Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/mh9lIMJaI3H1RJqde6saqnmgfvE.roa
File: mh9lIMJaI3H1RJqde6saqnmgfvE.roa (raw, json)
Hash identifier: T7iu0Z++bA+ic9xBY/awoTn5K/2Jk9xBYmpN5iNezhs=
Subject key identifier: 9A:1F:65:20:C2:5A:23:71:F5:44:9A:9D:7B:AB:1A:AA:79:A0:7E:F1
Certificate issuer: /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial: 019426D9DDF16FE3BC7DEB77815669DD08EC
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/mh9lIMJaI3H1RJqde6saqnmgfvE.roa
Signing time: Thu 02 Jan 2025 11:49:59 +0000
ROA not before: Thu 02 Jan 2025 11:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197708
IP address blocks: 185.7.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:dd:f1:6f:e3:bc:7d:eb:77:81:56:69:dd:08:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
Validity
Not Before: Jan 2 11:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a1f6520c25a2371f5449a9d7bab1aaa79a07ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:36:9d:a0:ab:ba:71:b7:01:80:6e:9f:8f:3c:
9e:de:1d:90:9c:09:94:92:81:69:4b:6f:8e:40:53:
88:85:62:a1:d1:7f:e7:4d:09:b6:42:d0:36:3c:0c:
3c:2c:ba:4f:8a:90:c3:ae:ac:49:77:80:af:5c:cc:
21:19:9d:06:0c:1f:d4:4d:a5:60:26:db:0d:2a:eb:
7c:0b:ad:b7:19:3c:3a:a5:00:99:cc:61:89:59:7d:
cd:89:be:72:bf:9b:79:43:86:98:14:06:bc:1e:f5:
c6:9b:24:9d:ed:4b:aa:33:d6:64:1d:b2:ca:1d:c2:
17:78:e9:5d:c6:84:50:2b:b8:b2:bc:d6:4b:94:ea:
21:3b:03:bf:8a:62:6b:44:4e:3a:98:b3:9e:77:79:
ca:73:c9:f6:00:0c:6c:32:d7:67:e6:79:c2:fc:72:
9e:de:39:1f:14:78:89:58:8c:17:a8:39:f8:a1:11:
34:5f:c7:65:57:44:7f:dc:fc:ba:eb:0c:37:ec:27:
a0:ff:3d:04:45:bc:1b:5d:f9:5f:14:23:a6:56:86:
09:43:97:14:de:d9:d3:50:92:a1:bd:f3:d9:d4:23:
64:48:97:58:4a:75:22:7e:a0:b2:0f:77:e0:15:17:
0d:00:b2:79:0f:ac:79:e4:b3:b6:59:97:93:be:1d:
74:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1F:65:20:C2:5A:23:71:F5:44:9A:9D:7B:AB:1A:AA:79:A0:7E:F1
X509v3 Authority Key Identifier:
keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/mh9lIMJaI3H1RJqde6saqnmgfvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.120.0/24
Signature Algorithm: sha256WithRSAEncryption
62:15:69:8a:0e:8d:e4:ed:96:fc:e9:06:45:43:50:ea:cb:20:
b1:e2:af:ab:b8:e7:3e:32:bb:e9:f5:a7:2b:82:d1:46:b5:50:
cb:a8:42:79:88:02:fc:20:d8:77:4b:7f:6e:e1:19:a9:96:22:
5e:3b:3f:03:8d:0f:85:25:a9:be:3b:e0:78:62:2a:c8:5b:4f:
7e:6f:fd:59:29:c3:cb:83:75:93:ae:bb:1b:06:ba:db:28:51:
e1:27:4a:05:a0:2f:46:79:8d:7b:87:fe:ed:7c:b4:22:97:36:
e9:1e:89:19:12:ae:f7:20:ba:31:cf:bf:ed:63:d0:0e:c4:70:
0e:e0:7d:1e:04:4c:32:09:ad:3e:de:fd:5d:d5:9d:8f:67:31:
b0:40:87:d2:e1:12:fd:a8:de:0e:ac:bc:e3:e3:58:5b:29:10:
da:7b:c8:5b:ff:e1:46:ee:be:7b:11:84:e6:f6:e0:36:21:fd:
54:58:87:93:0d:53:36:c4:62:6a:8e:08:80:eb:e1:48:06:d3:
04:70:76:17:99:d4:62:b2:7c:6b:24:62:94:e0:63:7b:8f:dd:
ac:c3:7a:4c:9a:27:72:54:63:07:8a:4e:4f:92:67:a0:d1:e3:
b3:6b:b2:54:aa:ed:9b:f7:b4:43:68:ab:4a:9f:dc:30:57:87:
75:a8:d7:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2d3xb+O8fet3gVZp3QjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzIzMDNkMTYzOGUwNzM1MjQwNDkxYWFhOWU0MmIxODg3
YWRhY2EwHhcNMjUwMTAyMTE0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFmNjUyMGMyNWEyMzcxZjU0NDlhOWQ3YmFiMWFhYTc5YTA3ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzadoKu6cbcBgG6fjzye3h2QnAmU
koFpS2+OQFOIhWKh0X/nTQm2QtA2PAw8LLpPipDDrqxJd4CvXMwhGZ0GDB/UTaVg
JtsNKut8C623GTw6pQCZzGGJWX3Nib5yv5t5Q4aYFAa8HvXGmySd7UuqM9ZkHbLK
HcIXeOldxoRQK7iyvNZLlOohOwO/imJrRE46mLOed3nKc8n2AAxsMtdn5nnC/HKe
3jkfFHiJWIwXqDn4oRE0X8dlV0R/3Py66ww37Ceg/z0ERbwbXflfFCOmVoYJQ5cU
3tnTUJKhvfPZ1CNkSJdYSnUifqCyD3fgFRcNALJ5D6x55LO2WZeTvh10twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJofZSDCWiNx9USanXurGqp5oH7xMB8GA1UdIwQY
MBaAFBIyMD0WOOBzUkBJGqqeQrGIetrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEt
MDY0NDE0ZDAzNDBmLzEvbWg5bElNSmFJM0gxUkpxZGU2c2Fxbm1nZnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEtMDY0NDE0ZDAzNDBm
LzEvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQd4MA0G
CSqGSIb3DQEBCwUAA4IBAQBiFWmKDo3k7Zb86QZFQ1DqyyCx4q+ruOc+Mrvp9acr
gtFGtVDLqEJ5iAL8INh3S39u4RmpliJeOz8DjQ+FJam+O+B4YirIW09+b/1ZKcPL
g3WTrrsbBrrbKFHhJ0oFoC9GeY17h/7tfLQilzbpHokZEq73ILoxz7/tY9AOxHAO
4H0eBEwyCa0+3v1d1Z2PZzGwQIfS4RL9qN4OrLzj41hbKRDae8hb/+FG7r57EYTm
9uA2If1UWIeTDVM2xGJqjgiA6+FIBtMEcHYXmdRisnxrJGKU4GN7j92sw3pMmidy
VGMHik5Pkmeg0eOza7JUqu2b97RDaKtKn9wwV4d1qNci
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:01:37 2025 by rpki-client