Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/A9fnzzZSIyyk78DkykeGYg11L2Q.roa
File: A9fnzzZSIyyk78DkykeGYg11L2Q.roa (raw, json)
Hash identifier: jan8f+is44AYa9jG93HTE50pBitsknBS00si8XIMwqI=
Subject key identifier: 03:D7:E7:CF:36:52:23:2C:A4:EF:C0:E4:CA:47:86:62:0D:75:2F:64
Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Certificate serial: 0194244585476EB35F5BD44F0B352199614D
Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/A9fnzzZSIyyk78DkykeGYg11L2Q.roa
Signing time: Wed 01 Jan 2025 23:48:43 +0000
ROA not before: Wed 01 Jan 2025 23:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47264
IP address blocks: 185.4.116.0/22 maxlen: 22
185.4.116.0/24 maxlen: 24
185.4.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:85:47:6e:b3:5f:5b:d4:4f:0b:35:21:99:61:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Validity
Not Before: Jan 1 23:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03d7e7cf3652232ca4efc0e4ca4786620d752f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:33:12:64:55:79:5f:34:9f:68:ca:79:c4:
7d:86:78:81:87:26:28:f8:88:46:25:09:59:17:db:
47:5e:47:d7:1d:a3:ed:77:8c:df:3a:c8:57:6c:ca:
0e:ef:a5:05:9a:4f:47:20:e8:f8:74:73:4f:22:76:
c7:4b:85:64:c9:92:f2:a0:7c:a1:70:45:52:a7:73:
99:71:17:4e:ff:5b:e3:f4:8b:78:c8:08:ca:d3:f2:
4e:e1:fb:fb:13:4e:de:f6:11:64:45:72:6e:09:05:
c9:a2:98:11:32:bb:56:a0:d9:16:a9:2c:58:0a:9e:
ba:13:85:72:e3:d5:7d:d8:38:f6:82:af:3a:12:7f:
99:fe:52:b5:63:77:34:93:ad:f5:96:83:c8:bb:d7:
8a:53:22:5f:40:4f:08:22:41:c2:ae:79:9c:a6:da:
b8:0d:28:c6:a3:b2:96:c2:c3:9b:c7:a7:99:50:0f:
7c:47:7b:f9:7f:66:27:29:f9:92:42:82:23:c3:ce:
0b:8a:a9:62:c3:80:09:c7:00:06:89:5e:df:cf:ba:
11:90:ee:6a:e6:54:56:ac:8d:89:5e:8a:b9:3b:8c:
70:2a:05:13:4a:06:75:a6:23:47:fe:e0:5a:86:66:
f8:20:b9:f6:12:cd:3d:1f:6d:d4:1f:ed:b7:74:46:
a1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D7:E7:CF:36:52:23:2C:A4:EF:C0:E4:CA:47:86:62:0D:75:2F:64
X509v3 Authority Key Identifier:
keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/A9fnzzZSIyyk78DkykeGYg11L2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.116.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:e4:22:0b:51:e5:0c:d7:91:71:ad:20:a9:a3:37:59:3a:ff:
ef:1e:67:94:33:5a:27:cb:89:0d:bf:0b:30:f9:87:38:e6:dd:
40:bf:50:a3:88:22:11:83:2d:0b:89:08:2c:81:40:89:2c:d4:
da:89:4f:0d:7f:b1:e3:f7:fa:bb:6c:66:6f:a9:af:78:5b:ad:
09:9a:59:35:3e:55:07:11:3a:08:1f:7d:f9:31:6b:9d:ff:bf:
07:c6:6b:72:92:f7:99:a6:a7:f3:03:02:f4:cf:57:c6:c7:dc:
a7:56:31:a7:5d:c0:c8:03:d5:3e:c4:1d:ff:1f:ae:b7:fb:d4:
27:64:09:fe:6f:95:6e:d6:69:00:fe:cf:02:8a:b3:85:f9:4b:
49:6c:f3:da:76:c1:05:9d:15:77:d4:84:91:35:58:74:b7:f4:
46:b1:b1:46:a5:26:7b:29:f4:c2:d7:1c:2d:e7:f7:63:e8:ab:
10:c1:a1:cd:a9:de:fd:f6:28:d8:68:51:99:a8:ad:d9:7b:05:
8c:2e:ba:ec:72:7c:e3:ba:d6:c0:f3:72:82:43:a1:2b:92:c1:
03:27:54:3d:77:96:25:52:33:85:f8:2c:ae:32:3b:23:5f:13:
c7:08:9b:b4:38:e9:81:e9:e0:4c:31:9f:99:22:d5:47:0e:1c:
5b:40:94:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYVHbrNfW9RPCzUhmWFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz
N2UyY2QwHhcNMjUwMTAxMjM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q3ZTdjZjM2NTIyMzJjYTRlZmMwZTRjYTQ3ODY2MjBkNzUyZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvIzEmRVeV80n2jKecR9hniBhyYo
+IhGJQlZF9tHXkfXHaPtd4zfOshXbMoO76UFmk9HIOj4dHNPInbHS4VkyZLyoHyh
cEVSp3OZcRdO/1vj9It4yAjK0/JO4fv7E07e9hFkRXJuCQXJopgRMrtWoNkWqSxY
Cp66E4Vy49V92Dj2gq86En+Z/lK1Y3c0k631loPIu9eKUyJfQE8IIkHCrnmcptq4
DSjGo7KWwsObx6eZUA98R3v5f2YnKfmSQoIjw84Liqliw4AJxwAGiV7fz7oRkO5q
5lRWrI2JXoq5O4xwKgUTSgZ1piNH/uBahmb4ILn2Es09H23UH+23dEahOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPX5882UiMspO/A5MpHhmINdS9kMB8GA1UdIwQY
MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt
NjUyOTc1MWIyYjAxLzEvQTlmbnp6WlNJeXlrNzhEa3lrZUdZZzExTDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx
LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G
CSqGSIb3DQEBCwUAA4IBAQCz5CILUeUM15FxrSCpozdZOv/vHmeUM1ony4kNvwsw
+Yc45t1Av1CjiCIRgy0LiQgsgUCJLNTaiU8Nf7Hj9/q7bGZvqa94W60Jmlk1PlUH
EToIH335MWud/78HxmtykveZpqfzAwL0z1fGx9ynVjGnXcDIA9U+xB3/H663+9Qn
ZAn+b5Vu1mkA/s8CirOF+UtJbPPadsEFnRV31ISRNVh0t/RGsbFGpSZ7KfTC1xwt
5/dj6KsQwaHNqd799ijYaFGZqK3ZewWMLrrscnzjutbA83KCQ6ErksEDJ1Q9d5Yl
UjOF+CyuMjsjXxPHCJu0OOmB6eBMMZ+ZItVHDhxbQJS5
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:47:49 2025 by rpki-client