Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/9lF4Wddkx_RwPlb5HR8sz7VHAqw.roa
File: 9lF4Wddkx_RwPlb5HR8sz7VHAqw.roa (raw, json)
Hash identifier: Hn4j3J9eHkRE5z1tLuZOLQRVHX7ZllrYe5IpQOpZT5Q=
Subject key identifier: F6:51:78:59:D7:64:C7:F4:70:3E:56:F9:1D:1F:2C:CF:B5:47:02:AC
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 019424B3B2DD1E4C46014880328A36577A0F
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/9lF4Wddkx_RwPlb5HR8sz7VHAqw.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207604
IP address blocks: 185.119.88.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
185.119.90.0/24 maxlen: 24
185.119.91.0/24 maxlen: 24
185.241.212.0/24 maxlen: 24
185.241.214.0/24 maxlen: 24
2a0c:bf80:5a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b2:dd:1e:4c:46:01:48:80:32:8a:36:57:7a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6517859d764c7f4703e56f91d1f2ccfb54702ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5c:bc:d7:7a:54:2e:df:24:2f:8e:b0:49:7f:
8c:3d:bd:82:6d:80:4c:73:84:e4:79:14:cd:72:d5:
2c:31:99:d9:6d:35:0e:bd:4a:08:b7:78:8d:8a:a7:
bb:73:e0:b0:38:62:92:e9:f1:ef:18:e3:ba:67:c9:
9c:e4:89:c7:ac:ea:0a:3d:5f:f5:c3:84:01:9a:52:
7c:96:75:49:ce:04:ea:31:36:88:b1:58:c4:d8:30:
75:59:bb:ff:91:6d:97:df:d9:da:2d:5e:28:26:a3:
c5:12:24:b4:36:d8:82:f9:5f:17:5f:18:f8:0d:5b:
bb:fa:97:1b:0c:59:ca:84:e8:b6:d5:3b:21:2d:75:
34:2e:f2:81:3d:b1:b4:9f:ae:63:82:47:74:9a:28:
d3:14:15:7e:86:70:d4:8b:5a:3e:e5:37:62:e5:44:
d0:c2:8b:2c:69:2f:93:50:50:4b:8c:19:db:4b:1a:
a6:6a:cc:eb:44:69:04:d6:46:bd:fd:75:c8:b4:b0:
9c:e6:ec:37:06:a7:81:98:58:0a:9f:d1:66:85:b2:
c5:16:db:e5:59:f9:b8:5e:e4:4c:17:77:33:e4:24:
76:7b:b7:d4:88:fc:70:15:09:a9:1b:98:be:b5:a8:
ea:f7:f7:27:19:80:c2:d5:61:82:de:5b:c7:59:73:
60:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:51:78:59:D7:64:C7:F4:70:3E:56:F9:1D:1F:2C:CF:B5:47:02:AC
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/9lF4Wddkx_RwPlb5HR8sz7VHAqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.88.0/22
185.241.212.0/24
185.241.214.0/24
IPv6:
2a0c:bf80:5a::/48
Signature Algorithm: sha256WithRSAEncryption
28:b0:eb:ed:3e:b4:e1:43:3e:34:61:2e:d8:9d:50:c4:53:0e:
70:78:37:67:9d:bf:e1:d9:cf:03:b0:40:24:c3:c2:e7:4a:1e:
d4:2f:6d:1a:f4:b0:72:69:f5:c5:0e:e7:25:f5:bf:d8:2b:2a:
00:7e:1d:c2:30:c6:a3:ea:a4:07:40:99:2b:a4:a7:52:81:a8:
36:76:d9:ed:13:b1:b0:10:ba:f0:2b:72:cf:f8:ac:2f:10:38:
6c:ef:c5:4d:04:9a:1a:5b:d4:08:ed:80:9c:8f:8a:4e:45:03:
7a:1d:33:47:89:a0:70:2a:81:54:ac:74:3e:a4:04:44:18:63:
7f:41:d3:a7:fe:ff:c0:ce:a0:66:39:6e:da:0a:54:4d:ce:cc:
e8:68:dd:e8:02:7a:e5:41:a7:ab:ba:81:58:42:eb:5a:e0:16:
49:d7:9d:77:87:43:03:e1:a7:cd:13:77:09:87:46:39:8e:38:
ec:65:0a:04:df:40:59:4b:d5:76:63:41:3d:c6:9f:1a:20:da:
77:96:25:78:99:33:36:6c:85:e8:a1:40:f8:b8:4c:73:a9:1d:
dc:61:49:b3:18:d9:93:15:d1:e2:4f:59:db:06:42:b4:bf:fb:
c4:d7:c6:9c:e0:e6:3b:fd:08:11:76:53:74:e2:54:0c:30:c7:
19:c3:67:d6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQks7LdHkxGAUiAMoo2V3oPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUxNzg1OWQ3NjRjN2Y0NzAzZTU2ZjkxZDFmMmNjZmI1NDcwMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1y813pULt8kL46wSX+MPb2CbYBM
c4TkeRTNctUsMZnZbTUOvUoIt3iNiqe7c+CwOGKS6fHvGOO6Z8mc5InHrOoKPV/1
w4QBmlJ8lnVJzgTqMTaIsVjE2DB1Wbv/kW2X39naLV4oJqPFEiS0NtiC+V8XXxj4
DVu7+pcbDFnKhOi21TshLXU0LvKBPbG0n65jgkd0mijTFBV+hnDUi1o+5Tdi5UTQ
wossaS+TUFBLjBnbSxqmaszrRGkE1ka9/XXItLCc5uw3BqeBmFgKn9FmhbLFFtvl
Wfm4XuRMF3cz5CR2e7fUiPxwFQmpG5i+tajq9/cnGYDC1WGC3lvHWXNgAwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPZReFnXZMf0cD5W+R0fLM+1RwKsMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvOWxGNFdkZGt4X1J3UGxiNUhSOHN6N1ZIQXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuXdYAwQA
ufHUAwQAufHWMA8EAgACMAkDBwAqDL+AAFowDQYJKoZIhvcNAQELBQADggEBACiw
6+0+tOFDPjRhLtidUMRTDnB4N2edv+HZzwOwQCTDwudKHtQvbRr0sHJp9cUO5yX1
v9grKgB+HcIwxqPqpAdAmSukp1KBqDZ22e0TsbAQuvArcs/4rC8QOGzvxU0Emhpb
1AjtgJyPik5FA3odM0eJoHAqgVSsdD6kBEQYY39B06f+/8DOoGY5btoKVE3OzOho
3egCeuVBp6u6gVhC61rgFknXnXeHQwPhp80TdwmHRjmOOOxlCgTfQFlL1XZjQT3G
nxog2neWJXiZMzZsheihQPi4THOpHdxhSbMY2ZMV0eJPWdsGQrS/+8TXxpzg5jv9
CBF2U3TiVAwwxxnDZ9Y=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:51:50 2025 by rpki-client