Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/9Z7pH5NPnAqikrLECUV4KgNs0A8.roa
File: 9Z7pH5NPnAqikrLECUV4KgNs0A8.roa (raw, json)
Hash identifier: MDaAz2g07ukZgilrtHl7Gypl8ywa3pObRf5OUvVo4KA=
Subject key identifier: F5:9E:E9:1F:93:4F:9C:0A:A2:92:B2:C4:09:45:78:2A:03:6C:D0:0F
Certificate issuer: /CN=1083f3f195974f0e90084e0e327ff5b667e6fd90
Certificate serial: 019486827ECE3026123862A1341E58914572
Authority key identifier: 10:83:F3:F1:95:97:4F:0E:90:08:4E:0E:32:7F:F5:B6:67:E6:FD:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/9Z7pH5NPnAqikrLECUV4KgNs0A8.roa
Signing time: Tue 21 Jan 2025 01:38:06 +0000
ROA not before: Tue 21 Jan 2025 01:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 185.237.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:86:82:7e:ce:30:26:12:38:62:a1:34:1e:58:91:45:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1083f3f195974f0e90084e0e327ff5b667e6fd90
Validity
Not Before: Jan 21 01:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f59ee91f934f9c0aa292b2c40945782a036cd00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cf:a5:4f:ea:e4:dd:bb:67:d6:c7:24:b7:87:
3b:d5:7a:36:d8:99:a3:22:b8:9f:54:19:aa:5f:ec:
4f:b1:69:70:d5:12:8c:c9:c3:56:ff:a3:51:17:b5:
a2:2e:a3:f2:d6:95:7e:bd:88:6a:0d:24:fe:a0:9a:
0d:4e:ce:fe:95:5a:40:b1:c4:7c:3e:fe:1c:77:2d:
37:8d:b4:06:be:93:b3:20:86:2e:a4:65:9f:91:2c:
47:cf:fd:8f:aa:9c:38:ae:4f:6c:3c:82:ef:72:82:
16:27:fe:77:b7:9a:47:a3:eb:3c:21:2a:02:1d:fc:
ab:8a:59:ef:dd:31:4d:14:04:73:89:1a:d9:b1:ca:
e7:1c:63:e3:6d:fe:c5:c9:bf:3b:56:62:05:b3:1c:
72:0d:44:f9:bf:cd:52:16:df:f9:f6:ce:36:4e:d4:
ad:86:0c:52:22:6b:d0:f5:97:ef:e9:a1:7c:8b:0b:
98:31:1a:1d:09:23:08:25:7e:e6:da:56:1b:67:07:
65:c9:9f:69:f6:07:a2:36:3a:cf:79:4d:ed:4c:88:
1c:e1:5d:b3:9c:38:15:10:7c:f1:0d:e7:7d:f2:c7:
48:1d:23:11:ec:14:f8:01:63:95:c6:cd:d9:b7:80:
fa:28:7f:7e:b9:f1:96:b5:15:b4:08:8c:22:39:81:
c7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:E9:1F:93:4F:9C:0A:A2:92:B2:C4:09:45:78:2A:03:6C:D0:0F
X509v3 Authority Key Identifier:
keyid:10:83:F3:F1:95:97:4F:0E:90:08:4E:0E:32:7F:F5:B6:67:E6:FD:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/9Z7pH5NPnAqikrLECUV4KgNs0A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.95.0/24
Signature Algorithm: sha256WithRSAEncryption
34:72:a5:b3:d3:5e:45:f1:4b:5a:c9:42:2e:ce:34:53:55:d6:
3a:fb:6c:29:f3:25:02:47:2e:4a:65:e6:4a:59:71:e3:de:3e:
