Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/9NO523lo7K8pC7alW8Eg8Yil46g.roa
File: 9NO523lo7K8pC7alW8Eg8Yil46g.roa (raw, json)
Hash identifier: evPaWqLsHopYprwjO/kmkAgfo6ejRTRhZSHlNUFLGK0=
Subject key identifier: F4:D3:B9:DB:79:68:EC:AF:29:0B:B6:A5:5B:C1:20:F1:88:A5:E3:A8
Certificate issuer: /CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Certificate serial: 018859F936E0595EBF4C95819C3769C207AD
Authority key identifier: 09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/9NO523lo7K8pC7alW8Eg8Yil46g.roa
Signing time: Fri 26 May 2023 21:31:24 +0000
ROA not before: Fri 26 May 2023 21:31:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 185.150.19.0/24 maxlen: 24
185.150.18.0/24 maxlen: 24
2a0e:d480::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:59:f9:36:e0:59:5e:bf:4c:95:81:9c:37:69:c2:07:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Validity
Not Before: May 26 21:31:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d3b9db7968ecaf290bb6a55bc120f188a5e3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bc:6a:90:93:89:ba:15:08:d3:48:bd:1a:61:
92:97:76:f3:ef:d6:2c:4f:07:45:49:b6:c4:bc:6e:
9a:42:d0:51:84:74:f6:a6:da:3c:0a:41:ea:03:3d:
50:f4:0a:30:07:98:4e:38:d7:f1:20:03:db:a2:ca:
3d:4c:ba:fb:91:59:fa:99:df:da:2d:bf:f4:70:c0:
c5:63:c6:6d:31:9b:90:df:d1:c8:36:ed:18:c1:a8:
b8:2b:84:cc:81:5a:36:22:0e:16:dc:7c:0c:4e:bc:
d4:6f:d7:03:db:46:7e:0f:d3:1f:f8:67:2b:00:5b:
75:7d:9a:6f:10:46:64:ad:f7:d3:b3:18:ab:9a:e2:
f3:6a:9f:2a:d6:85:98:28:f8:07:09:b9:18:13:eb:
dc:4c:7a:eb:ab:6d:63:78:fb:50:f4:d1:e0:f0:1a:
97:b8:65:a2:1a:ca:69:33:20:56:04:1a:22:c4:00:
ab:9a:cd:61:8b:26:2a:e0:76:7d:cb:07:87:c6:7f:
16:63:d6:8d:5c:03:ce:f3:19:ab:f9:a0:d7:4b:45:
51:f2:58:d8:37:a3:7b:cb:94:87:2b:6c:bc:c6:f7:
52:0c:fb:fe:95:a2:be:e9:c2:84:aa:6a:d0:0d:48:
40:a6:85:a1:28:7d:45:79:da:54:bb:2a:06:b9:43:
19:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D3:B9:DB:79:68:EC:AF:29:0B:B6:A5:5B:C1:20:F1:88:A5:E3:A8
X509v3 Authority Key Identifier:
keyid:09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/9NO523lo7K8pC7alW8Eg8Yil46g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/CbnTdFC2KuPxROtCrFLOJDtiino.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.18.0/23
IPv6:
2a0e:d480::/40
Signature Algorithm: sha256WithRSAEncryption
72:48:d9:93:2d:42:fd:f1:54:3e:ad:b2:9d:eb:3d:07:c4:6a:
62:56:66:07:a2:de:ab:5e:e4:f3:2c:c5:67:ce:9f:9a:16:0f:
d9:aa:35:2e:b6:59:85:28:85:45:b3:29:ea:bf:61:db:e7:1b:
3f:eb:48:c5:d9:4d:a5:19:bd:c2:e5:f5:37:91:5f:0e:0c:65:
c6:ae:50:37:54:38:81:28:8d:15:85:13:29:a3:dc:49:0e:25:
9c:e5:d9:81:fb:8e:7d:56:75:be:ac:ed:4e:6f:03:26:31:3c:
cb:42:90:69:16:27:06:78:1a:d6:d6:f9:6c:3e:1e:d1:bf:c6:
4f:c2:f2:d7:44:3f:c9:59:fc:23:5e:63:78:53:38:1b:c2:11:
b7:8a:f8:7b:32:a2:df:26:83:54:aa:a1:c3:f0:0e:33:69:63:
6c:52:d0:0a:68:fe:cb:b6:a6:7d:34:d7:e4:5e:3b:6a:20:f6:
07:c2:17:a6:11:f0:4e:12:ee:f7:0d:98:53:23:53:47:88:d5:
91:29:c5:0f:ea:a7:13:82:fa:30:25:a6:ac:80:75:c1:16:5c:
9c:d7:cf:70:ca:7a:63:31:34:9f:3d:28:e6:4c:93:0d:e0:04:
69:20:f6:76:7c:87:e7:56:1e:c3:c3:29:ec:21:84:81:34:8c:
d8:8d:82:cc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYhZ+TbgWV6/TJWBnDdpwgetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjlkMzc0NTBiNjJhZTNmMTQ0ZWI0MmFjNTJjZTI0M2I2
MjhhN2EwHhcNMjMwNTI2MjEzMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQzYjlkYjc5NjhlY2FmMjkwYmI2YTU1YmMxMjBmMTg4YTVlM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7xqkJOJuhUI00i9GmGSl3bz79Ys
TwdFSbbEvG6aQtBRhHT2pto8CkHqAz1Q9AowB5hOONfxIAPboso9TLr7kVn6md/a
Lb/0cMDFY8ZtMZuQ39HINu0Ywai4K4TMgVo2Ig4W3HwMTrzUb9cD20Z+D9Mf+Gcr
AFt1fZpvEEZkrffTsxirmuLzap8q1oWYKPgHCbkYE+vcTHrrq21jePtQ9NHg8BqX
uGWiGsppMyBWBBoixACrms1hiyYq4HZ9yweHxn8WY9aNXAPO8xmr+aDXS0VR8ljY
N6N7y5SHK2y8xvdSDPv+laK+6cKEqmrQDUhApoWhKH1FedpUuyoGuUMZPQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPTTudt5aOyvKQu2pVvBIPGIpeOoMB8GA1UdIwQY
MBaAFAm503RQtirj8UTrQqxSziQ7Yop6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUt
M2ZiZmI5NGQ5MTAwLzEvOU5PNTIzbG83SzhwQzdhbFc4RWc4WWlsNDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUtM2ZiZmI5NGQ5MTAw
LzEvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuZYSMA4E
AgACMAgDBgAqDtSAADANBgkqhkiG9w0BAQsFAAOCAQEAckjZky1C/fFUPq2ynes9
B8RqYlZmB6Leq17k8yzFZ86fmhYP2ao1LrZZhSiFRbMp6r9h2+cbP+tIxdlNpRm9
wuX1N5FfDgxlxq5QN1Q4gSiNFYUTKaPcSQ4lnOXZgfuOfVZ1vqztTm8DJjE8y0KQ
aRYnBnga1tb5bD4e0b/GT8Ly10Q/yVn8I15jeFM4G8IRt4r4ezKi3yaDVKqhw/AO
M2ljbFLQCmj+y7amfTTX5F47aiD2B8IXphHwThLu9w2YUyNTR4jVkSnFD+qnE4L6
MCWmrIB1wRZcnNfPcMp6YzE0nz0o5kyTDeAEaSD2dnyH51Yew8Mp7CGEgTSM2I2C
zA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:44 2025 by rpki-client