Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/muAVUu1aPnEHmAc-r1xMJMX_xwE.roa
File: muAVUu1aPnEHmAc-r1xMJMX_xwE.roa (raw, json)
Hash identifier: t/IG40S9IeJr1JmuDkCemhTExv33uEsQ8ntTYx4HhXI=
Subject key identifier: 9A:E0:15:52:ED:5A:3E:71:07:98:07:3E:AF:5C:4C:24:C5:FF:C7:01
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 01942368C845B54FE26A43D363A5F011BAFF
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/muAVUu1aPnEHmAc-r1xMJMX_xwE.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.86.0/24 maxlen: 32
2001:7f8:af::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c8:45:b5:4f:e2:6a:43:d3:63:a5:f0:11:ba:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ae01552ed5a3e710798073eaf5c4c24c5ffc701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:92:09:15:08:46:9a:38:64:e0:94:b1:b5:
c9:2f:1e:25:e5:e3:9a:82:99:89:aa:00:d5:15:a9:
ff:6d:52:dc:3a:15:e9:dd:c7:4e:b5:cc:e3:5c:68:
fc:17:ac:73:63:86:36:98:df:b3:4a:0e:c2:09:a3:
73:cf:c2:93:7d:62:3b:54:33:c7:f6:76:14:af:b7:
92:74:a1:05:4d:07:02:f3:1f:ee:4a:30:42:7f:b4:
b3:f8:fd:87:dc:22:3a:51:b5:ba:89:1c:84:0c:63:
b4:a7:48:44:af:2e:42:27:4a:62:55:67:97:f4:d7:
f3:fc:70:4a:4b:31:78:d3:91:8a:b7:b7:34:0b:99:
ab:10:12:3a:a7:ed:59:12:79:e9:db:2e:a7:39:97:
6d:cf:6a:8c:f3:fe:d3:2e:1a:0b:30:20:47:c8:cc:
46:00:59:ea:3e:8c:3b:9c:e9:9a:5b:60:49:19:70:
a5:1f:1f:f6:e0:53:d0:ed:01:00:69:12:2e:a6:fc:
3d:3e:4e:81:5d:98:64:49:03:23:25:20:e6:a1:85:
77:0a:6c:7e:d5:00:ca:ad:99:da:49:32:f9:d6:93:
5b:46:e5:f4:e7:6a:67:69:38:50:cd:ff:7b:06:f0:
38:4c:59:6b:a4:ad:81:3a:2b:f9:34:dc:3b:12:35:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E0:15:52:ED:5A:3E:71:07:98:07:3E:AF:5C:4C:24:C5:FF:C7:01
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/muAVUu1aPnEHmAc-r1xMJMX_xwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.86.0/24
IPv6:
2001:7f8:af::/48
Signature Algorithm: sha256WithRSAEncryption
3c:68:42:08:58:68:6c:73:8c:83:8f:39:6e:ea:fa:3c:e0:a4:
cc:00:10:f1:83:0a:e6:fa:a7:07:bb:03:a1:45:43:b7:7f:9c:
26:e2:f9:b7:5a:fd:91:54:07:f6:3f:32:8f:31:ee:eb:7d:72:
79:1a:f2:31:71:c6:87:ce:24:3f:71:6a:17:b1:30:d7:23:d9:
74:ae:1e:46:5a:f2:fd:77:37:fe:7c:a3:b5:44:5b:cb:cd:a7:
56:fb:c3:82:1b:03:6d:22:f2:50:0d:a2:14:43:64:a9:a3:6f:
c5:30:e6:a9:2b:fd:25:89:64:47:73:9b:f1:78:87:ef:90:8a:
0d:87:a2:80:17:8b:c6:7d:78:b9:f0:6c:48:fe:7a:7f:d6:f1:
5e:c1:eb:70:d1:8f:23:5f:54:10:cb:d5:30:fb:64:41:c4:dd:
fa:dc:23:9d:5a:65:cf:4a:75:a4:4e:ab:ee:f2:f2:2e:cd:03:
f4:4f:87:56:91:ca:5c:ed:be:2c:a6:72:6f:70:09:de:2a:05:
4f:3a:ac:af:2f:58:67:b0:d6:0a:c9:98:d2:df:44:da:82:f9:
54:25:4d:14:19:d4:4b:d6:86:c8:58:b9:8b:4b:32:fd:39:59:
a7:f0:ca:c0:8e:33:b6:0a:21:f8:71:47:53:55:0b:fd:33:f1:
e4:97:2b:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjaMhFtU/iakPTY6XwEbr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3
NTYxNTYwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWUwMTU1MmVkNWEzZTcxMDc5ODA3M2VhZjVjNGMyNGM1ZmZjNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7OSCRUIRpo4ZOCUsbXJLx4l5eOa
gpmJqgDVFan/bVLcOhXp3cdOtczjXGj8F6xzY4Y2mN+zSg7CCaNzz8KTfWI7VDPH
9nYUr7eSdKEFTQcC8x/uSjBCf7Sz+P2H3CI6UbW6iRyEDGO0p0hEry5CJ0piVWeX
9Nfz/HBKSzF405GKt7c0C5mrEBI6p+1ZEnnp2y6nOZdtz2qM8/7TLhoLMCBHyMxG
AFnqPow7nOmaW2BJGXClHx/24FPQ7QEAaRIupvw9Pk6BXZhkSQMjJSDmoYV3Cmx+
1QDKrZnaSTL51pNbRuX052pnaThQzf97BvA4TFlrpK2BOiv5NNw7EjW0sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJrgFVLtWj5xB5gHPq9cTCTF/8cBMB8GA1UdIwQY
MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt
M2U0MGQwMTc0MGIyLzEvbXVBVlV1MWFQbkVIbUFjLXIxeE1KTVhfeHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy
LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFWMA8E
AgACMAkDBwAgAQf4AK8wDQYJKoZIhvcNAQELBQADggEBADxoQghYaGxzjIOPOW7q
+jzgpMwAEPGDCub6pwe7A6FFQ7d/nCbi+bda/ZFUB/Y/Mo8x7ut9cnka8jFxxofO
JD9xahexMNcj2XSuHkZa8v13N/58o7VEW8vNp1b7w4IbA20i8lANohRDZKmjb8Uw
5qkr/SWJZEdzm/F4h++Qig2HooAXi8Z9eLnwbEj+en/W8V7B63DRjyNfVBDL1TD7
ZEHE3frcI51aZc9KdaROq+7y8i7NA/RPh1aRylztviymcm9wCd4qBU86rK8vWGew
1grJmNLfRNqC+VQlTRQZ1EvWhshYuYtLMv05WafwysCOM7YKIfhxR1NVC/0z8eSX
K+o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:53 2025 by rpki-client