ed:73:8e:54:29:68:d1:73:87:b3:9e:23:94:29:dc:7c:4d:27:
84:bf:1c:e5:ea:62:2e:6a:c8:06:75:52:14:ac:a8:8b:1a:89:
57:b0:0f:97:9f:78:49:5e:c7:4e:0e:e6:23:de:ef:1f:3c:71:
c8:2b:e4:7d:a5:52:66:e6:44:b8:f4:d8:de:89:22:e1:58:78:
63:c2:d7:03:d7:da:0e:79:4c:a8:d9:2d:da:e0:69:b0:da:97:
b6:36:07:64:da:96:b0:c5:bf:5e:76:09:c3:c7:72:98:47:c0:
e2:10:5c:fe:13:9d:31:20:6c:a5:24:c4:5d:94:17:59:17:1a:
d2:13:0f:e7:b7:c1:da:d4:27:24:f6:9c:b0:03:33:af:0a:5e:
ac:ca:e1:ba:92:c3:37:60:4a:59:12:e5:66:8a:86:21:33:9d:
1e:4a:e8:69:e4:f1:d6:f3:dd:c6:07:19:59:f4:27:e8:01:60:
23:77:84:09:20:da:2f:45:bf:a5:bd:54:e3:e2:d2:74:bb:cc:
84:df:bf:dd:a2:52:be:3b:d6:a1:8f:13:b5:d0:48:74:24:fc:
d5:57:01:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSGgn7OMCYSOGKhNB5YkUVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODNmM2YxOTU5NzRmMGU5MDA4NGUwZTMyN2ZmNWI2Njdl
NmZkOTAwHhcNMjUwMTIxMDEzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTllZTkxZjkzNGY5YzBhYTI5MmIyYzQwOTQ1NzgyYTAzNmNkMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M+lT+rk3btn1sckt4c71Xo22Jmj
IrifVBmqX+xPsWlw1RKMycNW/6NRF7WiLqPy1pV+vYhqDST+oJoNTs7+lVpAscR8
Pv4cdy03jbQGvpOzIIYupGWfkSxHz/2Pqpw4rk9sPILvcoIWJ/53t5pHo+s8ISoC
Hfyrilnv3TFNFARziRrZscrnHGPjbf7Fyb87VmIFsxxyDUT5v81SFt/59s42TtSt
hgxSImvQ9Zfv6aF8iwuYMRodCSMIJX7m2lYbZwdlyZ9p9geiNjrPeU3tTIgc4V2z
nDgVEHzxDed98sdIHSMR7BT4AWOVxs3Zt4D6KH9+ufGWtRW0CIwiOYHHzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWe6R+TT5wKopKyxAlFeCoDbNAPMB8GA1UdIwQY
MBaAFBCD8/GVl08OkAhODjJ/9bZn5v2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlQejhaV1hUdzZRQ0U0T01uXzF0bWZtX1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xMWRjYTgtMjNkNC00MjRhLTg5NjUt
M2IxYzU1ZTNkZTk3LzEvOVo3cEg1TlBuQXFpa3JMRUNVVjRLZ05zMEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xMWRjYTgtMjNkNC00MjRhLTg5NjUtM2IxYzU1ZTNkZTk3
LzEvRUlQejhaV1hUdzZRQ0U0T01uXzF0bWZtX1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue1fMA0G
CSqGSIb3DQEBCwUAA4IBAQA0cqWz015F8UtayUIuzjRTVdY6+2wp8yUCRy5KZeZK
WXHj3j7tc45UKWjRc4ezniOUKdx8TSeEvxzl6mIuasgGdVIUrKiLGolXsA+Xn3hJ
XsdODuYj3u8fPHHIK+R9pVJm5kS49NjeiSLhWHhjwtcD19oOeUyo2S3a4Gmw2pe2
Ngdk2pawxb9edgnDx3KYR8DiEFz+E50xIGylJMRdlBdZFxrSEw/nt8Ha1Cck9pyw
AzOvCl6syuG6ksM3YEpZEuVmioYhM50eSuhp5PHW893GBxlZ9CfoAWAjd4QJINov
Rb+lvVTj4tJ0u8yE37/dolK+O9ahjxO10Eh0JPzVVwG0
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:35:40 2025 by rpki-client