Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IoRXomrFNDnoBIF4qoE29SIUorU.roa
File: IoRXomrFNDnoBIF4qoE29SIUorU.roa (raw, json)
Hash identifier: 1sHe1bcx24ru9glaxoxQWRHjWb8ipfsqMRJr8SbCC/s=
Subject key identifier: 22:84:57:A2:6A:C5:34:39:E8:04:81:78:AA:81:36:F5:22:14:A2:B5
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B5FE21894B362444EDF9207E0F42D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IoRXomrFNDnoBIF4qoE29SIUorU.roa
Signing time: Thu 02 Jan 2025 09:49:18 +0000
ROA not before: Thu 02 Jan 2025 09:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197393
IP address blocks: 185.138.68.0/22 maxlen: 24
193.138.152.0/22 maxlen: 22
2a07:bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5f:e2:18:94:b3:62:44:4e:df:92:07:e0:f4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=228457a26ac53439e8048178aa8136f52214a2b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1e:51:a3:19:4e:01:c5:d0:8e:c9:cd:cb:c5:
53:00:7e:5c:6e:1e:d3:65:f9:23:25:66:be:cf:20:
7f:be:a4:35:f5:db:3d:3c:9c:bb:d3:4b:e8:bf:81:
82:34:9a:5a:37:c9:f0:ab:89:df:71:bf:ae:98:db:
d8:0a:76:85:a9:16:b2:b5:51:2a:cb:11:0e:32:f9:
9a:0f:fa:06:8c:e1:6b:6d:8a:dc:ef:58:44:53:e8:
66:96:d3:78:a4:dd:50:92:3f:e1:62:aa:fa:8c:2f:
bf:9c:50:09:d4:a0:68:cb:51:5e:ae:8b:51:0a:9d:
90:1a:5b:d1:03:84:bc:db:9a:b9:f1:77:5a:dd:7a:
98:ad:46:57:de:eb:39:75:91:c6:19:f2:9b:80:fc:
05:b5:01:04:df:11:b6:57:54:f5:2c:03:7f:09:d5:
30:e1:02:a2:c5:48:47:a3:25:76:3c:b0:5e:71:1c:
a6:c2:64:7c:6b:3a:56:90:d0:d1:cb:5f:5d:22:16:
e8:b8:69:de:6f:73:9d:83:73:48:56:1b:4a:56:f9:
4c:1f:d1:11:c7:d8:ce:78:1a:b6:63:a7:a3:d5:34:
83:9a:9d:c7:07:c4:42:a6:ff:52:aa:48:96:47:a1:
8f:4d:fc:33:62:da:f7:b9:1a:14:21:0d:cb:eb:3d:
b1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:84:57:A2:6A:C5:34:39:E8:04:81:78:AA:81:36:F5:22:14:A2:B5
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/IoRXomrFNDnoBIF4qoE29SIUorU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.68.0/22
193.138.152.0/22
IPv6:
2a07:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
20:72:00:a4:2a:9a:30:0f:6c:c1:15:b0:64:b6:10:85:98:3d:
75:57:ec:68:1c:e0:41:c8:a2:d1:74:ff:80:89:84:87:82:b6:
de:04:ad:c1:7d:a4:6a:fa:bc:97:6d:6b:3c:29:84:27:ad:fd:
50:72:fe:e9:07:a3:3c:35:6b:4c:69:b0:3e:fd:d8:f6:6b:92:
62:0b:61:d8:01:f8:8d:38:a6:61:8a:3e:83:71:66:1b:35:46:
9f:a5:76:72:94:f9:d0:bd:34:ba:6a:b4:7e:41:9d:33:fc:e1:
91:99:b6:96:d3:6b:46:f5:43:d5:80:ca:9b:10:fe:6f:8b:f9:
60:38:c7:20:b4:6e:5d:ac:63:be:cf:55:ea:07:96:1c:78:78:
5f:17:ea:db:ac:84:3f:b0:bf:a9:f6:51:34:a3:33:b1:35:9e:
81:dc:db:67:47:cd:24:0c:5d:f5:3e:2d:b7:a3:df:e1:15:fb:
46:55:e7:aa:da:d3:62:e5:5c:67:04:a3:60:99:89:8a:5f:8a:
40:54:21:02:9c:89:42:4a:8e:4d:02:06:8c:21:a1:93:28:31:
0f:b9:35:bb:03:6a:b7:e8:b3:e9:96:be:7c:cb:7c:0e:6c:40:
3a:88:52:b1:79:09:43:fd:53:b8:a9:c9:c6:8b:c8:6d:41:8e:
04:a3:50:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma1/iGJSzYkRO35IH4PQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg0NTdhMjZhYzUzNDM5ZTgwNDgxNzhhYTgxMzZmNTIyMTRhMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h5RoxlOAcXQjsnNy8VTAH5cbh7T
ZfkjJWa+zyB/vqQ19ds9PJy700vov4GCNJpaN8nwq4nfcb+umNvYCnaFqRaytVEq
yxEOMvmaD/oGjOFrbYrc71hEU+hmltN4pN1Qkj/hYqr6jC+/nFAJ1KBoy1FerotR
Cp2QGlvRA4S825q58Xda3XqYrUZX3us5dZHGGfKbgPwFtQEE3xG2V1T1LAN/CdUw
4QKixUhHoyV2PLBecRymwmR8azpWkNDRy19dIhbouGneb3Odg3NIVhtKVvlMH9ER
x9jOeBq2Y6ej1TSDmp3HB8RCpv9SqkiWR6GPTfwzYtr3uRoUIQ3L6z2xewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCKEV6JqxTQ56ASBeKqBNvUiFKK1MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvSW9SWG9tckZORG5vQklGNHFvRTI5U0lVb3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYpEAwQC
wYqYMA0EAgACMAcDBQMqBwvAMA0GCSqGSIb3DQEBCwUAA4IBAQAgcgCkKpowD2zB
FbBkthCFmD11V+xoHOBByKLRdP+AiYSHgrbeBK3BfaRq+ryXbWs8KYQnrf1Qcv7p
B6M8NWtMabA+/dj2a5JiC2HYAfiNOKZhij6DcWYbNUafpXZylPnQvTS6arR+QZ0z
/OGRmbaW02tG9UPVgMqbEP5vi/lgOMcgtG5drGO+z1XqB5YceHhfF+rbrIQ/sL+p
9lE0ozOxNZ6B3NtnR80kDF31Pi23o9/hFftGVeeq2tNi5VxnBKNgmYmKX4pAVCEC
nIlCSo5NAgaMIaGTKDEPuTW7A2q36LPplr58y3wObEA6iFKxeQlD/VO4qcnGi8ht
QY4Eo1Bo
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:29:39 2025 by rpki-client