Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/VUuhainjhcYV5YRCiyXmkzZq9Bw.roa
File: VUuhainjhcYV5YRCiyXmkzZq9Bw.roa (raw, json)
Hash identifier: sqr3lmMmKZCw5Sb02g6kZwXmBiAXlMXLjjLm6QDb9BM=
Subject key identifier: 55:4B:A1:6A:29:E3:85:C6:15:E5:84:42:8B:25:E6:93:36:6A:F4:1C
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 0194258F223614000CC0C2E07197E2FCB141
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/VUuhainjhcYV5YRCiyXmkzZq9Bw.roa
Signing time: Thu 02 Jan 2025 05:48:44 +0000
ROA not before: Thu 02 Jan 2025 05:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 185.99.196.0/24 maxlen: 24
185.99.197.0/24 maxlen: 24
185.99.198.0/24 maxlen: 24
185.99.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:22:36:14:00:0c:c0:c2:e0:71:97:e2:fc:b1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Jan 2 05:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=554ba16a29e385c615e584428b25e693366af41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:28:a7:7e:56:5a:60:0b:9b:3c:d6:46:9b:
88:42:0e:0b:f2:ba:26:f5:a9:a7:50:41:9f:8c:b9:
ea:6e:e6:f9:69:67:99:10:0a:6a:1f:32:85:57:2b:
b5:0c:7c:9c:da:9c:f1:95:c6:10:03:51:80:e5:df:
77:e2:a4:58:f5:a5:1a:aa:4f:d8:51:fe:ac:c2:88:
d3:c0:82:f2:7a:a9:1e:bf:6a:d0:07:3f:40:77:9f:
24:0a:4a:34:07:a9:98:aa:52:c8:cb:d7:12:d6:bf:
34:1b:7f:b5:53:6f:2d:58:39:5d:5d:b0:6c:7a:ce:
71:a6:85:8e:07:af:ec:f3:a6:31:83:a8:9e:35:80:
ca:5b:ac:cc:64:85:a5:d6:f8:8f:79:57:c7:73:e9:
d3:9a:94:1b:86:5f:57:79:71:65:16:be:39:df:ce:
17:85:6d:d4:f8:fb:dd:16:38:23:74:08:b7:28:d0:
9b:e4:dc:b9:1d:fd:ed:be:60:b8:a1:b5:0a:86:d1:
21:b7:08:de:e0:49:f1:20:4b:49:ab:c2:14:42:1d:
a6:62:8d:a8:64:f8:25:f6:1e:33:64:2f:3b:93:3a:
4d:02:79:ae:4b:1d:6f:01:0a:04:1a:09:f4:b4:e9:
7e:fa:4c:64:38:8b:25:2c:9b:00:8d:3d:ee:0c:18:
ce:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4B:A1:6A:29:E3:85:C6:15:E5:84:42:8B:25:E6:93:36:6A:F4:1C
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/VUuhainjhcYV5YRCiyXmkzZq9Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.196.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:be:9d:de:31:77:c5:7d:23:d3:59:8d:87:91:17:82:21:b8:
c8:f6:84:10:a4:51:0a:36:14:ff:1e:e2:45:94:0c:c0:68:85:
cc:37:a1:fd:02:5b:a9:5c:5a:39:cd:2e:77:58:2b:f2:3d:2b:
dd:a9:df:e5:77:9b:ba:1e:91:4d:8e:ac:eb:79:22:e1:92:05:
c4:98:81:9c:3b:81:55:c9:04:71:9a:6f:98:4e:70:4a:4c:ea:
ca:b5:9f:5b:b5:85:20:c7:ec:68:e1:81:e3:6b:fa:4e:d2:db:
f1:8d:d5:17:89:91:7c:a6:5b:58:01:37:97:6a:73:fc:53:42:
16:60:93:9a:d5:83:66:23:4e:00:14:83:8d:b3:9b:fe:c4:84:
34:36:ee:b5:15:b2:3b:77:da:2f:dd:4d:19:de:f7:f9:ab:11:
d4:94:cd:06:b9:0a:60:a0:32:40:f8:ff:9d:66:13:9b:0b:23:
6d:b5:df:c2:4f:57:01:63:cb:73:de:f2:7a:ef:a7:8e:1c:b7:
85:3e:cf:70:30:84:5b:fb:e2:95:b4:fa:92:ef:13:6c:34:d2:
b2:2b:09:a1:92:6c:f8:5c:1b:c9:ed:a8:4d:48:78:cc:4a:57:
92:72:98:51:ea:46:4a:e1:71:34:8c:54:3b:9d:f7:9d:44:d5:
48:d3:3d:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljyI2FAAMwMLgcZfi/LFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjUwMTAyMDU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRiYTE2YTI5ZTM4NWM2MTVlNTg0NDI4YjI1ZTY5MzM2NmFmNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDoop35WWmALmzzWRpuIQg4L8rom
9amnUEGfjLnqbub5aWeZEApqHzKFVyu1DHyc2pzxlcYQA1GA5d934qRY9aUaqk/Y
Uf6swojTwILyeqkev2rQBz9Ad58kCko0B6mYqlLIy9cS1r80G3+1U28tWDldXbBs
es5xpoWOB6/s86Yxg6ieNYDKW6zMZIWl1viPeVfHc+nTmpQbhl9XeXFlFr45384X
hW3U+PvdFjgjdAi3KNCb5Ny5Hf3tvmC4obUKhtEhtwje4EnxIEtJq8IUQh2mYo2o
ZPgl9h4zZC87kzpNAnmuSx1vAQoEGgn0tOl++kxkOIslLJsAjT3uDBjORQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVLoWop44XGFeWEQosl5pM2avQcMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvVlV1aGFpbmpoY1lWNVlSQ2l5WG1relpxOUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBbvp3eMXfFfSPTWY2HkReCIbjI9oQQpFEKNhT/HuJF
lAzAaIXMN6H9AlupXFo5zS53WCvyPSvdqd/ld5u6HpFNjqzreSLhkgXEmIGcO4FV
yQRxmm+YTnBKTOrKtZ9btYUgx+xo4YHja/pO0tvxjdUXiZF8pltYATeXanP8U0IW
YJOa1YNmI04AFIONs5v+xIQ0Nu61FbI7d9ov3U0Z3vf5qxHUlM0GuQpgoDJA+P+d
ZhObCyNttd/CT1cBY8tz3vJ676eOHLeFPs9wMIRb++KVtPqS7xNsNNKyKwmhkmz4
XBvJ7ahNSHjMSleScphR6kZK4XE0jFQ7nfedRNVI0z3r
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:12:43 2025 by rpki-client