Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/766311-caa4-4399-8b35-fc79af1f6fb3/1/9lKmJj_ZLFv4ptJxTXen7ZoNJWE.roa
File: 9lKmJj_ZLFv4ptJxTXen7ZoNJWE.roa (raw, json)
Hash identifier: 3YWqbiEokG10sGtdS2bUASTdZTS+zMkhvOaBu3Vhrtw=
Subject key identifier: F6:52:A6:26:3F:D9:2C:5B:F8:A6:D2:71:4D:77:A7:ED:9A:0D:25:61
Certificate issuer: /CN=07bca0482d605587eb0e0c851c38e807755f9017
Certificate serial: 019499BD4872D57BB70C5DC5E115D18FE488
Authority key identifier: 07:BC:A0:48:2D:60:55:87:EB:0E:0C:85:1C:38:E8:07:75:5F:90:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B7ygSC1gVYfrDgyFHDjoB3VfkBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/766311-caa4-4399-8b35-fc79af1f6fb3/1/9lKmJj_ZLFv4ptJxTXen7ZoNJWE.roa
Signing time: Fri 24 Jan 2025 19:15:06 +0000
ROA not before: Fri 24 Jan 2025 19:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 185.84.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:bd:48:72:d5:7b:b7:0c:5d:c5:e1:15:d1:8f:e4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07bca0482d605587eb0e0c851c38e807755f9017
Validity
Not Before: Jan 24 19:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f652a6263fd92c5bf8a6d2714d77a7ed9a0d2561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d9:0b:97:e8:36:ec:a2:ea:10:61:98:f4:ff:
d2:3b:c3:90:bf:e6:d5:87:e6:98:84:8c:8e:24:0f:
4a:48:df:23:9e:15:e6:45:c9:7b:7c:51:20:4f:85:
95:54:8d:63:c0:8e:30:2b:c2:ba:5b:5b:c2:a6:d0:
81:56:bf:21:b0:ba:99:d1:9a:71:6a:8f:9b:19:f5:
8b:db:7b:61:d2:d7:4d:24:ae:6a:df:ac:2e:4e:12:
68:60:4f:c9:0a:2f:9c:97:4f:2e:1f:16:3a:87:53:
04:51:16:d6:76:70:6a:d5:42:82:4b:68:ce:d1:a7:
1b:71:57:a1:4f:ad:1f:89:84:9b:39:89:4a:b7:01:
90:09:86:dc:4f:34:27:7b:01:84:2b:b5:c9:59:61:
21:93:bd:92:be:af:5a:ea:c8:dd:51:f6:de:f8:ee:
0f:54:55:fb:82:03:71:38:83:ae:2b:23:31:de:8c:
32:9b:6e:13:7f:de:04:6e:02:0a:20:34:dd:8c:7f:
f8:9a:39:3c:ba:1c:de:a0:7f:76:e8:4a:59:3e:50:
7f:fc:b6:be:df:b5:01:06:b4:30:1b:0b:2b:15:cb:
b5:45:3b:ea:bf:6b:55:2a:53:c5:3b:63:fe:4f:d4:
fb:cb:d7:c3:3a:5f:34:1f:55:ff:3a:a0:65:3e:9e:
70:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:52:A6:26:3F:D9:2C:5B:F8:A6:D2:71:4D:77:A7:ED:9A:0D:25:61
X509v3 Authority Key Identifier:
keyid:07:BC:A0:48:2D:60:55:87:EB:0E:0C:85:1C:38:E8:07:75:5F:90:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B7ygSC1gVYfrDgyFHDjoB3VfkBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/766311-caa4-4399-8b35-fc79af1f6fb3/1/9lKmJj_ZLFv4ptJxTXen7ZoNJWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/766311-caa4-4399-8b35-fc79af1f6fb3/1/B7ygSC1gVYfrDgyFHDjoB3VfkBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5c:dc:6f:02:66:04:6e:03:b5:cd:8e:0c:8d:e1:28:20:e8:
