Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/5140ff-090e-43da-b7c8-59e818c6b71b/1/A4RzpDr3gOL8P149IxhrXzrosA4.roa
File: A4RzpDr3gOL8P149IxhrXzrosA4.roa (raw, json)
Hash identifier: yOCvJbe7MwqK0UFIIbITRG8d1PF4w5162JM6G8QiNYc=
Subject key identifier: 03:84:73:A4:3A:F7:80:E2:FC:3F:5E:3D:23:18:6B:5F:3A:E8:B0:0E
Certificate issuer: /CN=863589feecbe4c4ab444d93864454dbcd7cd0de7
Certificate serial: 0194221FB14E5FD1D58766639C79471B31A0
Authority key identifier: 86:35:89:FE:EC:BE:4C:4A:B4:44:D9:38:64:45:4D:BC:D7:CD:0D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjWJ_uy-TEq0RNk4ZEVNvNfNDec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/5140ff-090e-43da-b7c8-59e818c6b71b/1/A4RzpDr3gOL8P149IxhrXzrosA4.roa
Signing time: Wed 01 Jan 2025 13:48:09 +0000
ROA not before: Wed 01 Jan 2025 13:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9021
IP address blocks: 185.66.124.0/24 maxlen: 24
185.66.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b1:4e:5f:d1:d5:87:66:63:9c:79:47:1b:31:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=863589feecbe4c4ab444d93864454dbcd7cd0de7
Validity
Not Before: Jan 1 13:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=038473a43af780e2fc3f5e3d23186b5f3ae8b00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2c:af:ea:23:b8:d1:9d:a0:09:cc:cd:ff:e8:
aa:b7:5e:1c:e1:3d:46:04:4d:b5:66:b1:be:98:03:
3e:36:71:bc:fd:8c:2b:56:38:3f:f6:a0:9f:7b:61:
20:bd:c7:39:25:67:29:66:5b:3d:2b:99:19:2b:66:
29:d3:7d:2a:63:e6:cd:a7:5e:6b:47:68:25:8f:d9:
0d:7b:51:b8:c5:22:88:f9:ac:16:0e:86:be:80:f2:
b7:4a:4d:0c:86:96:b9:fe:b8:16:16:d7:d9:66:37:
23:dc:69:f2:b8:7f:04:b0:20:c2:b0:e4:bc:26:7d:
00:7e:a9:ad:2d:68:b3:0b:8a:12:ba:26:7a:f9:32:
ea:5c:0f:8a:c0:e3:68:73:27:bf:b6:59:db:d2:91:
df:e5:ec:3b:2a:0b:ea:bb:42:72:d4:1f:52:a8:0a:
87:38:06:96:3b:8f:80:88:e0:fd:6b:94:f3:b0:a8:
bb:61:ca:ab:51:52:c7:ea:04:d8:83:6f:75:40:fc:
8f:16:e5:7f:ea:7e:77:98:9a:ab:20:0f:7e:87:2a:
15:60:c4:90:fd:fd:f8:db:6f:9b:00:7f:a3:ec:de:
d6:3b:2b:71:43:08:46:fe:6a:b1:8f:2a:e1:37:a0:
c9:3f:3a:ac:40:da:75:55:2a:dd:5e:ff:39:16:a6:
1e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:84:73:A4:3A:F7:80:E2:FC:3F:5E:3D:23:18:6B:5F:3A:E8:B0:0E
X509v3 Authority Key Identifier:
keyid:86:35:89:FE:EC:BE:4C:4A:B4:44:D9:38:64:45:4D:BC:D7:CD:0D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjWJ_uy-TEq0RNk4ZEVNvNfNDec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/5140ff-090e-43da-b7c8-59e818c6b71b/1/A4RzpDr3gOL8P149IxhrXzrosA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/5140ff-090e-43da-b7c8-59e818c6b71b/1/hjWJ_uy-TEq0RNk4ZEVNvNfNDec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.124.0/23
