Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9LSxyDVJm8WFLyF6W1ydBukaJ7c.roa
File: 9LSxyDVJm8WFLyF6W1ydBukaJ7c.roa (raw, json)
Hash identifier: 8IefUSABqvEPG/OMqtEkK6OHR/31wDHp/n5wLKn5TCY=
Subject key identifier: F4:B4:B1:C8:35:49:9B:C5:85:2F:21:7A:5B:5C:9D:06:E9:1A:27:B7
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE36F03BC5767AE4FD3E4AB9CCD935
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9LSxyDVJm8WFLyF6W1ydBukaJ7c.roa
Signing time: Tue 02 Jan 2024 06:30:55 +0000
ROA not before: Tue 02 Jan 2024 06:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 185.21.253.0/24 maxlen: 24
185.21.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:36:f0:3b:c5:76:7a:e4:fd:3e:4a:b9:cc:d9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4b4b1c835499bc5852f217a5b5c9d06e91a27b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:61:a6:60:5e:27:b1:60:17:9e:94:b0:bf:
4f:ee:ce:d2:dc:f2:56:a8:85:6b:43:3a:d3:e0:85:
d5:30:b5:a1:37:21:f2:47:6a:77:cd:8d:85:73:91:
87:89:22:09:3f:61:8e:c3:18:32:a1:fe:2c:8a:f9:
65:cc:b7:04:69:ce:41:80:43:e1:f2:8e:f8:cd:6f:
eb:5a:23:22:97:18:0c:db:9a:20:03:2b:3d:5f:e0:
11:43:e7:e6:94:18:a2:b2:3d:bb:90:91:10:f1:d5:
50:61:b0:ea:7f:d3:15:4b:29:99:76:b3:5e:ed:78:
d8:0c:09:02:da:a7:bd:fb:3a:13:80:35:79:60:a6:
d6:4c:4d:a2:69:05:24:5a:02:8f:b7:b7:e9:36:ee:
cc:6f:92:72:7e:5e:2d:c5:a7:85:7c:55:12:61:e1:
3e:cf:c2:e0:88:4e:82:6a:a0:ee:dc:0b:7f:07:82:
98:97:90:31:da:b6:b7:42:75:c8:ce:ae:cd:50:9e:
a4:5c:d4:9d:cb:ed:b2:5d:90:64:d7:ab:19:3d:dd:
28:23:c5:1a:c8:30:0c:0e:1b:ce:10:61:97:63:be:
0b:40:99:60:ae:e5:a7:eb:65:8a:11:80:b8:48:dc:
78:2c:0f:05:94:5d:c3:7d:4d:ef:7d:10:9d:e6:0c:
36:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B4:B1:C8:35:49:9B:C5:85:2F:21:7A:5B:5C:9D:06:E9:1A:27:B7
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9LSxyDVJm8WFLyF6W1ydBukaJ7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.253.0/24
185.21.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:97:78:e8:6e:4d:6c:eb:92:2a:ce:0f:ed:ec:05:14:f3:8a:
59:f6:b4:59:0f:0a:15:46:26:aa:8d:e0:67:28:6a:b9:be:ba:
92:aa:3e:16:14:12:71:68:00:76:09:cd:27:6e:17:f2:07:cf:
66:d4:d0:11:8d:4f:22:5d:cb:ba:aa:ba:37:6e:1b:3e:09:3d:
0d:35:ff:92:b3:45:f4:a5:18:6f:ea:a7:65:8a:e1:bf:96:b0:
97:c4:87:07:c0:35:f0:4c:d0:bb:20:18:58:78:47:cb:e0:82:
8e:29:8c:e6:e1:e8:b1:65:83:73:f0:ee:a2:7e:a1:8e:55:d7:
b1:c9:2d:84:a2:e9:7d:19:be:ed:6c:a9:37:9a:2a:e3:48:31:
ae:fd:96:0d:79:2d:8e:de:00:93:70:68:48:8c:a5:91:75:04:
a1:77:6a:e4:fb:84:15:84:ee:c9:73:89:96:7c:a7:13:30:44:
71:b8:d5:e4:25:85:a8:e5:c8:5d:04:7c:da:7b:a6:99:6b:d7:
0a:e5:30:26:d1:88:c9:4f:08:50:78:d7:d8:13:47:96:6b:8a:
af:e5:14:9c:8f:32:56:b8:1b:bf:32:13:29:4a:d3:f4:f7:19:
f1:a9:70:30:13:e2:ab:65:e9:63:1e:20:07:68:85:62:76:52:
6f:0d:c9:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3jbwO8V2euT9Pkq5zNk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI0YjFjODM1NDk5YmM1ODUyZjIxN2E1YjVjOWQwNmU5MWEyN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUVhpmBeJ7FgF56UsL9P7s7S3PJW
qIVrQzrT4IXVMLWhNyHyR2p3zY2Fc5GHiSIJP2GOwxgyof4sivllzLcEac5BgEPh
8o74zW/rWiMilxgM25ogAys9X+ARQ+fmlBiisj27kJEQ8dVQYbDqf9MVSymZdrNe
7XjYDAkC2qe9+zoTgDV5YKbWTE2iaQUkWgKPt7fpNu7Mb5Jyfl4txaeFfFUSYeE+
z8LgiE6CaqDu3At/B4KYl5Ax2ra3QnXIzq7NUJ6kXNSdy+2yXZBk16sZPd0oI8Ua
yDAMDhvOEGGXY74LQJlgruWn62WKEYC4SNx4LA8FlF3DfU3vfRCd5gw2qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPS0scg1SZvFhS8heltcnQbpGie3MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvOUxTeHlEVkptOFdGTHlGNlcxeWRCdWthSjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRX9AwQA
uRX/MA0GCSqGSIb3DQEBCwUAA4IBAQBNl3jobk1s65Iqzg/t7AUU84pZ9rRZDwoV
RiaqjeBnKGq5vrqSqj4WFBJxaAB2Cc0nbhfyB89m1NARjU8iXcu6qro3bhs+CT0N
Nf+Ss0X0pRhv6qdliuG/lrCXxIcHwDXwTNC7IBhYeEfL4IKOKYzm4eixZYNz8O6i
fqGOVdexyS2Eoul9Gb7tbKk3mirjSDGu/ZYNeS2O3gCTcGhIjKWRdQShd2rk+4QV
hO7Jc4mWfKcTMERxuNXkJYWo5chdBHzae6aZa9cK5TAm0YjJTwhQeNfYE0eWa4qv
5RScjzJWuBu/MhMpStP09xnxqXAwE+KrZeljHiAHaIVidlJvDckH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:47 2025 by rpki-client