c3:7d:55:c5:db:ca:52:8d:3a:a6:e0:4e:ec:82:27:4e:12:f3:
5d:84:25:e2:d6:29:09:33:2c:d7:fd:b7:50:23:d0:35:ee:5f:
98:3e:07:1d:52:c8:5e:12:d6:c2:1a:6b:26:93:e6:f2:9f:26:
14:67:2a:77:f0:b9:62:35:d9:50:85:a0:0f:7d:af:40:9e:85:
c5:b1:a1:5d:dc:2f:3c:75:b7:fc:98:a5:dc:1b:1e:91:a7:d2:
1d:d9:9a:fa:42:da:5c:e7:75:8d:9d:d6:55:8b:4b:c2:29:ca:
e0:b7:59:91:04:16:f9:0c:94:a9:2a:e9:7b:64:27:36:9b:b6:
f7:f9:0d:06:8d:b4:16:fe:fd:94:0a:b0:95:fd:cd:57:bf:f1:
b7:bf:bd:9f:a2:c0:9b:6d:f1:19:47:4f:51:ef:7e:35:f7:5f:
f1:7d:95:dd:0a:99:b0:82:e1:e4:e7:ce:fe:e2:c4:9c:82:ee:
af:a5:26:41:a0:be:87:44:10:73:41:91:a7:a7:f9:58:f9:bb:
b2:77:41:43:43:dc:83:05:cc:69:9a:e1:a1:4a:fa:2b:3b:b8:
2c:c7:9b:ce:94:da:39:11:c2:82:4b:fb:1a:8c:9e:77:cf:2f:
48:44:05:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSZvUhy1Xu3DF3F4RXRj+SIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YmNhMDQ4MmQ2MDU1ODdlYjBlMGM4NTFjMzhlODA3NzU1
ZjkwMTcwHhcNMjUwMTI0MTkxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUyYTYyNjNmZDkyYzViZjhhNmQyNzE0ZDc3YTdlZDlhMGQyNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdkLl+g27KLqEGGY9P/SO8OQv+bV
h+aYhIyOJA9KSN8jnhXmRcl7fFEgT4WVVI1jwI4wK8K6W1vCptCBVr8hsLqZ0Zpx
ao+bGfWL23th0tdNJK5q36wuThJoYE/JCi+cl08uHxY6h1MEURbWdnBq1UKCS2jO
0acbcVehT60fiYSbOYlKtwGQCYbcTzQnewGEK7XJWWEhk72Svq9a6sjdUfbe+O4P
VFX7ggNxOIOuKyMx3owym24Tf94EbgIKIDTdjH/4mjk8uhzeoH926EpZPlB//La+
37UBBrQwGwsrFcu1RTvqv2tVKlPFO2P+T9T7y9fDOl80H1X/OqBlPp5wyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZSpiY/2Sxb+KbScU13p+2aDSVhMB8GA1UdIwQY
MBaAFAe8oEgtYFWH6w4MhRw46Ad1X5AXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjd5Z1NDMWdWWWZyRGd5RkhEam9CM1Zma0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NjYzMTEtY2FhNC00Mzk5LThiMzUt
ZmM3OWFmMWY2ZmIzLzEvOWxLbUpqX1pMRnY0cHRKeFRYZW43Wm9OSldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NjYzMTEtY2FhNC00Mzk5LThiMzUtZmM3OWFmMWY2ZmIz
LzEvQjd5Z1NDMWdWWWZyRGd5RkhEam9CM1Zma0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVSdMA0G
CSqGSIb3DQEBCwUAA4IBAQAtXNxvAmYEbgO1zY4MjeEoIOjDfVXF28pSjTqm4E7s
gidOEvNdhCXi1ikJMyzX/bdQI9A17l+YPgcdUsheEtbCGmsmk+bynyYUZyp38Lli
NdlQhaAPfa9AnoXFsaFd3C88dbf8mKXcGx6Rp9Id2Zr6Qtpc53WNndZVi0vCKcrg
t1mRBBb5DJSpKul7ZCc2m7b3+Q0GjbQW/v2UCrCV/c1Xv/G3v72fosCbbfEZR09R
734191/xfZXdCpmwguHk587+4sScgu6vpSZBoL6HRBBzQZGnp/lY+buyd0FDQ9yD
BcxpmuGhSvorO7gsx5vOlNo5EcKCS/sajJ53zy9IRAUt
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:05 2025 by rpki-client