Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/neolYGdLKpBXHmNej6CjSGJo33s.roa
File: neolYGdLKpBXHmNej6CjSGJo33s.roa (raw, json)
Hash identifier: rdeL6tzNKDLvJGPaZiOq6jxc0q10y5ECjhYex4TDkLo=
Subject key identifier: 9D:EA:25:60:67:4B:2A:90:57:1E:63:5E:8F:A0:A3:48:62:68:DF:7B
Certificate issuer: /CN=dbc144ce154eee9dbb3562ce4cd3228338641333
Certificate serial: 01941FFA37A4FE86899D6FCBA5B77D4D70B5
Authority key identifier: DB:C1:44:CE:15:4E:EE:9D:BB:35:62:CE:4C:D3:22:83:38:64:13:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28FEzhVO7p27NWLOTNMigzhkEzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/neolYGdLKpBXHmNej6CjSGJo33s.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 185.25.244.0/22 maxlen: 22
2a00:8420::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:37:a4:fe:86:89:9d:6f:cb:a5:b7:7d:4d:70:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc144ce154eee9dbb3562ce4cd3228338641333
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dea2560674b2a90571e635e8fa0a3486268df7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:66:52:7b:e4:34:a8:77:55:33:ae:40:75:
f2:58:9e:23:92:1e:d0:55:d6:d0:6b:4b:e2:5d:3c:
f2:d2:67:3a:47:dc:58:1f:c0:57:1a:f2:fd:22:b2:
74:fc:1f:e4:18:44:6a:4e:76:f7:d0:02:db:23:71:
82:19:2c:24:ae:34:33:d9:be:3a:2a:ee:57:e3:90:
dd:dd:c1:2c:dd:7e:a3:95:02:f4:f5:8a:c2:13:a0:
36:2b:d4:c6:80:86:2a:dd:71:d4:44:cb:f6:38:50:
e4:ed:fd:ca:2c:d2:4d:90:54:a9:a0:06:91:09:68:
09:1a:be:4a:c8:32:6a:9a:cb:e4:de:5b:50:28:80:
1b:14:f6:0c:38:11:b0:ac:2c:d7:ca:d1:59:9a:b7:
70:a9:a8:44:00:dc:8f:ae:24:3d:fc:a5:bf:25:15:
dd:a0:ba:d2:22:6d:00:b9:da:b3:dc:a8:59:58:4b:
32:df:aa:39:8e:80:ea:64:a1:ed:63:f4:b9:b8:9f:
a2:34:d5:6a:18:2b:ce:9c:89:96:62:3e:a5:8d:b5:
40:d9:90:43:a4:47:d6:ce:16:68:bc:27:ee:1b:87:
0d:12:8e:83:bb:24:4e:c7:1f:4d:3e:bc:3a:71:21:
91:d8:1e:e5:1a:11:dc:81:d6:b3:00:d9:42:d3:cd:
f3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:EA:25:60:67:4B:2A:90:57:1E:63:5E:8F:A0:A3:48:62:68:DF:7B
X509v3 Authority Key Identifier:
keyid:DB:C1:44:CE:15:4E:EE:9D:BB:35:62:CE:4C:D3:22:83:38:64:13:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28FEzhVO7p27NWLOTNMigzhkEzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/neolYGdLKpBXHmNej6CjSGJo33s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/28FEzhVO7p27NWLOTNMigzhkEzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.244.0/22
IPv6:
2a00:8420::/32
Signature Algorithm: sha256WithRSAEncryption
