Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/9b2tSpH9I_YDuaAeaEvrPjYTSYA.roa
File: 9b2tSpH9I_YDuaAeaEvrPjYTSYA.roa (raw, json)
Hash identifier: CQ+HO3gorMuwRRve3+ZDJ9LD5LzYPKSs3rQmvQ37N3I=
Subject key identifier: F5:BD:AD:4A:91:FD:23:F6:03:B9:A0:1E:68:4B:EB:3E:36:13:49:80
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 0194228E2C0FE6586F5923D35A72BE7B0065
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/9b2tSpH9I_YDuaAeaEvrPjYTSYA.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43366
IP address blocks: 45.85.220.0/22 maxlen: 24
185.61.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2c:0f:e6:58:6f:59:23:d3:5a:72:be:7b:00:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5bdad4a91fd23f603b9a01e684beb3e36134980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1c:8d:ca:6c:d5:8e:92:f4:6c:eb:84:c4:4d:
65:66:c9:6f:b3:5e:d3:c7:81:31:23:63:5f:43:39:
b2:d9:17:23:26:6f:56:09:27:e1:ae:94:c5:ac:f0:
4e:28:a4:d1:c5:63:1c:0b:f9:5c:c3:fe:d3:57:8a:
de:3e:da:0f:88:5d:f6:5c:81:32:d1:01:04:7b:d0:
ef:94:b1:11:ef:5a:6b:92:25:64:16:20:db:c1:a9:
5e:2d:92:ad:1a:61:15:0a:dd:ee:17:32:a3:92:3a:
41:46:e1:cb:81:de:57:9c:37:a2:6f:c8:88:e8:15:
15:40:52:cf:1e:44:54:eb:c7:25:ee:28:12:10:bc:
d2:48:5c:59:d7:17:86:3f:ac:26:5f:c9:95:cd:ba:
00:0e:01:83:69:e8:f6:24:74:eb:6c:7c:b8:75:6d:
5a:83:8a:ca:15:52:c3:94:92:7c:a3:4d:07:f1:3d:
5a:fb:17:cb:1f:93:5a:90:29:8c:f8:77:04:b0:ff:
d1:3e:69:fc:b3:97:4b:57:26:93:88:10:27:db:e7:
6b:1e:f5:70:04:06:14:13:76:52:4f:33:8e:7a:24:
79:fc:fc:34:7f:3d:d2:da:bc:e2:40:ff:bd:4b:d2:
f7:03:48:a7:ba:b9:ad:10:b7:b3:f2:b6:7b:27:b6:
45:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BD:AD:4A:91:FD:23:F6:03:B9:A0:1E:68:4B:EB:3E:36:13:49:80
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/9b2tSpH9I_YDuaAeaEvrPjYTSYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.220.0/22
185.61.248.0/22
Signature Algorithm: sha256WithRSAEncryption
07:4e:bc:8a:51:92:02:75:fb:4c:6d:33:79:c0:4f:74:3d:83:
37:ae:0d:1c:bf:d7:79:cd:c0:7d:6f:02:58:c2:3d:57:aa:0e:
9b:df:1b:f3:87:41:b8:8d:08:cf:ae:2a:f2:f2:fd:3d:ec:48:
ae:e5:8c:9c:48:61:0c:4d:83:32:62:48:db:fd:8d:5d:43:52:
14:9f:83:60:7d:00:08:78:05:a8:41:af:cf:8c:35:53:cb:34:
5b:ba:b7:56:a4:db:10:df:a9:d7:f8:dc:0a:57:a0:ab:46:36:
15:a8:c2:29:b1:95:a8:9d:c6:2a:cb:d7:37:de:ae:5f:2a:e3:
37:34:a2:37:78:19:82:62:16:e3:1b:63:e4:fd:fe:2f:c7:0a:
30:b0:b3:9a:5a:f4:83:8a:6a:e2:26:63:43:c3:a8:65:da:61:
b3:9e:7b:5b:ca:0a:03:d7:e9:79:a7:f4:53:e3:27:73:b3:ad:
0c:69:b5:f1:b8:64:ce:48:60:a9:7b:54:1b:1d:88:e9:ee:3b:
c0:32:f2:d6:0e:47:6d:55:42:9c:a9:5f:2d:df:5c:ce:d8:fe:
d8:8c:1c:0b:09:a3:5a:e2:e9:f2:a2:46:e6:8e:25:49:1c:8f:
d6:cc:da:ae:fb:81:e0:80:2a:05:12:7a:fd:8d:87:fe:13:57:
0d:62:cb:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijiwP5lhvWSPTWnK+ewBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJkYWQ0YTkxZmQyM2Y2MDNiOWEwMWU2ODRiZWIzZTM2MTM0OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxyNymzVjpL0bOuExE1lZslvs17T
x4ExI2NfQzmy2RcjJm9WCSfhrpTFrPBOKKTRxWMcC/lcw/7TV4rePtoPiF32XIEy
0QEEe9DvlLER71prkiVkFiDbwaleLZKtGmEVCt3uFzKjkjpBRuHLgd5XnDeib8iI
6BUVQFLPHkRU68cl7igSELzSSFxZ1xeGP6wmX8mVzboADgGDaej2JHTrbHy4dW1a
g4rKFVLDlJJ8o00H8T1a+xfLH5NakCmM+HcEsP/RPmn8s5dLVyaTiBAn2+drHvVw
BAYUE3ZSTzOOeiR5/Pw0fz3S2rziQP+9S9L3A0inurmtELez8rZ7J7ZFrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPW9rUqR/SP2A7mgHmhL6z42E0mAMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEvOWIydFNwSDlJX1lEdWFBZWFFdnJQallUU1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVXcAwQC
uT34MA0GCSqGSIb3DQEBCwUAA4IBAQAHTryKUZICdftMbTN5wE90PYM3rg0cv9d5
zcB9bwJYwj1Xqg6b3xvzh0G4jQjPriry8v097Eiu5YycSGEMTYMyYkjb/Y1dQ1IU
n4NgfQAIeAWoQa/PjDVTyzRburdWpNsQ36nX+NwKV6CrRjYVqMIpsZWoncYqy9c3
3q5fKuM3NKI3eBmCYhbjG2Pk/f4vxwowsLOaWvSDimriJmNDw6hl2mGznntbygoD
1+l5p/RT4ydzs60MabXxuGTOSGCpe1QbHYjp7jvAMvLWDkdtVUKcqV8t31zO2P7Y
jBwLCaNa4unyokbmjiVJHI/WzNqu+4HggCoFEnr9jYf+E1cNYsvK
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:56:38 2025 by rpki-client