Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/09h3HegSzHCmBBBWGcTWBjEqm-k.roa
File: 09h3HegSzHCmBBBWGcTWBjEqm-k.roa (raw, json)
Hash identifier: e2MlTegDWzHw8Qc0vpcn4p75pDoA+fAb45rhwd6sZ2c=
Subject key identifier: D3:D8:77:1D:E8:12:CC:70:A6:04:10:56:19:C4:D6:06:31:2A:9B:E9
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 019427B63DDB4CF76C3949877A997F6A5402
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/09h3HegSzHCmBBBWGcTWBjEqm-k.roa
Signing time: Thu 02 Jan 2025 15:50:42 +0000
ROA not before: Thu 02 Jan 2025 15:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.87.218.0/24 maxlen: 28
185.87.219.0/24 maxlen: 24
2a13:85c0::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:3d:db:4c:f7:6c:39:49:87:7a:99:7f:6a:54:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jan 2 15:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3d8771de812cc70a604105619c4d606312a9be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:f8:94:08:ae:2f:3b:30:0d:80:b2:27:b0:
76:3b:5a:12:04:25:78:b5:7a:86:ed:87:35:3a:89:
cf:64:d0:cd:d8:a8:9c:0d:fb:af:9f:10:59:fb:cc:
d0:05:39:77:40:37:e5:41:78:66:1c:5a:9f:30:bc:
bf:4c:35:5f:e1:67:91:13:ed:8b:b4:7f:1e:a0:be:
c3:38:a2:f7:21:14:0d:75:1b:20:75:1e:75:d3:f8:
63:73:39:b6:39:cd:64:6a:2b:d0:d6:3a:1b:23:fe:
3f:93:4f:0f:7d:b3:39:8a:b9:7f:29:cf:43:db:d1:
4c:e0:76:52:47:4f:bc:3b:70:e8:b7:4f:f2:34:64:
9d:e0:9d:3a:dc:9b:9f:71:c8:64:5f:24:77:6b:c9:
f0:5a:b8:d6:94:68:78:d9:95:eb:8a:d5:87:41:8f:
9b:46:2f:01:ff:2f:d6:ab:1a:04:b9:39:b4:bb:b5:
1c:0a:b0:00:f7:97:36:d7:9c:c7:b3:10:46:52:14:
a5:d0:f4:20:5d:b3:fb:71:fc:b1:3c:83:33:49:74:
ab:bf:e2:ab:88:38:65:9e:74:f2:09:ef:e4:05:a2:
b4:4a:68:f4:5a:d1:2c:e6:1a:a3:8b:97:ba:a9:fe:
30:63:c2:37:0a:7a:17:7e:86:b7:2a:21:aa:a3:ca:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D8:77:1D:E8:12:CC:70:A6:04:10:56:19:C4:D6:06:31:2A:9B:E9
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/09h3HegSzHCmBBBWGcTWBjEqm-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/23
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
25:b5:a6:38:e5:e4:de:a9:ce:9d:e7:39:f4:3c:8a:7c:1c:bd:
66:b8:c5:73:0e:78:3a:3d:b8:df:c9:62:64:87:03:e3:af:70:
e2:47:9f:08:56:24:5b:0b:d5:f6:fe:3d:33:f6:ee:da:31:16:
98:7e:3d:7d:6b:9e:00:d3:a6:e5:29:82:55:71:e7:b1:a0:d1:
c4:ef:16:f4:84:b2:19:e6:16:e6:d8:84:84:92:a8:ef:ca:43:
5f:59:5a:93:d0:b5:86:eb:42:0c:84:a2:77:0d:f6:54:e4:77:
ec:62:a2:4a:39:e8:b5:cc:77:78:1a:9b:2d:05:9e:2a:d9:52:
c7:ef:ef:0d:bd:ec:f3:91:d4:67:04:1d:0a:7f:d9:dc:d0:56:
81:72:64:cb:51:82:20:a6:b9:e1:a3:9e:59:06:60:58:6b:8f:
53:07:d1:c4:24:83:40:07:61:fc:99:f4:11:8b:00:d3:3a:d9:
b0:cd:0a:ed:ac:f4:a7:f7:25:68:a2:6c:a8:8c:18:c6:71:f2:
97:ca:a4:03:b2:e6:56:1a:29:98:1f:f4:f1:34:a1:05:58:c9:
0c:b1:ee:02:1c:61:2a:8a:ca:a7:ff:f4:5e:0e:b0:7a:66:41:
bd:c5:5e:77:47:33:4f:ed:9b:7f:d2:d7:99:97:c3:22:35:25:
5a:fb:97:4c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQntj3bTPdsOUmHepl/alQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjUwMTAyMTU1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q4NzcxZGU4MTJjYzcwYTYwNDEwNTYxOWM0ZDYwNjMxMmE5YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNz4lAiuLzswDYCyJ7B2O1oSBCV4
tXqG7Yc1OonPZNDN2KicDfuvnxBZ+8zQBTl3QDflQXhmHFqfMLy/TDVf4WeRE+2L
tH8eoL7DOKL3IRQNdRsgdR510/hjczm2Oc1kaivQ1jobI/4/k08PfbM5irl/Kc9D
29FM4HZSR0+8O3Dot0/yNGSd4J063JufcchkXyR3a8nwWrjWlGh42ZXritWHQY+b
Ri8B/y/WqxoEuTm0u7UcCrAA95c215zHsxBGUhSl0PQgXbP7cfyxPIMzSXSrv+Kr
iDhlnnTyCe/kBaK0Smj0WtEs5hqji5e6qf4wY8I3CnoXfoa3KiGqo8rYywIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNPYdx3oEsxwpgQQVhnE1gYxKpvpMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvMDloM0hlZ1N6SENtQkJCV0djVFdCakVxbS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEAJbWmOOXk3qnOnec59DyK
fBy9ZrjFcw54Oj2438liZIcD469w4kefCFYkWwvV9v49M/bu2jEWmH49fWueANOm
5SmCVXHnsaDRxO8W9ISyGeYW5tiEhJKo78pDX1lak9C1hutCDISidw32VOR37GKi
Sjnotcx3eBqbLQWeKtlSx+/vDb3s85HUZwQdCn/Z3NBWgXJky1GCIKa54aOeWQZg
WGuPUwfRxCSDQAdh/Jn0EYsA0zrZsM0K7az0p/claKJsqIwYxnHyl8qkA7LmVhop
mB/08TShBVjJDLHuAhxhKorKp//0Xg6wemZBvcVed0czT+2bf9LXmZfDIjUlWvuX
TA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:15 2025 by rpki-client