Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/s9-7uzfILp_wqpuTQ6RY06M_vb0.roa
File: s9-7uzfILp_wqpuTQ6RY06M_vb0.roa (raw, json)
Hash identifier: Pd9QbCwquRy9rtMT/uczWDR3qfrQi3t7npfRPZFPtOw=
Subject key identifier: B3:DF:BB:BB:37:C8:2E:9F:F0:AA:9B:93:43:A4:58:D3:A3:3F:BD:BD
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 019421B1E4694904714382CD480E3B3262CA
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/s9-7uzfILp_wqpuTQ6RY06M_vb0.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 185.28.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:69:49:04:71:43:82:cd:48:0e:3b:32:62:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3dfbbbb37c82e9ff0aa9b9343a458d3a33fbdbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:2f:45:56:9d:b3:95:42:db:b0:c7:94:bf:
1e:f4:69:44:f3:80:e5:e2:4a:4c:56:4a:9e:8e:45:
2e:a3:0d:c4:4b:f3:c3:29:b9:d0:22:d6:5c:0e:80:
17:84:85:b4:25:4c:e7:b9:04:e8:66:dc:a7:10:dd:
82:53:fe:80:b7:2d:79:af:66:68:0d:14:82:96:63:
cf:d8:59:28:8b:2f:7e:db:53:7e:35:90:fd:29:2d:
e8:3a:c1:90:bc:0c:6f:75:87:c5:36:e9:31:62:77:
73:2b:8f:4c:90:63:b7:7c:dc:ab:c8:d0:94:ed:3b:
4d:68:41:c8:a7:42:d4:66:e8:cd:14:b3:af:30:7f:
1b:dd:0f:23:a2:a3:bd:43:cd:2d:14:97:ee:93:82:
ad:bd:b3:83:a8:40:b6:6d:71:2e:51:72:e4:c6:5b:
60:30:b4:b0:1a:c7:57:55:c3:fb:5e:11:ca:11:6b:
27:d5:d6:af:2e:20:42:5d:76:51:6c:59:5f:74:2a:
38:18:67:dd:93:b8:3b:e8:3d:05:80:a8:f6:c2:0b:
f2:2b:be:45:14:60:b4:12:31:cc:63:1d:4d:59:ac:
36:13:f2:c1:63:ee:86:37:46:0e:d6:4b:08:ab:b4:
ff:2c:fa:e2:38:1a:b9:db:40:9c:fc:eb:cb:9a:a3:
fa:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DF:BB:BB:37:C8:2E:9F:F0:AA:9B:93:43:A4:58:D3:A3:3F:BD:BD
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/s9-7uzfILp_wqpuTQ6RY06M_vb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.36.0/24
Signature Algorithm: sha256WithRSAEncryption
24:69:5f:c0:8d:2c:bb:58:ea:04:62:8c:58:12:87:3f:29:67:
6c:4a:32:42:ed:93:78:d7:95:f3:7b:8b:e6:48:2e:e3:00:7d:
22:4c:35:25:b7:24:3c:a7:68:b1:9d:05:98:f3:04:fa:4d:c5:
d3:7b:ce:30:3e:52:2b:1d:74:eb:86:ad:75:75:10:3d:5b:b4:
ef:85:3e:92:ab:c2:aa:0f:ed:77:72:6f:83:c6:09:38:f7:6b:
f8:79:aa:02:33:52:92:b4:de:66:bf:2f:5d:a8:e8:f3:45:82:
4d:cc:79:9e:8d:72:d1:c1:66:31:c1:2b:b8:63:ac:5b:e9:e7:
ad:91:d4:a5:27:c5:66:22:d2:70:48:e7:92:7f:58:25:1b:65:
03:35:bc:57:f0:29:49:8a:35:ae:81:c1:26:4e:d7:ac:15:76:
00:ce:91:1a:ce:4a:0d:9e:95:ba:a2:ff:de:56:94:59:30:d4:
6f:03:ef:67:81:69:a4:2b:93:1e:f5:52:15:0f:e5:87:cf:15:
cf:19:3b:22:dd:2b:ac:3f:a8:18:d2:bd:0e:87:e9:69:ae:69:
a5:a3:9b:c3:27:59:d5:74:69:43:a5:49:a0:af:ab:c5:98:04:
d0:21:ac:f9:91:e8:65:3b:42:04:95:b0:dd:e1:6e:fa:89:98:
9b:98:32:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhseRpSQRxQ4LNSA47MmLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RmYmJiYjM3YzgyZTlmZjBhYTliOTM0M2E0NThkM2EzM2ZiZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKsvRVads5VC27DHlL8e9GlE84Dl
4kpMVkqejkUuow3ES/PDKbnQItZcDoAXhIW0JUznuQToZtynEN2CU/6Aty15r2Zo
DRSClmPP2Fkoiy9+21N+NZD9KS3oOsGQvAxvdYfFNukxYndzK49MkGO3fNyryNCU
7TtNaEHIp0LUZujNFLOvMH8b3Q8joqO9Q80tFJfuk4KtvbODqEC2bXEuUXLkxltg
MLSwGsdXVcP7XhHKEWsn1davLiBCXXZRbFlfdCo4GGfdk7g76D0FgKj2wgvyK75F
FGC0EjHMYx1NWaw2E/LBY+6GN0YO1ksIq7T/LPriOBq520Cc/OvLmqP6bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPfu7s3yC6f8Kqbk0OkWNOjP729MB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvczktN3V6ZklMcF93cXB1VFE2UlkwNk1fdmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMtYWU5OTllZDdjNWQ0
LzEvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRwkMA0G
CSqGSIb3DQEBCwUAA4IBAQAkaV/AjSy7WOoEYoxYEoc/KWdsSjJC7ZN415Xze4vm
SC7jAH0iTDUltyQ8p2ixnQWY8wT6TcXTe84wPlIrHXTrhq11dRA9W7TvhT6Sq8Kq
D+13cm+Dxgk492v4eaoCM1KStN5mvy9dqOjzRYJNzHmejXLRwWYxwSu4Y6xb6eet
kdSlJ8VmItJwSOeSf1glG2UDNbxX8ClJijWugcEmTtesFXYAzpEazkoNnpW6ov/e
VpRZMNRvA+9ngWmkK5Me9VIVD+WHzxXPGTsi3SusP6gY0r0Oh+lprmmlo5vDJ1nV
dGlDpUmgr6vFmATQIaz5kehlO0IElbDd4W76iZibmDIT
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:17:27 2025 by rpki-client