN0Q89H8SruflYglKTR7R2cLWMvvxaVE7ypBEtCtw4jPx5kmTYc
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:46:05 2025 by rpki-client