Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9JW_HVZ0N6fOiRvBzfMDzqz4m-k.roa
File: 9JW_HVZ0N6fOiRvBzfMDzqz4m-k.roa (raw, json)
Hash identifier: B9WgBMH8XXm0kfwtLjd7m7UmKZ08QcUrHkOJ6NEqWJ0=
Subject key identifier: F4:95:BF:1D:56:74:37:A7:CE:89:1B:C1:CD:F3:03:CE:AC:F8:9B:E9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824A8B807E62634B08E94CC16C8845D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9JW_HVZ0N6fOiRvBzfMDzqz4m-k.roa
Signing time: Thu 02 Jan 2025 17:51:18 +0000
ROA not before: Thu 02 Jan 2025 17:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200400
IP address blocks: 85.208.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:a8:b8:07:e6:26:34:b0:8e:94:cc:16:c8:84:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f495bf1d567437a7ce891bc1cdf303ceacf89be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:91:02:c0:cf:36:81:b6:58:f5:de:a6:e6:9f:
62:a7:d0:cb:1a:e6:21:4f:fb:05:be:8a:2f:ae:ca:
15:e8:39:b6:8d:93:05:c1:ec:fe:a5:48:2a:cb:2f:
dd:b7:67:df:d3:15:a3:7e:da:1f:01:07:ac:68:06:
16:24:40:c2:5b:66:31:5e:32:d5:8b:0a:07:fc:21:
d2:f7:27:b0:6e:c3:e0:c1:33:f4:56:e6:7a:21:32:
64:49:49:01:73:40:ff:db:d8:47:7e:64:e7:3e:f2:
f4:5b:d5:00:8e:b4:26:12:81:6b:4b:3e:1c:3c:81:
37:ae:fb:9f:4d:a6:22:72:a6:ef:8e:c7:ba:3f:88:
2b:48:b7:3f:ab:65:c7:65:c4:3e:d5:2d:67:f0:95:
11:40:c2:da:a0:da:f6:4f:4c:73:9c:62:fb:50:21:
42:8c:b9:4a:ff:b8:9d:e1:e2:36:cf:46:df:7e:06:
58:91:04:48:98:a4:be:81:35:77:4c:a1:5c:ef:95:
76:c5:40:4a:54:9c:b6:da:67:26:60:87:36:fd:dd:
e4:78:14:fe:04:79:76:fd:6d:fa:a6:b0:5b:a5:b5:
49:1e:cb:41:09:7d:22:42:2c:2b:d9:49:2e:7d:d5:
a9:6e:89:43:92:4f:a1:3e:1b:66:66:fd:81:80:90:
63:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:95:BF:1D:56:74:37:A7:CE:89:1B:C1:CD:F3:03:CE:AC:F8:9B:E9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9JW_HVZ0N6fOiRvBzfMDzqz4m-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.138.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ab:49:fb:91:9e:4b:07:85:4a:07:80:80:6f:5f:51:21:63:
7f:a5:82:a2:e0:cc:d5:07:c1:d0:03:83:3c:2d:eb:b2:25:68:
6b:1d:fb:88:0c:db:61:4f:06:10:7f:62:21:89:d8:48:0d:f0:
f3:ac:72:23:41:1a:56:c0:09:92:e7:18:a3:da:d9:0a:ad:e6:
de:48:5b:6f:c3:86:ed:17:9b:32:9a:19:6c:c6:38:5a:49:72:
e1:20:be:b3:f2:51:20:d9:fb:ca:f0:8d:53:2e:05:32:3a:2d:
9b:59:a0:ea:62:72:77:b4:0f:63:82:5b:a3:74:10:eb:19:c0:
ba:c7:a1:b1:cf:99:21:dc:eb:d9:c1:30:e8:a8:85:38:f1:92:
26:2e:9e:8c:ac:57:9a:6a:58:e9:9f:60:95:f3:7b:14:b7:a9:
88:08:af:58:25:df:a5:f5:39:a2:bc:9b:1c:01:00:b2:16:65:
4d:20:53:ec:f2:e5:36:84:e6:22:e1:00:b9:53:4b:f7:dc:10:
6b:d3:e6:f4:b9:50:e0:9a:5a:97:12:8a:c8:42:9b:de:d9:39:
36:19:86:70:a3:4b:70:b1:8c:e5:b1:57:ac:d1:cc:2b:30:09:
30:3d:c3:79:cc:f7:f0:2b:8c:03:55:a5:80:b7:b8:22:30:7f:
c9:05:44:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJKi4B+YmNLCOlMwWyIRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk1YmYxZDU2NzQzN2E3Y2U4OTFiYzFjZGYzMDNjZWFjZjg5YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5ECwM82gbZY9d6m5p9ip9DLGuYh
T/sFvoovrsoV6Dm2jZMFwez+pUgqyy/dt2ff0xWjftofAQesaAYWJEDCW2YxXjLV
iwoH/CHS9yewbsPgwTP0VuZ6ITJkSUkBc0D/29hHfmTnPvL0W9UAjrQmEoFrSz4c
PIE3rvufTaYicqbvjse6P4grSLc/q2XHZcQ+1S1n8JURQMLaoNr2T0xznGL7UCFC
jLlK/7id4eI2z0bffgZYkQRImKS+gTV3TKFc75V2xUBKVJy22mcmYIc2/d3keBT+
BHl2/W36prBbpbVJHstBCX0iQiwr2UkufdWpbolDkk+hPhtmZv2BgJBj6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSVvx1WdDenzokbwc3zA86s+JvpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOUpXX0hWWjBONmZPaVJ2QnpmTUR6cXo0bS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdCKMA0G
CSqGSIb3DQEBCwUAA4IBAQAfq0n7kZ5LB4VKB4CAb19RIWN/pYKi4MzVB8HQA4M8
LeuyJWhrHfuIDNthTwYQf2IhidhIDfDzrHIjQRpWwAmS5xij2tkKrebeSFtvw4bt
F5symhlsxjhaSXLhIL6z8lEg2fvK8I1TLgUyOi2bWaDqYnJ3tA9jglujdBDrGcC6
x6Gxz5kh3OvZwTDoqIU48ZImLp6MrFeaaljpn2CV83sUt6mICK9YJd+l9TmivJsc
AQCyFmVNIFPs8uU2hOYi4QC5U0v33BBr0+b0uVDgmlqXEorIQpve2Tk2GYZwo0tw
sYzlsVes0cwrMAkwPcN5zPfwK4wDVaWAt7giMH/JBUTM
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:21 2025 by rpki-client