Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/iFRYVznuoLn764Hzk0y8UncknZI.roa
File: iFRYVznuoLn764Hzk0y8UncknZI.roa (raw, json)
Hash identifier: uIDffq/3bRoUd9ry3L4WiOXaxdw7ef/Tzoj8TcFGzHc=
Subject key identifier: 88:54:58:57:39:EE:A0:B9:FB:EB:81:F3:93:4C:BC:52:77:24:9D:92
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B6321CB832E88E6DB7D0B92FF6B3D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/iFRYVznuoLn764Hzk0y8UncknZI.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202774
IP address blocks: 185.155.32.0/22 maxlen: 22
2a07:9100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:63:21:cb:83:2e:88:e6:db:7d:0b:92:ff:6b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8854585739eea0b9fbeb81f3934cbc5277249d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:06:3e:54:b1:1a:6a:51:95:45:1b:a8:e9:2e:
19:21:2f:f1:85:5c:4e:2a:d4:bd:b8:66:3f:5d:5e:
8b:b1:15:ff:76:f5:4a:3a:fc:0e:e9:e8:98:16:8d:
da:1b:7a:9a:1a:37:8f:c4:45:f7:78:6f:bb:f4:73:
1b:ca:9d:f1:25:b8:2e:b7:3c:37:b1:ca:4a:b4:e2:
78:13:69:cf:5d:98:f8:47:c9:92:4f:20:b7:b5:27:
84:2f:20:9f:14:bd:eb:87:9b:5f:cf:72:3e:84:72:
1d:b4:4d:4c:fd:02:59:8f:29:75:da:fc:44:9a:af:
5a:89:9e:b2:b9:76:c6:1e:03:34:51:70:1b:43:45:
b1:e9:1b:df:4d:31:7c:fe:14:ca:62:15:ed:ff:1b:
df:06:da:e7:5e:4d:68:e3:2d:2f:8b:70:f0:8a:56:
16:b8:cc:5f:66:3f:d1:1e:98:21:f6:ac:6a:94:42:
d6:ec:13:9c:a9:c8:1a:cd:62:18:ac:d6:c2:6b:e2:
24:05:57:fc:88:e0:40:98:a0:39:c9:5a:6a:74:fe:
1e:a9:e6:c9:73:a8:a7:8f:6f:08:65:64:dd:35:8f:
46:2d:b6:1a:4d:f1:e0:66:b9:45:fc:40:a6:ef:74:
6f:ba:6d:69:66:2d:43:06:75:91:b0:11:af:f9:75:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:54:58:57:39:EE:A0:B9:FB:EB:81:F3:93:4C:BC:52:77:24:9D:92
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/iFRYVznuoLn764Hzk0y8UncknZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.32.0/22
IPv6:
2a07:9100::/29
Signature Algorithm: sha256WithRSAEncryption
93:97:09:c0:5e:3f:34:5c:8d:af:15:63:15:75:a3:de:4f:a8:
de:29:0e:95:52:fb:2c:94:cb:37:45:21:69:0a:8a:37:2f:a8:
8b:94:17:fa:b9:4c:b2:65:8b:65:10:76:a7:d8:d7:7e:0a:62:
48:74:d7:3f:91:bf:2e:ca:6d:3e:69:b5:05:1d:56:bf:c1:d6:
d5:cb:fa:ea:a5:38:7d:e4:26:2d:d1:6d:af:75:5a:06:b7:b4:
f7:32:c6:69:27:5d:cb:d9:cd:c2:32:73:c1:d9:5b:12:d4:0f:
5e:75:4c:93:e9:29:53:07:85:45:71:fe:c8:0f:41:39:18:7c:
aa:e4:9c:69:cc:4b:c7:15:f4:7b:d8:04:cc:bb:95:44:e6:04:
5e:bf:cc:44:4b:82:50:74:15:49:b0:78:ae:d4:46:ec:aa:ad:
62:fd:09:78:8b:20:36:2e:12:25:2c:7b:dc:93:93:a0:53:27:
ab:3c:f8:8f:1c:79:f6:cc:34:79:e0:6e:82:58:f0:db:54:af:
7a:c2:bd:8a:33:52:e9:3d:27:22:4a:8e:f8:6c:f6:f1:7e:17:
d0:6e:9d:73:25:e5:e3:af:3e:e9:1c:3b:9f:f7:ba:e4:4c:0d:
ac:fa:5b:34:45:8b:9c:a2:d9:60:66:af:a1:74:cb:62:bf:2f:
dd:3d:4a:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma2Mhy4MuiObbfQuS/2s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU0NTg1NzM5ZWVhMGI5ZmJlYjgxZjM5MzRjYmM1Mjc3MjQ5ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwY+VLEaalGVRRuo6S4ZIS/xhVxO
KtS9uGY/XV6LsRX/dvVKOvwO6eiYFo3aG3qaGjePxEX3eG+79HMbyp3xJbgutzw3
scpKtOJ4E2nPXZj4R8mSTyC3tSeELyCfFL3rh5tfz3I+hHIdtE1M/QJZjyl12vxE
mq9aiZ6yuXbGHgM0UXAbQ0Wx6RvfTTF8/hTKYhXt/xvfBtrnXk1o4y0vi3DwilYW
uMxfZj/RHpgh9qxqlELW7BOcqcgazWIYrNbCa+IkBVf8iOBAmKA5yVpqdP4eqebJ
c6inj28IZWTdNY9GLbYaTfHgZrlF/ECm73Rvum1pZi1DBnWRsBGv+XWxkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIhUWFc57qC5++uB85NMvFJ3JJ2SMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvaUZSWVZ6bnVvTG43NjRIemsweThVbmNrblpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZsgMA0E
AgACMAcDBQMqB5EAMA0GCSqGSIb3DQEBCwUAA4IBAQCTlwnAXj80XI2vFWMVdaPe
T6jeKQ6VUvsslMs3RSFpCoo3L6iLlBf6uUyyZYtlEHan2Nd+CmJIdNc/kb8uym0+
abUFHVa/wdbVy/rqpTh95CYt0W2vdVoGt7T3MsZpJ13L2c3CMnPB2VsS1A9edUyT
6SlTB4VFcf7ID0E5GHyq5JxpzEvHFfR72ATMu5VE5gRev8xES4JQdBVJsHiu1Ebs
qq1i/Ql4iyA2LhIlLHvck5OgUyerPPiPHHn2zDR54G6CWPDbVK96wr2KM1LpPSci
So74bPbxfhfQbp1zJeXjrz7pHDuf97rkTA2s+ls0RYucotlgZq+hdMtivy/dPUoY
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:41:47 2025 by rpki-client