Signature Algorithm: sha256WithRSAEncryption
93:05:ee:76:71:25:4e:59:56:6f:8b:72:9e:22:50:f8:be:2d:
4b:1f:8d:e9:bb:aa:ee:43:56:bc:83:b9:7a:40:9d:3e:0d:b0:
e2:ca:da:b0:e2:c1:3b:4b:7e:d8:cc:cb:ed:cf:a3:fb:59:3f:
b2:99:06:8f:75:d1:ae:30:9c:be:51:f5:8a:a0:f7:57:47:6e:
ee:9a:e9:f4:c3:9f:a5:0a:4f:c4:52:cb:4e:29:95:d6:21:32:
2d:84:e7:59:7e:a8:09:2b:17:b5:23:d4:ff:fb:2d:59:06:c3:
8d:c1:d2:9b:09:42:fa:0d:1c:ad:1f:2a:88:7d:75:51:bf:e4:
fa:6e:4f:de:d0:09:98:be:8b:66:77:3a:0d:65:c4:42:64:09:
02:df:30:47:bf:9f:95:47:40:52:0b:49:7d:95:c3:ef:2e:49:
a3:25:23:89:e7:63:8e:aa:47:ee:36:fd:3a:e2:59:7b:1c:cf:
01:eb:08:bc:4a:98:ac:e2:c2:e4:fa:a1:41:76:fe:9c:81:1a:
7b:15:6f:a8:ad:3b:fb:24:4e:a6:15:33:67:d4:a4:39:ec:d3:
54:c7:88:2d:9f:cf:4f:3f:89:b2:d3:f4:33:48:00:31:77:8a:
fd:83:36:19:15:48:41:27:97:6b:4d:29:4a:0d:15:89:2c:96:
7f:dd:c5:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7FOX9HVh2ZjnHlHGzGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzU4OWZlZWNiZTRjNGFiNDQ0ZDkzODY0NDU0ZGJjZDdj
ZDBkZTcwHhcNMjUwMTAxMTM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzg0NzNhNDNhZjc4MGUyZmMzZjVlM2QyMzE4NmI1ZjNhZThiMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCyv6iO40Z2gCczN/+iqt14c4T1G
BE21ZrG+mAM+NnG8/YwrVjg/9qCfe2Egvcc5JWcpZls9K5kZK2Yp030qY+bNp15r
R2glj9kNe1G4xSKI+awWDoa+gPK3Sk0Mhpa5/rgWFtfZZjcj3GnyuH8EsCDCsOS8
Jn0AfqmtLWizC4oSuiZ6+TLqXA+KwONocye/tlnb0pHf5ew7Kgvqu0Jy1B9SqAqH
OAaWO4+AiOD9a5TzsKi7YcqrUVLH6gTYg291QPyPFuV/6n53mJqrIA9+hyoVYMSQ
/f3422+bAH+j7N7WOytxQwhG/mqxjyrhN6DJPzqsQNp1VSrdXv85FqYe6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOEc6Q694Di/D9ePSMYa1866LAOMB8GA1UdIwQY
MBaAFIY1if7svkxKtETZOGRFTbzXzQ3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGpXSl91eS1URXEwUk5rNFpFVk52TmZORGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81MTQwZmYtMDkwZS00M2RhLWI3Yzgt
NTllODE4YzZiNzFiLzEvQTRSenBEcjNnT0w4UDE0OUl4aHJYenJvc0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81MTQwZmYtMDkwZS00M2RhLWI3YzgtNTllODE4YzZiNzFi
LzEvaGpXSl91eS1URXEwUk5rNFpFVk52TmZORGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQCTBe52cSVOWVZvi3KeIlD4vi1LH43pu6ruQ1a8g7l6
QJ0+DbDiytqw4sE7S37YzMvtz6P7WT+ymQaPddGuMJy+UfWKoPdXR27umun0w5+l
Ck/EUstOKZXWITIthOdZfqgJKxe1I9T/+y1ZBsONwdKbCUL6DRytHyqIfXVRv+T6
bk/e0AmYvotmdzoNZcRCZAkC3zBHv5+VR0BSC0l9lcPvLkmjJSOJ52OOqkfuNv06
4ll7HM8B6wi8Spis4sLk+qFBdv6cgRp7FW+orTv7JE6mFTNn1KQ57NNUx4gtn89P
P4my0/QzSAAxd4r9gzYZFUhBJ5drTSlKDRWJLJZ/3cWO
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:22:35 2025 by rpki-client