Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/9gswIUnAaS1IBv5fuNBqUKNMfqs.roa
File: 9gswIUnAaS1IBv5fuNBqUKNMfqs.roa (raw, json)
Hash identifier: lylk+NlcGPhSxgLHOS7jiDLjzNF20oemeodaYXlxSEQ=
Subject key identifier: F6:0B:30:21:49:C0:69:2D:48:06:FE:5F:B8:D0:6A:50:A3:4C:7E:AB
Certificate issuer: /CN=8f38f859e5e67662ae09990f384fa86c932710ab
Certificate serial: 019425213F6231A8908DD1C924CE20A28F84
Authority key identifier: 8F:38:F8:59:E5:E6:76:62:AE:09:99:0F:38:4F:A8:6C:93:27:10:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzj4WeXmdmKuCZkPOE-obJMnEKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/9gswIUnAaS1IBv5fuNBqUKNMfqs.roa
Signing time: Thu 02 Jan 2025 03:48:43 +0000
ROA not before: Thu 02 Jan 2025 03:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204907
IP address blocks: 185.33.156.0/24 maxlen: 24
185.33.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:3f:62:31:a8:90:8d:d1:c9:24:ce:20:a2:8f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f38f859e5e67662ae09990f384fa86c932710ab
Validity
Not Before: Jan 2 03:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f60b302149c0692d4806fe5fb8d06a50a34c7eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:89:e9:b8:34:db:75:14:76:f4:0d:c4:1b:
9b:30:1b:17:a1:b6:f2:72:e3:d4:0b:01:5e:fa:54:
7b:6b:7d:9d:72:34:2c:ea:2c:6a:42:b5:98:e2:78:
a4:7f:a0:6e:17:cd:04:91:a5:7e:81:0b:7f:fe:58:
53:9f:8d:7a:79:46:7a:14:ad:dc:97:b2:ee:8f:8f:
16:c0:1d:1a:9b:66:be:91:f8:3d:08:dd:c8:82:76:
77:c9:03:37:39:59:57:96:0f:a6:45:30:d8:d4:10:
4a:92:6d:89:5e:53:59:20:d3:26:ce:d9:62:41:89:
a8:c0:b8:b2:4c:bb:b4:ea:f0:23:20:2f:e1:75:f4:
03:ce:60:c5:a2:e8:9c:8f:8a:34:85:e7:81:2a:14:
0f:96:6b:d8:98:96:38:26:57:40:46:9c:69:21:f0:
06:01:ca:f6:84:11:40:0d:92:80:44:1a:64:5f:1d:
3f:35:e4:8d:64:21:43:f6:a7:94:cd:09:85:a0:6c:
26:6d:90:b5:2f:95:06:4d:aa:84:fc:34:ca:29:90:
a0:fd:8d:76:42:a5:8a:65:60:9d:4c:95:ca:a9:b2:
9c:bf:6c:2f:1e:f4:a6:27:f9:0c:fe:0d:af:4e:44:
d3:8c:fc:df:f1:ef:ee:89:4d:b2:ca:50:91:20:3c:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0B:30:21:49:C0:69:2D:48:06:FE:5F:B8:D0:6A:50:A3:4C:7E:AB
X509v3 Authority Key Identifier:
keyid:8F:38:F8:59:E5:E6:76:62:AE:09:99:0F:38:4F:A8:6C:93:27:10:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzj4WeXmdmKuCZkPOE-obJMnEKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/9gswIUnAaS1IBv5fuNBqUKNMfqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/jzj4WeXmdmKuCZkPOE-obJMnEKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.156.0/24
185.33.158.0/24
