Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/39yFNcs_aiMECPSY8yer3c7rqfs.roa
File: 39yFNcs_aiMECPSY8yer3c7rqfs.roa (raw, json)
Hash identifier: kt8DxoHHJV7b65racNqYI0+ZGEt7nNXcd8uoIQ2X++s=
Subject key identifier: DF:DC:85:35:CB:3F:6A:23:04:08:F4:98:F3:27:AB:DD:CE:EB:A9:FB
Certificate issuer: /CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610
Certificate serial: 019421B191CB033EB0CED2F386F64BAEB303
Authority key identifier: 1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/39yFNcs_aiMECPSY8yer3c7rqfs.roa
Signing time: Wed 01 Jan 2025 11:47:52 +0000
ROA not before: Wed 01 Jan 2025 11:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 394456
IP address blocks: 185.83.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:91:cb:03:3e:b0:ce:d2:f3:86:f6:4b:ae:b3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610
Validity
Not Before: Jan 1 11:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfdc8535cb3f6a230408f498f327abddceeba9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:cd:fe:05:66:ba:f9:33:bf:43:c3:ad:08:
31:27:4f:1c:e2:5b:81:33:b5:05:11:76:8b:14:4c:
cd:6b:ca:95:33:76:10:d1:08:a6:19:e4:df:1a:eb:
15:f5:7c:1c:23:92:0a:59:9d:ae:f7:34:ce:c2:00:
48:b7:26:16:12:2d:3e:00:c7:05:f5:ad:89:a0:d4:
a5:e6:3f:e9:fb:73:25:c5:91:18:59:8a:24:19:02:
dd:36:c7:6e:f6:d1:80:f7:cc:f5:3f:d1:93:be:e9:
b7:5e:16:76:e1:e8:c0:76:c5:90:20:15:14:ff:19:
10:48:af:2d:4d:70:ec:65:3b:fc:71:48:e8:2f:28:
ab:47:c0:09:4c:f4:3e:19:b1:b9:aa:ff:eb:85:3b:
d4:9d:a5:eb:35:03:54:b9:eb:30:a0:de:cf:8f:32:
a0:a2:43:a4:32:50:e6:49:1c:92:8f:ee:8d:da:1c:
ea:37:86:37:f7:a6:a8:f4:2a:23:bf:0a:82:8b:15:
7a:e3:bf:cd:3a:8f:fa:a3:a3:d5:5c:74:4e:73:f6:
26:3e:19:86:84:3c:ac:3d:09:19:c5:f3:73:0c:5c:
fa:32:22:ff:db:db:ce:47:25:3f:6f:46:fd:70:78:
2d:69:a9:c2:74:6e:b1:10:e9:44:65:f8:87:71:ae:
dc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DC:85:35:CB:3F:6A:23:04:08:F4:98:F3:27:AB:DD:CE:EB:A9:FB
X509v3 Authority Key Identifier:
keyid:1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/39yFNcs_aiMECPSY8yer3c7rqfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:2e:fa:3e:0d:19:00:e2:d0:32:3a:86:60:bf:bc:48:89:fa:
ea:3e:37:38:2f:3a:2a:d6:3f:a2:51:d2:27:38:9f:fa:38:6d:
53:8d:97:77:87:d4:24:32:a4:87:4c:cd:83:03:fd:fc:2c:c2:
62:6d:95:a5:9f:e0:be:71:0d:b0:2c:08:dd:93:ed:4b:f5:e6:
f4:19:5f:1f:8b:0c:65:f4:d4:17:65:b0:ae:6a:13:19:e3:9f:
53:e9:13:03:af:3d:d7:5a:7c:70:d2:5a:ec:66:ec:e6:d1:4a:
59:99:f1:23:5c:72:3d:2d:82:74:58:b8:0c:b3:87:d9:af:84:
3f:76:46:91:7a:3c:1a:a0:8a:10:61:4a:8c:e2:89:fd:04:fe:
7e:c6:ed:8e:a1:7a:f6:af:13:22:dd:d5:32:c5:91:a5:e7:44:
97:4b:36:6e:70:8a:56:c6:6b:ec:4c:bd:e1:b1:d9:3c:49:c5:
58:fc:32:2a:e4:f6:b1:4c:00:09:15:a8:22:de:da:ba:65:4c:
bc:0a:b2:93:62:96:d1:7c:20:cd:df:62:94:a5:29:2f:f1:71:
57:14:ec:06:6d:1e:b4:9a:8f:47:fa:2e:de:cd:dd:7d:51:2c:
cf:db:f3:20:dc:33:32:3a:f0:f0:a3:0e:9d:5b:6a:fb:24:bf:
7a:3e:5b:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsZHLAz6wztLzhvZLrrMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjdjZjFjYTJkZWEzMmZjZDk3MDJkZDI1MTBlYjZiZjJi
Njg2MTAwHhcNMjUwMTAxMTE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRjODUzNWNiM2Y2YTIzMDQwOGY0OThmMzI3YWJkZGNlZWJhOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+DN/gVmuvkzv0PDrQgxJ08c4luB
M7UFEXaLFEzNa8qVM3YQ0QimGeTfGusV9XwcI5IKWZ2u9zTOwgBItyYWEi0+AMcF
9a2JoNSl5j/p+3MlxZEYWYokGQLdNsdu9tGA98z1P9GTvum3XhZ24ejAdsWQIBUU
/xkQSK8tTXDsZTv8cUjoLyirR8AJTPQ+GbG5qv/rhTvUnaXrNQNUueswoN7PjzKg
okOkMlDmSRySj+6N2hzqN4Y396ao9CojvwqCixV647/NOo/6o6PVXHROc/YmPhmG
hDysPQkZxfNzDFz6MiL/29vORyU/b0b9cHgtaanCdG6xEOlEZfiHca7cfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/chTXLP2ojBAj0mPMnq93O66n7MB8GA1UdIwQY
MBaAFB9nzxyi3qMvzZcC3SUQ62vytoYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUt
YmFkYmU4NDA5NzdlLzEvMzl5Rk5jc19haU1FQ1BTWTh5ZXIzYzdycWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUtYmFkYmU4NDA5Nzdl
LzEvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVPWMA0G
CSqGSIb3DQEBCwUAA4IBAQDJLvo+DRkA4tAyOoZgv7xIifrqPjc4Lzoq1j+iUdIn
OJ/6OG1TjZd3h9QkMqSHTM2DA/38LMJibZWln+C+cQ2wLAjdk+1L9eb0GV8fiwxl
9NQXZbCuahMZ459T6RMDrz3XWnxw0lrsZuzm0UpZmfEjXHI9LYJ0WLgMs4fZr4Q/
dkaRejwaoIoQYUqM4on9BP5+xu2OoXr2rxMi3dUyxZGl50SXSzZucIpWxmvsTL3h
sdk8ScVY/DIq5PaxTAAJFagi3tq6ZUy8CrKTYpbRfCDN32KUpSkv8XFXFOwGbR60
mo9H+i7ezd19USzP2/Mg3DMyOvDwow6dW2r7JL96Pluv
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:56:17 2025 by rpki-client