Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/orjkFnmOp2fkt5BOjfHTUe1SFM8.roa
File: orjkFnmOp2fkt5BOjfHTUe1SFM8.roa (raw, json)
Hash identifier: VR0THqWhrxUSaUWx/H66JHdMtnv+5/NgmHEPJq0RqoM=
Subject key identifier: A2:B8:E4:16:79:8E:A7:67:E4:B7:90:4E:8D:F1:D3:51:ED:52:14:CF
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 019423D6C41452AED8B0610E7DCC09A41152
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/orjkFnmOp2fkt5BOjfHTUe1SFM8.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199487
IP address blocks: 185.9.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c4:14:52:ae:d8:b0:61:0e:7d:cc:09:a4:11:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2b8e416798ea767e4b7904e8df1d351ed5214cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:88:3a:76:1a:48:17:d8:92:b5:5b:b4:bd:0b:
31:d7:ad:82:59:a2:ae:a0:e7:39:51:2e:cd:f3:e2:
df:34:16:9b:fd:0a:50:c4:f8:15:9e:97:04:72:98:
f8:97:a5:87:f0:58:53:4c:88:7c:50:67:80:23:bc:
8c:fb:50:21:67:d6:78:74:12:c0:99:a4:c7:a6:44:
7f:34:a5:dc:dd:c3:e5:c5:00:3e:32:1d:a3:25:82:
d9:c1:5b:ef:8f:ba:e7:38:8b:05:a0:56:f4:5b:56:
ff:30:b2:66:f8:b7:b8:ce:4a:ea:db:bc:f7:36:55:
da:f9:07:8a:4c:fc:6a:a1:11:42:2a:ef:90:35:b9:
a0:39:cd:30:db:fa:4d:3e:e1:2d:2c:67:bd:6b:2d:
37:83:7d:d8:52:1b:bd:d3:c5:9e:cf:68:91:02:0a:
30:72:e8:28:24:3d:e6:44:d3:a2:fc:05:2f:1c:f6:
5e:b6:56:c3:15:77:05:30:d6:45:60:23:5f:e0:d9:
5c:4f:db:e3:22:c6:76:dc:8c:5b:06:73:63:bb:1f:
f0:db:8a:63:d2:5a:b6:a5:e7:47:95:17:61:ca:9e:
18:58:20:00:ee:da:4e:06:bc:08:c5:cd:d1:29:d0:
f0:de:9a:8f:07:44:40:20:38:69:8d:97:b6:ad:89:
b2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B8:E4:16:79:8E:A7:67:E4:B7:90:4E:8D:F1:D3:51:ED:52:14:CF
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/orjkFnmOp2fkt5BOjfHTUe1SFM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.21.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b7:8b:87:40:91:d0:0e:47:2a:91:96:b6:af:c2:27:4d:ff:
67:89:d8:a6:28:f2:6a:cf:80:eb:23:5e:63:f2:25:3b:2f:85:
19:70:ad:e9:f5:37:39:66:c8:d9:9a:d2:4b:19:7b:27:4f:ee:
59:00:6c:1e:3c:98:29:fe:d1:76:28:48:48:80:c9:62:c7:9a:
21:b5:c5:ff:ce:dc:5b:e6:2d:b9:cc:11:fc:02:1b:f7:85:03:
1a:35:a2:02:55:fd:9e:d7:74:97:07:01:4c:90:a9:22:43:1d:
f6:b2:dc:7b:23:06:bb:73:74:5a:e4:b9:81:15:82:cb:14:99:
7d:d6:73:70:ee:40:ff:cf:cf:3a:08:d4:35:60:cd:d5:0f:49:
38:cd:8a:00:9e:3a:9e:78:4c:70:30:dd:08:55:30:c5:16:6f:
b9:9c:36:6d:51:4b:88:d7:00:05:3b:f6:59:b2:03:48:62:df:
10:45:b1:b3:ef:5c:cb:c5:61:7a:15:51:2b:ab:7a:88:92:e6:
cb:6f:19:1d:3c:50:d6:9c:75:30:8d:ac:46:d6:c1:ba:7a:1d:
70:da:c0:ba:a2:bc:64:ba:a1:12:03:72:70:0e:ab:d7:2c:16:
a1:39:5c:1d:85:9f:49:92:b1:96:51:da:aa:4a:86:04:41:c2:
af:a0:00:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sQUUq7YsGEOfcwJpBFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI4ZTQxNjc5OGVhNzY3ZTRiNzkwNGU4ZGYxZDM1MWVkNTIxNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYg6dhpIF9iStVu0vQsx162CWaKu
oOc5US7N8+LfNBab/QpQxPgVnpcEcpj4l6WH8FhTTIh8UGeAI7yM+1AhZ9Z4dBLA
maTHpkR/NKXc3cPlxQA+Mh2jJYLZwVvvj7rnOIsFoFb0W1b/MLJm+Le4zkrq27z3
NlXa+QeKTPxqoRFCKu+QNbmgOc0w2/pNPuEtLGe9ay03g33YUhu908Wez2iRAgow
cugoJD3mRNOi/AUvHPZetlbDFXcFMNZFYCNf4NlcT9vjIsZ23IxbBnNjux/w24pj
0lq2pedHlRdhyp4YWCAA7tpOBrwIxc3RKdDw3pqPB0RAIDhpjZe2rYmyjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKK45BZ5jqdn5LeQTo3x01HtUhTPMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvb3Jqa0ZubU9wMmZrdDVCT2pmSFRVZTFTRk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQkVMA0G
CSqGSIb3DQEBCwUAA4IBAQBDt4uHQJHQDkcqkZa2r8InTf9nidimKPJqz4DrI15j
8iU7L4UZcK3p9Tc5ZsjZmtJLGXsnT+5ZAGwePJgp/tF2KEhIgMlix5ohtcX/ztxb
5i25zBH8Ahv3hQMaNaICVf2e13SXBwFMkKkiQx32stx7Iwa7c3Ra5LmBFYLLFJl9
1nNw7kD/z886CNQ1YM3VD0k4zYoAnjqeeExwMN0IVTDFFm+5nDZtUUuI1wAFO/ZZ
sgNIYt8QRbGz71zLxWF6FVErq3qIkubLbxkdPFDWnHUwjaxG1sG6eh1w2sC6orxk
uqESA3JwDqvXLBahOVwdhZ9JkrGWUdqqSoYEQcKvoAAm
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:17:46 2025 by rpki-client