Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/vu9IAJt24uuudFq1L45gSr4qxhA.roa
File: vu9IAJt24uuudFq1L45gSr4qxhA.roa (raw, json)
Hash identifier: z2mvqTvyv0CqmD+m6UPio14kPg0yixASCzMGa5BFjGM=
Subject key identifier: BE:EF:48:00:9B:76:E2:EB:AE:74:5A:B5:2F:8E:60:4A:BE:2A:C6:10
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01959420C300F74EBB68C099782F1579CB71
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/vu9IAJt24uuudFq1L45gSr4qxhA.roa
Signing time: Fri 14 Mar 2025 10:08:49 +0000
ROA not before: Fri 14 Mar 2025 10:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209604
IP address blocks: 188.132.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:20:c3:00:f7:4e:bb:68:c0:99:78:2f:15:79:cb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 14 10:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beef48009b76e2ebae745ab52f8e604abe2ac610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:62:96:88:e3:28:12:63:fb:5c:b1:66:58:1f:
1b:5c:2c:b5:b4:b4:60:61:b5:2d:b4:ad:8a:4d:48:
19:61:0d:8c:4e:52:37:cd:e9:a9:c2:c8:66:3b:4a:
d3:48:49:b2:cd:f6:7d:da:0a:cf:55:77:54:d4:e7:
e7:57:2a:cc:96:ce:fd:67:ec:3f:0c:79:40:5c:d6:
09:3d:c7:46:82:0a:50:78:dc:22:d1:c3:2f:d0:d1:
be:e5:cc:cc:df:e0:9d:48:26:54:98:1d:36:cb:b2:
dc:29:31:b6:17:f7:62:b4:5e:fd:12:4d:dd:84:3a:
4b:51:de:f0:e2:d5:c1:6f:5f:5e:1e:c5:0f:d5:ac:
8b:a9:08:30:a6:72:28:5c:c4:f6:aa:63:c7:a7:1f:
10:f0:c6:c5:f4:00:ae:99:44:53:17:72:2b:f1:21:
1e:50:d3:4a:09:bc:d7:5e:c6:23:3d:97:3a:5d:c3:
c5:85:7f:d4:32:d9:a4:b0:2b:b4:58:0c:f7:1e:a5:
58:be:fd:18:24:8d:36:52:c8:3c:2f:fe:43:89:a5:
c6:58:90:d9:32:64:6e:fa:d8:46:a9:f8:ce:02:55:
8d:96:38:67:09:54:23:1c:24:63:a5:f6:5f:09:40:
6f:a5:8d:10:42:b4:65:29:c6:5b:23:0c:46:c0:3b:
34:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EF:48:00:9B:76:E2:EB:AE:74:5A:B5:2F:8E:60:4A:BE:2A:C6:10
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/vu9IAJt24uuudFq1L45gSr4qxhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.209.0/24
Signature Algorithm: sha256WithRSAEncryption
85:d1:79:f1:83:e9:ce:96:44:d1:f6:9b:a7:88:9a:02:0c:97:
5f:e7:c6:13:6a:7e:b5:7d:39:de:6a:82:3a:61:7a:6a:1d:a1:
ca:fd:2b:d3:bd:c3:e9:30:b5:f6:02:d9:d2:41:22:47:ee:3d:
0b:e4:75:c4:38:fb:50:1a:48:b1:b4:11:af:2a:fa:6a:b5:f1:
70:7a:5e:d6:95:d1:b5:45:f5:47:27:62:4a:c1:87:91:48:4f:
b3:b8:a0:77:e1:26:fe:14:f4:0a:5f:b8:a2:85:97:bf:10:b2:
85:f6:e5:97:f8:67:d4:22:17:24:2d:c2:48:09:c4:58:61:a8:
9c:d0:66:76:4f:df:43:d8:d2:79:bb:d2:54:03:f8:4b:20:1f:
c1:8f:63:c3:4e:a3:36:d0:66:39:48:dc:dd:1e:16:55:13:3b:
7a:8f:e2:65:bd:7e:cf:68:58:4b:93:be:02:34:3f:ff:2d:46:
05:b7:e6:d6:30:ff:9b:8a:63:e6:12:de:46:19:64:e3:3a:20:
84:0f:f0:61:b4:e2:95:2a:00:d0:fc:b0:bb:06:14:58:94:6c:
3a:c3:d9:16:28:35:d1:0e:4d:c6:25:53:df:d5:5a:fa:13:5a:
04:04:33:5e:20:42:1b:28:8c:55:a7:b1:69:59:6c:58:f0:96:
cf:f0:09:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWUIMMA9067aMCZeC8VectxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzE0MTAwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVmNDgwMDliNzZlMmViYWU3NDVhYjUyZjhlNjA0YWJlMmFjNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+mKWiOMoEmP7XLFmWB8bXCy1tLRg
YbUttK2KTUgZYQ2MTlI3zempwshmO0rTSEmyzfZ92grPVXdU1OfnVyrMls79Z+w/
DHlAXNYJPcdGggpQeNwi0cMv0NG+5czM3+CdSCZUmB02y7LcKTG2F/ditF79Ek3d
hDpLUd7w4tXBb19eHsUP1ayLqQgwpnIoXMT2qmPHpx8Q8MbF9ACumURTF3Ir8SEe
UNNKCbzXXsYjPZc6XcPFhX/UMtmksCu0WAz3HqVYvv0YJI02Usg8L/5DiaXGWJDZ
MmRu+thGqfjOAlWNljhnCVQjHCRjpfZfCUBvpY0QQrRlKcZbIwxGwDs0pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7vSACbduLrrnRatS+OYEq+KsYQMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvdnU5SUFKdDI0dXV1ZEZxMUw0NWdTcjRxeGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITRMA0G
CSqGSIb3DQEBCwUAA4IBAQCF0Xnxg+nOlkTR9puniJoCDJdf58YTan61fTneaoI6
YXpqHaHK/SvTvcPpMLX2AtnSQSJH7j0L5HXEOPtQGkixtBGvKvpqtfFwel7WldG1
RfVHJ2JKwYeRSE+zuKB34Sb+FPQKX7iihZe/ELKF9uWX+GfUIhckLcJICcRYYaic
0GZ2T99D2NJ5u9JUA/hLIB/Bj2PDTqM20GY5SNzdHhZVEzt6j+JlvX7PaFhLk74C
ND//LUYFt+bWMP+bimPmEt5GGWTjOiCED/BhtOKVKgDQ/LC7BhRYlGw6w9kWKDXR
Dk3GJVPf1Vr6E1oEBDNeIEIbKIxVp7FpWWxY8JbP8Ake
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:44:08 2025 by rpki-client