Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d6f953-e5f1-4d32-8d1d-1e26bd87a6f4/1/n9gMid1T3QREpNiz_qLQ9cz9pdc.roa
File: n9gMid1T3QREpNiz_qLQ9cz9pdc.roa (raw, json)
Hash identifier: I6qBOk7e8c7eb+RShOv1y8ESAs1o3obmV/3Ly3WrzJQ=
Subject key identifier: 9F:D8:0C:89:DD:53:DD:04:44:A4:D8:B3:FE:A2:D0:F5:CC:FD:A5:D7
Certificate issuer: /CN=b9d55f36c511db636cb82f34750cc8ae239450e5
Certificate serial: 0184EE46147FEC05BE501B7BF346439D92FC
Authority key identifier: B9:D5:5F:36:C5:11:DB:63:6C:B8:2F:34:75:0C:C8:AE:23:94:50:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/udVfNsUR22NsuC80dQzIriOUUOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d6f953-e5f1-4d32-8d1d-1e26bd87a6f4/1/n9gMid1T3QREpNiz_qLQ9cz9pdc.roa
Signing time: Wed 07 Dec 2022 20:28:00 +0000
ROA not before: Wed 07 Dec 2022 20:28:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34373
IP address blocks: 185.96.44.0/22 maxlen: 24
2a00:4140::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ee:46:14:7f:ec:05:be:50:1b:7b:f3:46:43:9d:92:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9d55f36c511db636cb82f34750cc8ae239450e5
Validity
Not Before: Dec 7 20:28:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fd80c89dd53dd0444a4d8b3fea2d0f5ccfda5d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c1:2a:c5:a1:08:0c:18:20:ba:5e:23:11:93:
54:81:b3:b8:38:84:93:c3:12:09:45:33:ce:67:3b:
4c:b5:0e:bb:90:18:76:e7:e1:ea:bd:d6:a2:20:a6:
57:5c:e3:c2:40:a9:25:a0:46:9d:ee:6b:6e:6f:a9:
83:c7:39:dc:3d:70:d6:00:18:84:21:7c:85:4b:d8:
0b:7f:58:f7:c7:e7:4d:03:a7:73:22:3a:81:97:d6:
32:d5:64:55:9c:79:31:e6:d6:65:48:59:82:bf:49:
58:9a:74:43:b6:ab:74:ce:6c:4d:25:5f:60:41:64:
af:f5:43:ef:92:d9:f6:ef:4e:10:d2:0d:32:1f:28:
1a:ea:b4:48:29:d7:52:24:61:4f:29:3d:ab:40:d5:
e5:15:7f:ed:42:ad:69:27:d8:4d:e5:8b:8f:40:08:
57:7c:40:0c:12:d3:6b:81:9c:6c:c3:52:50:3d:d2:
13:01:dd:cf:a1:f4:11:8f:3f:70:31:be:15:da:19:
67:c6:b8:b3:85:d3:0b:49:91:b3:8f:02:eb:26:6d:
c6:70:68:a2:07:e2:2c:c3:7e:5b:94:70:a7:13:67:
f2:11:26:5f:4c:5b:81:86:bb:ba:3a:01:67:92:35:
8a:3d:ea:62:8c:46:d6:22:ba:a6:1b:37:a8:d1:42:
24:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D8:0C:89:DD:53:DD:04:44:A4:D8:B3:FE:A2:D0:F5:CC:FD:A5:D7
X509v3 Authority Key Identifier:
keyid:B9:D5:5F:36:C5:11:DB:63:6C:B8:2F:34:75:0C:C8:AE:23:94:50:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udVfNsUR22NsuC80dQzIriOUUOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d6f953-e5f1-4d32-8d1d-1e26bd87a6f4/1/n9gMid1T3QREpNiz_qLQ9cz9pdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d6f953-e5f1-4d32-8d1d-1e26bd87a6f4/1/udVfNsUR22NsuC80dQzIriOUUOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.44.0/22
