Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/m_k3Aqy-aX7CwHacvMO7KscI6WI.roa
File: m_k3Aqy-aX7CwHacvMO7KscI6WI.roa (raw, json)
Hash identifier: FW7of+gpwTivV7HfNQEL7I3Yftx4/Lrk33rZymDJAac=
Subject key identifier: 9B:F9:37:02:AC:BE:69:7E:C2:C0:76:9C:BC:C3:BB:2A:C7:08:E9:62
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 01941FFA290E5B82FD8629477F8161FB6ABF
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/m_k3Aqy-aX7CwHacvMO7KscI6WI.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 185.114.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:29:0e:5b:82:fd:86:29:47:7f:81:61:fb:6a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bf93702acbe697ec2c0769cbcc3bb2ac708e962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:2b:48:ca:ec:3a:e0:f6:c5:a3:35:cd:5d:
8d:24:13:aa:ba:28:28:fb:67:42:7e:1b:e8:00:06:
8d:b7:d9:1c:3c:ba:fc:e6:ea:de:3a:a2:e3:28:f5:
e8:67:1c:d0:23:88:82:59:d6:6d:f8:e3:8a:a5:72:
b6:ec:ca:a8:90:ce:02:c4:10:db:e1:77:cb:44:a3:
aa:29:9a:f7:33:df:50:5e:e4:0c:d3:3d:e6:46:5e:
90:38:18:51:5d:0a:d7:4c:f1:a0:89:6c:18:72:df:
0b:fe:28:26:0f:94:b3:6c:08:b3:17:84:a1:a4:93:
3e:19:8b:a8:33:ca:c1:0d:5d:3d:e5:42:f9:0a:00:
9c:c5:c9:af:e3:f1:07:89:2b:51:cb:f1:87:29:76:
e7:8c:7f:81:da:0a:46:65:af:1d:ea:1c:f3:5d:33:
8a:d3:50:91:44:da:fa:31:1b:23:f1:a4:cb:ea:17:
93:22:6e:5f:a2:0d:5f:e5:c3:c4:f1:9e:0e:34:88:
64:4f:7a:70:1f:e1:f0:d7:e5:95:dc:c0:99:1f:cd:
16:a7:20:ce:5a:6e:5d:db:2c:73:e2:ec:b3:51:c5:
5a:90:dd:9b:65:25:9c:21:50:bc:55:85:36:40:7f:
ab:6c:40:29:af:5d:a4:67:bb:8f:78:12:64:b6:49:
dc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F9:37:02:AC:BE:69:7E:C2:C0:76:9C:BC:C3:BB:2A:C7:08:E9:62
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/m_k3Aqy-aX7CwHacvMO7KscI6WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.33.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:05:a6:0c:75:60:13:3d:e6:b9:b1:9a:61:19:2c:90:b1:de:
c3:b6:05:d4:6d:1b:d2:65:df:a1:ae:b2:89:e4:28:7a:d6:5b:
13:59:de:d0:73:f0:9b:f6:5e:5f:bd:ac:45:99:c9:68:ef:f9:
e9:06:b4:e2:6e:17:a5:8d:7b:c0:45:c6:ad:93:72:ce:45:3d:
d2:dd:5e:a0:0e:72:71:85:20:9e:76:89:35:b6:cd:88:da:d7:
9e:1f:b7:79:4a:cf:b0:de:f3:5a:f2:24:b4:53:e5:64:91:8f:
a9:7a:92:e9:b8:8d:bd:21:d5:23:0e:79:16:64:48:aa:b0:96:
55:57:19:05:17:d8:05:1c:47:59:49:45:c4:5a:f0:a2:aa:39:
b7:de:d7:de:a8:17:7d:7c:66:12:3c:40:0c:d9:3d:b4:24:6e:
be:cd:ec:0e:3b:c3:23:23:e5:7b:b3:d4:28:b6:5f:cd:66:ce:
d1:ed:b7:66:dd:40:1d:0c:d4:4f:78:44:bf:f2:d3:38:a5:2e:
34:8c:c9:8d:58:ba:7a:13:cf:87:a6:79:dd:d6:d1:bd:b6:2f:
5c:90:8e:a1:7e:2a:50:59:77:0c:0f:6a:27:7e:f1:60:2f:14:
ca:61:c7:d6:16:6c:b4:67:32:c4:04:35:17:05:49:ff:a2:9f:
5b:76:a7:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ikOW4L9hilHf4Fh+2q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmY5MzcwMmFjYmU2OTdlYzJjMDc2OWNiY2MzYmIyYWM3MDhlOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc8rSMrsOuD2xaM1zV2NJBOquigo
+2dCfhvoAAaNt9kcPLr85ureOqLjKPXoZxzQI4iCWdZt+OOKpXK27MqokM4CxBDb
4XfLRKOqKZr3M99QXuQM0z3mRl6QOBhRXQrXTPGgiWwYct8L/igmD5SzbAizF4Sh
pJM+GYuoM8rBDV095UL5CgCcxcmv4/EHiStRy/GHKXbnjH+B2gpGZa8d6hzzXTOK
01CRRNr6MRsj8aTL6heTIm5fog1f5cPE8Z4ONIhkT3pwH+Hw1+WV3MCZH80WpyDO
Wm5d2yxz4uyzUcVakN2bZSWcIVC8VYU2QH+rbEApr12kZ7uPeBJktkncQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJv5NwKsvml+wsB2nLzDuyrHCOliMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvbV9rM0FxeS1hWDdDd0hhY3ZNTzdLc2NJNldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXIhMA0G
CSqGSIb3DQEBCwUAA4IBAQB7BaYMdWATPea5sZphGSyQsd7DtgXUbRvSZd+hrrKJ
5Ch61lsTWd7Qc/Cb9l5fvaxFmclo7/npBrTibheljXvARcatk3LORT3S3V6gDnJx
hSCedok1ts2I2teeH7d5Ss+w3vNa8iS0U+VkkY+pepLpuI29IdUjDnkWZEiqsJZV
VxkFF9gFHEdZSUXEWvCiqjm33tfeqBd9fGYSPEAM2T20JG6+zewOO8MjI+V7s9Qo
tl/NZs7R7bdm3UAdDNRPeES/8tM4pS40jMmNWLp6E8+Hpnnd1tG9ti9ckI6hfipQ
WXcMD2onfvFgLxTKYcfWFmy0ZzLEBDUXBUn/op9bdqfJ
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:09:05 2025 by rpki-client