Signature Algorithm: sha256WithRSAEncryption
78:aa:4c:13:7d:fe:b2:5f:fc:ab:3a:f1:7b:30:bc:29:df:0f:
36:47:66:93:70:af:90:f4:2d:23:cc:19:1d:8e:d4:10:1b:40:
5b:2e:3f:b4:a6:3a:b9:3c:4a:d6:00:41:1b:9e:46:89:fd:e2:
03:81:bc:59:c8:18:af:34:85:19:27:47:41:2f:94:d7:39:5a:
1b:7c:51:9d:3b:9f:d1:e0:df:3f:2b:67:bc:43:e5:3e:a8:29:
d5:ae:3f:9e:54:9d:dc:44:17:3b:f5:a9:db:7f:d5:37:ef:8b:
a1:c4:08:14:c6:03:89:57:b8:c4:9d:28:fd:04:7d:a7:c2:9c:
bb:f6:16:b3:15:d1:55:71:73:38:f9:dd:43:7a:8b:c0:fe:fc:
32:ad:d4:66:57:9a:c8:21:3e:14:0a:30:b0:75:2e:74:77:07:
7c:91:7f:ff:98:ee:f7:d4:96:13:6e:69:15:c3:35:0b:71:9c:
e4:d8:8f:53:d5:26:b3:22:8e:38:a3:a4:be:5a:82:cd:8b:39:
25:f3:ef:f4:74:7c:67:71:44:df:72:d5:21:ea:d0:ec:f6:7a:
38:87:ca:cb:ba:7f:64:e7:2d:bd:b6:94:df:49:d2:0b:b1:29:
81:6a:dc:e1:0d:a7:57:a1:b5:9a:75:91:83:ae:1c:8e:89:90:
03:d7:9d:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIT9iMaiQjdHJJM4goo+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzhmODU5ZTVlNjc2NjJhZTA5OTkwZjM4NGZhODZjOTMy
NzEwYWIwHhcNMjUwMTAyMDM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjBiMzAyMTQ5YzA2OTJkNDgwNmZlNWZiOGQwNmE1MGEzNGM3ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthuJ6bg023UUdvQNxBubMBsXobby
cuPUCwFe+lR7a32dcjQs6ixqQrWY4nikf6BuF80EkaV+gQt//lhTn416eUZ6FK3c
l7Luj48WwB0am2a+kfg9CN3IgnZ3yQM3OVlXlg+mRTDY1BBKkm2JXlNZINMmztli
QYmowLiyTLu06vAjIC/hdfQDzmDFouicj4o0heeBKhQPlmvYmJY4JldARpxpIfAG
Acr2hBFADZKARBpkXx0/NeSNZCFD9qeUzQmFoGwmbZC1L5UGTaqE/DTKKZCg/Y12
QqWKZWCdTJXKqbKcv2wvHvSmJ/kM/g2vTkTTjPzf8e/uiU2yylCRIDyKgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPYLMCFJwGktSAb+X7jQalCjTH6rMB8GA1UdIwQY
MBaAFI84+Fnl5nZirgmZDzhPqGyTJxCrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpqNFdlWG1kbUt1Q1prUE9FLW9iSk1uRUtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8xY2E0N2MtYjA4Ny00NmVmLWEwNTEt
YWIwYmM1MmExODgzLzEvOWdzd0lVbkFhUzFJQnY1ZnVOQnFVS05NZnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8xY2E0N2MtYjA4Ny00NmVmLWEwNTEtYWIwYmM1MmExODgz
LzEvanpqNFdlWG1kbUt1Q1prUE9FLW9iSk1uRUtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSGcAwQA
uSGeMA0GCSqGSIb3DQEBCwUAA4IBAQB4qkwTff6yX/yrOvF7MLwp3w82R2aTcK+Q
9C0jzBkdjtQQG0BbLj+0pjq5PErWAEEbnkaJ/eIDgbxZyBivNIUZJ0dBL5TXOVob
fFGdO5/R4N8/K2e8Q+U+qCnVrj+eVJ3cRBc79anbf9U374uhxAgUxgOJV7jEnSj9
BH2nwpy79hazFdFVcXM4+d1DeovA/vwyrdRmV5rIIT4UCjCwdS50dwd8kX//mO73
1JYTbmkVwzULcZzk2I9T1SazIo44o6S+WoLNizkl8+/0dHxncUTfctUh6tDs9no4
h8rLun9k5y29tpTfSdILsSmBatzhDadXobWadZGDrhyOiZAD152v
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:55:12 2025 by rpki-client