Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/9J9PrXmCNB--oR4MRGOzZcKbWlw.roa
File: 9J9PrXmCNB--oR4MRGOzZcKbWlw.roa (raw, json)
Hash identifier: 8ukYcG1/HqvKX0B3kiFSlIN1cfw+XxyIB9UHL+2qKP8=
Subject key identifier: F4:9F:4F:AD:79:82:34:1F:BE:A1:1E:0C:44:63:B3:65:C2:9B:5A:5C
Certificate issuer: /CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Certificate serial: 0194252185FDF075A2BB26C059F16BF957AE
Authority key identifier: 6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/9J9PrXmCNB--oR4MRGOzZcKbWlw.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200697
IP address blocks: 192.166.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:85:fd:f0:75:a2:bb:26:c0:59:f1:6b:f9:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f49f4fad7982341fbea11e0c4463b365c29b5a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:c7:55:a0:98:25:66:8c:c2:fb:6e:d5:e8:
97:0a:c1:1f:66:ed:49:ce:24:c2:ff:11:0a:b5:54:
6a:cd:b8:50:fd:95:bc:16:d8:9d:b1:3e:4f:ee:7b:
1d:cf:41:d6:59:4b:d6:85:8e:00:21:75:97:ae:21:
b6:7b:f2:98:4a:d8:6e:03:86:9d:54:90:23:51:94:
33:70:90:b9:02:5d:45:9e:a9:68:62:05:d5:52:b4:
12:36:04:88:7c:1c:4f:65:dd:45:35:ad:cd:e4:02:
83:a6:73:93:a2:3b:60:4a:dc:c9:4a:1b:d1:fa:13:
f5:5c:40:6b:ec:7d:fb:65:54:35:35:5f:26:a2:f4:
30:f8:9f:47:07:25:9f:29:79:d4:67:1c:7c:8a:44:
95:34:8a:20:64:14:e5:e8:6f:9b:a4:ad:95:1b:5c:
53:e3:d2:88:d6:e7:a9:99:32:f4:d0:0b:9d:93:64:
d7:9a:ab:4d:a7:e8:f0:ed:95:c9:68:13:56:72:7a:
ff:31:be:ab:ed:36:4a:9e:b7:09:02:ae:3a:bf:69:
41:25:e8:98:e9:d8:73:65:64:dd:1a:35:53:35:ff:
3b:35:45:90:0f:02:b8:4e:ac:1b:40:42:ae:12:c5:
63:e3:54:72:22:49:76:e6:85:59:34:8f:26:cb:65:
42:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9F:4F:AD:79:82:34:1F:BE:A1:1E:0C:44:63:B3:65:C2:9B:5A:5C
X509v3 Authority Key Identifier:
keyid:6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/9J9PrXmCNB--oR4MRGOzZcKbWlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/bkCd70qKicqI9XGCxS7W1w-5GXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.37.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:53:8a:bf:99:1e:b3:6d:4e:ef:61:0e:44:08:e6:da:b5:43:
5e:fa:e5:29:c1:99:4a:46:7b:06:d8:a9:ac:b3:b9:1d:04:9d:
cb:34:be:49:84:5d:85:5a:3a:eb:71:60:58:17:79:f3:fd:ff:
c9:65:05:df:47:df:64:9f:94:68:7e:50:1e:62:e0:a8:a1:32:
c2:e4:76:9e:52:70:a8:16:c3:5d:5b:aa:a7:92:84:05:76:d9:
de:65:ca:86:28:bf:76:bd:d4:65:75:ca:9a:e2:5c:b4:4b:1c:
e5:ab:3f:40:70:44:b2:72:32:b6:77:7d:64:cb:05:68:c7:91:
64:22:6b:02:2b:f5:6b:92:8d:46:6c:00:4b:f0:28:0e:db:33:
cf:a3:f2:99:19:3f:7c:83:65:38:a0:23:33:93:62:04:35:05:
64:37:09:cc:3a:25:49:8d:37:6d:6f:75:df:b6:65:a1:ae:6b:
6b:3e:d0:c8:31:f4:18:75:be:a2:a1:13:d1:a0:73:99:c6:6c:
d6:26:ba:82:40:da:c6:cd:2e:79:c2:a6:e5:4e:bb:0c:6b:bb:
1b:2f:89:18:7c:dc:6a:eb:da:49:21:bf:55:0d:37:6e:fc:a6:
42:c8:b8:c9:07:2d:f3:57:39:63:68:42:5f:65:f7:93:e0:05:
e3:ec:46:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYX98HWiuybAWfFr+VeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA5ZGVmNGE4YTg5Y2E4OGY1NzE4MmM1MmVkNmQ3MGZi
OTE5NzYwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDlmNGZhZDc5ODIzNDFmYmVhMTFlMGM0NDYzYjM2NWMyOWI1YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H/HVaCYJWaMwvtu1eiXCsEfZu1J
ziTC/xEKtVRqzbhQ/ZW8FtidsT5P7nsdz0HWWUvWhY4AIXWXriG2e/KYSthuA4ad
VJAjUZQzcJC5Al1FnqloYgXVUrQSNgSIfBxPZd1FNa3N5AKDpnOTojtgStzJShvR
+hP1XEBr7H37ZVQ1NV8movQw+J9HByWfKXnUZxx8ikSVNIogZBTl6G+bpK2VG1xT
49KI1uepmTL00Audk2TXmqtNp+jw7ZXJaBNWcnr/Mb6r7TZKnrcJAq46v2lBJeiY
6dhzZWTdGjVTNf87NUWQDwK4TqwbQEKuEsVj41RyIkl25oVZNI8my2VCbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSfT615gjQfvqEeDERjs2XCm1pcMB8GA1UdIwQY
MBaAFG5Ane9KionKiPVxgsUu1tcPuRl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0Yjgt
N2FjM2NhMWYzNTdkLzEvOUo5UHJYbUNOQi0tb1I0TVJHT3paY0tiV2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0YjgtN2FjM2NhMWYzNTdk
LzEvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKYlMA0G
CSqGSIb3DQEBCwUAA4IBAQAOU4q/mR6zbU7vYQ5ECObatUNe+uUpwZlKRnsG2Kms
s7kdBJ3LNL5JhF2FWjrrcWBYF3nz/f/JZQXfR99kn5RoflAeYuCooTLC5HaeUnCo
FsNdW6qnkoQFdtneZcqGKL92vdRldcqa4ly0Sxzlqz9AcESycjK2d31kywVox5Fk
ImsCK/Vrko1GbABL8CgO2zPPo/KZGT98g2U4oCMzk2IENQVkNwnMOiVJjTdtb3Xf
tmWhrmtrPtDIMfQYdb6ioRPRoHOZxmzWJrqCQNrGzS55wqblTrsMa7sbL4kYfNxq
69pJIb9VDTdu/KZCyLjJBy3zVzljaEJfZfeT4AXj7EY3
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:18:33 2025 by rpki-client