Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/JxS9B3-r4nmDK2LpLdZXebZoH3Q.roa
File: JxS9B3-r4nmDK2LpLdZXebZoH3Q.roa (raw, json)
Hash identifier: eJeAJPYc498r5QOnOd4btYkoPZFePTawCT/M44uVMH4=
Subject key identifier: 27:14:BD:07:7F:AB:E2:79:83:2B:62:E9:2D:D6:57:79:B6:68:1F:74
Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Certificate serial: 0194228DF218579B49572688CF8FB118DA2E
Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/JxS9B3-r4nmDK2LpLdZXebZoH3Q.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43824
IP address blocks: 185.99.32.0/24 maxlen: 24
185.99.33.0/24 maxlen: 24
185.99.34.0/24 maxlen: 24
185.99.35.0/24 maxlen: 24
2a0a:c0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f2:18:57:9b:49:57:26:88:cf:8f:b1:18:da:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2714bd077fabe279832b62e92dd65779b6681f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:53:28:52:d1:cc:10:27:55:df:4a:37:f3:
6e:ec:2b:9c:17:54:64:9c:76:56:4c:c2:cb:0e:67:
9c:0d:25:16:db:24:e9:d4:da:a1:14:37:ec:78:6a:
70:c1:bb:02:82:cf:34:dd:e9:4a:df:89:3a:d2:9e:
c5:56:75:0b:5f:f6:e6:b0:c9:6a:68:1b:9d:86:be:
c2:32:32:76:a7:c8:ba:95:78:56:72:44:b5:c5:55:
d3:48:12:ea:fd:30:8a:83:2a:63:de:6c:ef:0c:fd:
c9:ab:ec:ae:17:a8:f8:29:08:f3:89:58:8c:19:35:
a0:61:d8:93:07:6f:c4:d5:6a:ab:c8:cd:94:cf:3e:
2f:0c:f3:04:d2:fe:9b:06:ce:63:d9:d6:4e:47:b6:
f0:7a:e6:a1:c8:45:5e:40:af:0e:0e:ec:04:25:cd:
71:8d:fd:62:eb:aa:d8:38:86:8c:21:e3:ff:1a:10:
89:be:1d:e1:c0:15:84:61:b0:28:a2:42:af:a0:5f:
8d:3c:58:9d:50:76:97:6c:94:15:25:f2:30:b8:70:
7a:98:f8:cd:da:4a:93:80:64:1b:d9:30:45:17:ab:
b7:25:2c:d3:e0:3f:8c:02:05:58:a2:76:a2:83:b4:
79:54:d9:ea:8e:5d:2e:5b:1f:aa:ea:48:3e:1e:fd:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:14:BD:07:7F:AB:E2:79:83:2B:62:E9:2D:D6:57:79:B6:68:1F:74
X509v3 Authority Key Identifier:
keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/JxS9B3-r4nmDK2LpLdZXebZoH3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.32.0/22
IPv6:
2a0a:c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
59:8d:6b:3f:b3:b7:3c:ef:8e:f3:f2:d2:d6:a3:04:a4:a8:34:
11:96:ed:53:3d:a6:7a:92:fa:f1:27:c3:d7:a6:05:ee:21:e5:
6e:39:7c:c5:bb:52:e2:84:39:6d:aa:b2:42:5a:78:9f:ea:4d:
d2:fb:6b:a2:65:9d:48:bf:96:f6:50:23:ff:c7:46:d5:15:c5:
84:1c:77:ee:3e:55:a7:be:e7:32:7a:0d:81:9d:2c:d8:d2:ac:
88:ee:16:a7:b0:cd:bd:49:87:f4:ac:3d:a3:dc:bd:af:16:1a:
cf:09:81:74:1d:0c:15:1d:4e:c2:80:6f:74:55:f6:da:10:ce:
02:7e:72:de:00:22:5a:1a:44:66:11:8d:ee:0f:43:85:9c:93:
53:5b:8b:31:25:82:ed:5d:9b:02:e5:a6:10:6b:29:28:00:7d:
8b:d4:01:48:e1:7f:ea:a4:68:3b:23:50:d5:4b:b7:51:96:f1:
d3:1d:8c:00:f1:05:03:94:a6:1b:5d:c6:e1:41:7a:a0:95:18:
ff:ab:6c:45:53:13:9e:af:08:33:a6:b8:9e:96:54:82:17:3b:
6e:34:0b:0e:fa:3a:b0:52:1d:0c:99:71:fe:41:6a:a2:5a:c1:
0e:28:38:c0:dd:6e:17:4a:d1:fa:9d:d6:80:cd:f4:fb:1f:ac:
50:83:07:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijfIYV5tJVyaIz4+xGNouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMzBjOGZkMDIwNWVjZjBlZjZiNTZlMDM3ZDU2MjliMTdi
Mjc1ZWUwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE0YmQwNzdmYWJlMjc5ODMyYjYyZTkyZGQ2NTc3OWI2NjgxZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5VTKFLRzBAnVd9KN/Nu7CucF1Rk
nHZWTMLLDmecDSUW2yTp1NqhFDfseGpwwbsCgs803elK34k60p7FVnULX/bmsMlq
aBudhr7CMjJ2p8i6lXhWckS1xVXTSBLq/TCKgypj3mzvDP3Jq+yuF6j4KQjziViM
GTWgYdiTB2/E1WqryM2Uzz4vDPME0v6bBs5j2dZOR7bweuahyEVeQK8ODuwEJc1x
jf1i66rYOIaMIeP/GhCJvh3hwBWEYbAookKvoF+NPFidUHaXbJQVJfIwuHB6mPjN
2kqTgGQb2TBFF6u3JSzT4D+MAgVYonaig7R5VNnqjl0uWx+q6kg+Hv3ZTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCcUvQd/q+J5gyti6S3WV3m2aB90MB8GA1UdIwQY
MBaAFLIwyP0CBezw72tW4DfVYpsXsnXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAt
YzhiNWRmYzVhMTNmLzEvSnhTOUIzLXI0bm1ESzJMcExkWlhlYlpvSDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAtYzhiNWRmYzVhMTNm
LzEvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuWMgMA8E
AgACMAkDBwAqCgDA//8wDQYJKoZIhvcNAQELBQADggEBAFmNaz+ztzzvjvPy0taj
BKSoNBGW7VM9pnqS+vEnw9emBe4h5W45fMW7UuKEOW2qskJaeJ/qTdL7a6JlnUi/
lvZQI//HRtUVxYQcd+4+Vae+5zJ6DYGdLNjSrIjuFqewzb1Jh/SsPaPcva8WGs8J
gXQdDBUdTsKAb3RV9toQzgJ+ct4AIloaRGYRje4PQ4Wck1NbizElgu1dmwLlphBr
KSgAfYvUAUjhf+qkaDsjUNVLt1GW8dMdjADxBQOUphtdxuFBeqCVGP+rbEVTE56v
CDOmuJ6WVIIXO240Cw76OrBSHQyZcf5BaqJawQ4oOMDdbhdK0fqd1oDN9PsfrFCD
B1c=
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:10:22 2025 by rpki-client