Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7159eb-dd37-44ad-83e2-b26412aeb3ae/1/sK3XQwXTL-mqzvI7V9STOh1mdbY.roa
File: sK3XQwXTL-mqzvI7V9STOh1mdbY.roa (raw, json)
Hash identifier: VWu2Ff9vBiTjacxsepFTzMs84GfrYTJ/rH9rluBzGtU=
Subject key identifier: B0:AD:D7:43:05:D3:2F:E9:AA:CE:F2:3B:57:D4:93:3A:1D:66:75:B6
Certificate issuer: /CN=33d2d885477d0280264e458eb071f45d91691520
Certificate serial: 0194258FBE55E5D267B615E7EC98A627D828
Authority key identifier: 33:D2:D8:85:47:7D:02:80:26:4E:45:8E:B0:71:F4:5D:91:69:15:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M9LYhUd9AoAmTkWOsHH0XZFpFSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7159eb-dd37-44ad-83e2-b26412aeb3ae/1/sK3XQwXTL-mqzvI7V9STOh1mdbY.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9063
IP address blocks: 185.13.28.0/22 maxlen: 22
2a03:9b40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:be:55:e5:d2:67:b6:15:e7:ec:98:a6:27:d8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33d2d885477d0280264e458eb071f45d91691520
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0add74305d32fe9aacef23b57d4933a1d6675b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:71:ea:5f:1d:d5:2b:30:8e:1f:e1:24:80:
fc:dd:42:bc:85:6c:c3:0e:2a:45:8a:4d:ba:3d:eb:
51:ee:71:79:8f:87:2c:62:43:1b:3e:6b:a6:b3:f2:
77:1b:f7:1d:cc:0d:1b:6b:60:b2:bd:72:ca:0b:ef:
c2:99:e1:ec:5e:0f:82:9e:fc:aa:26:c4:8f:70:83:
1a:e5:48:79:72:d8:b8:8d:bf:f7:4d:7f:48:f9:d9:
86:80:5f:3f:16:cd:0e:95:2a:a8:b6:57:d4:9c:44:
f9:ca:f9:13:d6:f5:01:11:1a:de:f5:6a:ff:ca:a6:
2b:be:2b:f9:fa:5d:0d:6f:17:25:b8:d8:4f:61:25:
b9:65:06:b0:16:ec:73:5c:4e:9e:8b:38:c2:60:9a:
cb:e1:f0:3e:b9:b7:33:eb:76:91:7c:25:b4:23:3f:
53:6b:b8:b3:e7:7a:f6:38:1c:d5:40:c6:18:6c:d1:
ea:82:4c:09:b1:c1:89:2a:39:14:f6:9e:ea:d7:07:
14:d7:b4:76:1a:ff:c9:70:63:9e:23:cd:dd:db:1b:
58:50:7e:63:8b:94:fa:9c:b0:d0:ee:ae:b2:2a:11:
86:57:18:85:4c:61:2f:fe:69:7b:7f:4f:20:f4:47:
bf:d4:d0:82:af:c2:03:9f:d2:83:e3:a4:0e:91:33:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AD:D7:43:05:D3:2F:E9:AA:CE:F2:3B:57:D4:93:3A:1D:66:75:B6
X509v3 Authority Key Identifier:
keyid:33:D2:D8:85:47:7D:02:80:26:4E:45:8E:B0:71:F4:5D:91:69:15:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M9LYhUd9AoAmTkWOsHH0XZFpFSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7159eb-dd37-44ad-83e2-b26412aeb3ae/1/sK3XQwXTL-mqzvI7V9STOh1mdbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7159eb-dd37-44ad-83e2-b26412aeb3ae/1/M9LYhUd9AoAmTkWOsHH0XZFpFSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.28.0/22
IPv6:
2a03:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:48:15:ff:43:90:09:a0:59:0f:3f:e3:48:c0:ab:5b:47:c8:
6c:97:2e:04:19:8a:9f:46:cb:10:40:2b:c8:e4:ed:08:8e:30:
04:5b:ad:12:8b:04:95:72:2d:fb:90:a6:b6:57:a4:cd:8d:2c:
67:84:44:e6:72:e4:a3:9b:1b:d1:28:be:59:de:e0:12:76:c0:
3f:37:7a:43:99:ed:bb:5b:33:a7:a7:15:d1:a8:46:55:86:62:
03:32:bf:f2:db:7f:e1:aa:aa:2a:ca:e0:0c:7d:ab:2e:c4:02:
f9:56:68:c2:0b:8a:c3:06:00:b0:26:b1:2d:ae:6e:47:e1:c9:
fd:c7:01:5f:7c:6c:1a:fb:1c:1e:26:f4:66:b7:87:44:b0:de:
14:91:c9:d3:d6:be:28:72:32:1d:c4:55:4e:2a:3a:cf:1b:43:
c9:0c:ae:df:22:87:2d:bb:c8:95:e2:bd:96:da:06:49:62:a4:
30:c3:a5:11:9c:f7:d8:2e:0f:f5:30:73:e3:51:65:50:58:37:
40:11:62:a1:b5:d7:bc:73:ae:46:df:ba:5b:f6:bb:34:2e:35:
67:55:54:28:5d:e4:4c:60:d5:3d:d4:94:26:b4:17:b6:57:0c:
65:58:f1:cb:d7:1b:9f:54:8a:98:2d:a0:14:c3:e2:b9:64:8b:
13:99:1a:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj75V5dJnthXn7JimJ9goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZDJkODg1NDc3ZDAyODAyNjRlNDU4ZWIwNzFmNDVkOTE2
OTE1MjAwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFkZDc0MzA1ZDMyZmU5YWFjZWYyM2I1N2Q0OTMzYTFkNjY3NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcpx6l8d1Sswjh/hJID83UK8hWzD
DipFik26PetR7nF5j4csYkMbPmums/J3G/cdzA0ba2CyvXLKC+/CmeHsXg+Cnvyq
JsSPcIMa5Uh5cti4jb/3TX9I+dmGgF8/Fs0OlSqotlfUnET5yvkT1vUBERre9Wr/
yqYrviv5+l0NbxcluNhPYSW5ZQawFuxzXE6eizjCYJrL4fA+ubcz63aRfCW0Iz9T
a7iz53r2OBzVQMYYbNHqgkwJscGJKjkU9p7q1wcU17R2Gv/JcGOeI83d2xtYUH5j
i5T6nLDQ7q6yKhGGVxiFTGEv/ml7f08g9Ee/1NCCr8IDn9KD46QOkTNjQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCt10MF0y/pqs7yO1fUkzodZnW2MB8GA1UdIwQY
MBaAFDPS2IVHfQKAJk5FjrBx9F2RaRUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTlMWWhVZDlBb0FtVGtXT3NISDBYWkZwRlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83MTU5ZWItZGQzNy00NGFkLTgzZTIt
YjI2NDEyYWViM2FlLzEvc0szWFF3WFRMLW1xenZJN1Y5U1RPaDFtZGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83MTU5ZWItZGQzNy00NGFkLTgzZTItYjI2NDEyYWViM2Fl
LzEvTTlMWWhVZDlBb0FtVGtXT3NISDBYWkZwRlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ0cMA0E
AgACMAcDBQAqA5tAMA0GCSqGSIb3DQEBCwUAA4IBAQANSBX/Q5AJoFkPP+NIwKtb
R8hsly4EGYqfRssQQCvI5O0IjjAEW60SiwSVci37kKa2V6TNjSxnhETmcuSjmxvR
KL5Z3uASdsA/N3pDme27WzOnpxXRqEZVhmIDMr/y23/hqqoqyuAMfasuxAL5VmjC
C4rDBgCwJrEtrm5H4cn9xwFffGwa+xweJvRmt4dEsN4UkcnT1r4ocjIdxFVOKjrP
G0PJDK7fIoctu8iV4r2W2gZJYqQww6URnPfYLg/1MHPjUWVQWDdAEWKhtde8c65G
37pb9rs0LjVnVVQoXeRMYNU91JQmtBe2VwxlWPHL1xufVIqYLaAUw+K5ZIsTmRpA
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:16:27 2025 by rpki-client