IPv6:
2a00:4140::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ac:34:27:f6:22:a4:f2:2b:2d:b9:37:b2:8c:f5:e0:80:f3:
74:b7:d1:f1:a3:67:6f:43:92:a7:cf:3b:2c:e7:39:6d:c2:c8:
8b:54:5b:53:21:6e:51:8b:e6:10:ef:ac:69:e3:02:7c:83:b5:
6e:35:18:9c:5a:e4:61:7f:c3:28:59:79:dd:b3:16:37:96:4f:
a5:a9:8b:69:bd:0f:81:4b:18:c0:db:41:49:b7:c4:ce:41:89:
0e:bb:dd:65:e9:e5:62:31:82:df:37:2f:27:5c:2b:62:e3:48:
9c:ba:1c:84:1e:1b:c5:10:a5:05:8d:70:d6:6f:61:39:c4:ca:
a0:92:6f:64:f3:04:c3:f3:86:37:8b:d6:ba:c4:8e:ef:73:17:
a1:c3:93:ae:bd:9a:64:58:c9:d8:1a:ed:37:01:e4:aa:75:1f:
1d:15:c8:5a:13:8f:56:b9:35:0b:aa:e5:a1:af:6a:9e:0d:b8:
43:83:a8:ef:26:bb:46:08:21:09:2f:0c:fc:56:e5:7c:7a:c8:
70:96:24:25:e1:34:1e:27:37:78:3c:ac:1a:28:3f:3f:3e:9a:
a8:ec:92:7d:dd:94:0d:d2:ba:42:17:dc:1d:2b:61:72:f6:90:
36:aa:ad:40:cd:af:33:70:34:23:43:8f:54:44:c1:9b:5b:d0:
76:df:e7:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTuRhR/7AW+UBt780ZDnZL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDU1ZjM2YzUxMWRiNjM2Y2I4MmYzNDc1MGNjOGFlMjM5
NDUwZTUwHhcNMjIxMjA3MjAyODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQ4MGM4OWRkNTNkZDA0NDRhNGQ4YjNmZWEyZDBmNWNjZmRhNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcEqxaEIDBggul4jEZNUgbO4OIST
wxIJRTPOZztMtQ67kBh25+HqvdaiIKZXXOPCQKkloEad7mtub6mDxzncPXDWABiE
IXyFS9gLf1j3x+dNA6dzIjqBl9Yy1WRVnHkx5tZlSFmCv0lYmnRDtqt0zmxNJV9g
QWSv9UPvktn2704Q0g0yHyga6rRIKddSJGFPKT2rQNXlFX/tQq1pJ9hN5YuPQAhX
fEAMEtNrgZxsw1JQPdITAd3PofQRjz9wMb4V2hlnxrizhdMLSZGzjwLrJm3GcGii
B+Isw35blHCnE2fyESZfTFuBhru6OgFnkjWKPepijEbWIrqmGzeo0UIkfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/YDIndU90ERKTYs/6i0PXM/aXXMB8GA1UdIwQY
MBaAFLnVXzbFEdtjbLgvNHUMyK4jlFDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRWZk5zVVIyMk5zdUM4MGRReklyaU9VVU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNmY5NTMtZTVmMS00ZDMyLThkMWQt
MWUyNmJkODdhNmY0LzEvbjlnTWlkMVQzUVJFcE5pel9xTFE5Y3o5cGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNmY5NTMtZTVmMS00ZDMyLThkMWQtMWUyNmJkODdhNmY0
LzEvdWRWZk5zVVIyMk5zdUM4MGRReklyaU9VVU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWAsMA0E
AgACMAcDBQMqAEFAMA0GCSqGSIb3DQEBCwUAA4IBAQCOrDQn9iKk8istuTeyjPXg
gPN0t9Hxo2dvQ5Knzzss5zltwsiLVFtTIW5Ri+YQ76xp4wJ8g7VuNRicWuRhf8Mo
WXndsxY3lk+lqYtpvQ+BSxjA20FJt8TOQYkOu91l6eViMYLfNy8nXCti40icuhyE
HhvFEKUFjXDWb2E5xMqgkm9k8wTD84Y3i9a6xI7vcxehw5OuvZpkWMnYGu03AeSq
dR8dFchaE49WuTULquWhr2qeDbhDg6jvJrtGCCEJLwz8VuV8eshwliQl4TQeJzd4
PKwaKD8/Ppqo7JJ93ZQN0rpCF9wdK2Fy9pA2qq1Aza8zcDQjQ49URMGbW9B23+ex
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:43:08 2025 by rpki-client