83:a4:01:01:b8:eb:f9:3c:c2:6d:45:fb:bb:ab:0a:4b:35:d0:
c2:a3:b6:a2:91:5f:34:3c:df:d8:c0:76:38:99:a1:70:2d:53:
4d:33:03:9c:28:37:56:16:95:21:f4:fd:1f:1f:e2:2b:64:4b:
46:83:f1:41:88:45:04:de:cd:04:76:38:38:51:77:2d:95:72:
8d:6c:57:1c:89:e0:bb:3a:58:60:f1:1d:6d:d9:77:c2:03:a5:
ca:85:30:da:b3:f0:b8:97:48:51:6b:ee:61:64:31:f2:22:ac:
90:e7:3c:1e:2a:06:f4:d7:05:84:55:a1:4b:32:a6:70:5e:be:
29:99:7e:82:3c:13:6c:3d:de:7c:c2:7c:66:95:2c:04:82:f4:
67:b3:34:7d:7b:af:11:70:d9:af:eb:88:88:d4:56:00:8d:74:
d5:e5:81:12:c8:72:de:fc:7a:ab:6c:3a:18:a3:7e:08:8d:6e:
b2:6f:f0:e1:38:6d:ae:19:f6:54:bd:4c:de:cb:50:1f:57:dd:
92:08:34:bb:7c:bc:6d:22:f4:22:69:f1:90:87:82:2d:8e:d4:
ce:9e:2c:1d:c6:1a:34:21:60:25:7a:6b:68:15:ca:33:d0:6c:
65:69:48:2a:80:97:2f:9c:37:92:cf:6e:e3:09:6a:73:dc:0b:
4a:f7:9a:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+jek/oaJnW/Lpbd9TXC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzE0NGNlMTU0ZWVlOWRiYjM1NjJjZTRjZDMyMjgzMzg2
NDEzMzMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGVhMjU2MDY3NGIyYTkwNTcxZTYzNWU4ZmEwYTM0ODYyNjhkZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2NmUnvkNKh3VTOuQHXyWJ4jkh7Q
VdbQa0viXTzy0mc6R9xYH8BXGvL9IrJ0/B/kGERqTnb30ALbI3GCGSwkrjQz2b46
Ku5X45Dd3cEs3X6jlQL09YrCE6A2K9TGgIYq3XHURMv2OFDk7f3KLNJNkFSpoAaR
CWgJGr5KyDJqmsvk3ltQKIAbFPYMOBGwrCzXytFZmrdwqahEANyPriQ9/KW/JRXd
oLrSIm0Audqz3KhZWEsy36o5joDqZKHtY/S5uJ+iNNVqGCvOnImWYj6ljbVA2ZBD
pEfWzhZovCfuG4cNEo6DuyROxx9NPrw6cSGR2B7lGhHcgdazANlC083z1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ3qJWBnSyqQVx5jXo+go0hiaN97MB8GA1UdIwQY
MBaAFNvBRM4VTu6duzVizkzTIoM4ZBMzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhGRXpoVk83cDI3TldMT1ROTWlnemhrRXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hMjJjZmEtMDFmMy00ZjEyLWI2ZmQt
NDg5NGY4OGJlZGRjLzEvbmVvbFlHZExLcEJYSG1OZWo2Q2pTR0pvMzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hMjJjZmEtMDFmMy00ZjEyLWI2ZmQtNDg5NGY4OGJlZGRj
LzEvMjhGRXpoVk83cDI3TldMT1ROTWlnemhrRXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRn0MA0E
AgACMAcDBQAqAIQgMA0GCSqGSIb3DQEBCwUAA4IBAQCDpAEBuOv5PMJtRfu7qwpL
NdDCo7aikV80PN/YwHY4maFwLVNNMwOcKDdWFpUh9P0fH+IrZEtGg/FBiEUE3s0E
djg4UXctlXKNbFccieC7Olhg8R1t2XfCA6XKhTDas/C4l0hRa+5hZDHyIqyQ5zwe
Kgb01wWEVaFLMqZwXr4pmX6CPBNsPd58wnxmlSwEgvRnszR9e68RcNmv64iI1FYA
jXTV5YESyHLe/HqrbDoYo34IjW6yb/DhOG2uGfZUvUzey1AfV92SCDS7fLxtIvQi
afGQh4ItjtTOniwdxho0IWAlemtoFcoz0GxlaUgqgJcvnDeSz27jCWpz3AtK95qT
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:59:36 2025 by rpki-client