Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a1a95b-4be9-497e-bdf7-7ece7d073651/1/9LtCAwdvQTxrsgjAgJBXTY-dexQ.roa
File: 9LtCAwdvQTxrsgjAgJBXTY-dexQ.roa (raw, json)
Hash identifier: YbPa7xrFRquA6rkXPn/4oW9xs5SCR/ZWuuJuhONwhvc=
Subject key identifier: F4:BB:42:03:07:6F:41:3C:6B:B2:08:C0:80:90:57:4D:8F:9D:7B:14
Certificate issuer: /CN=1f97599f63d787c65b2ef9ff70dd636527404466
Certificate serial: 01947402782C981D710C1FEC24EA4E7E3D97
Authority key identifier: 1F:97:59:9F:63:D7:87:C6:5B:2E:F9:FF:70:DD:63:65:27:40:44:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H5dZn2PXh8ZbLvn_cN1jZSdARGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1a95b-4be9-497e-bdf7-7ece7d073651/1/9LtCAwdvQTxrsgjAgJBXTY-dexQ.roa
Signing time: Fri 17 Jan 2025 11:25:06 +0000
ROA not before: Fri 17 Jan 2025 11:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 185.29.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:02:78:2c:98:1d:71:0c:1f:ec:24:ea:4e:7e:3d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f97599f63d787c65b2ef9ff70dd636527404466
Validity
Not Before: Jan 17 11:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4bb4203076f413c6bb208c08090574d8f9d7b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:25:32:88:cb:16:53:d9:63:33:24:54:f6:
cd:01:16:ae:09:d5:cd:df:f4:09:a7:99:c0:c0:96:
d0:3c:d1:6b:14:96:a7:d8:c0:50:a5:37:94:46:00:
0b:36:d1:55:e5:8e:5a:e1:5a:6b:24:80:ba:c0:97:
85:f3:c4:88:b7:7b:77:31:92:b7:ed:fd:f7:e4:ce:
bf:60:cd:98:e7:c2:e5:47:e1:39:cc:b0:ce:c0:e2:
b3:8b:c3:38:d5:fd:d4:79:c4:2f:16:a8:04:ef:ef:
5f:10:22:31:85:3f:fa:93:67:ef:67:66:35:9b:27:
af:a0:81:25:37:57:1f:3f:07:17:6b:1a:c6:17:17:
8b:24:56:88:5e:ba:d4:51:4c:ee:6d:77:88:b0:ca:
47:3f:34:a1:f4:1f:43:4e:ed:b3:bc:99:5a:f5:c0:
b6:cb:2a:23:a4:db:d3:84:77:10:39:83:d6:07:fa:
d4:1d:a8:a9:f3:e6:2c:92:e1:3a:61:d7:8c:c9:cc:
ef:70:74:42:8a:db:be:79:8c:0c:5c:99:83:2b:df:
c5:1e:45:bc:67:1b:19:f5:5f:d6:bf:07:59:b1:7f:
19:01:25:a8:f5:42:7e:d0:05:12:b9:4e:0a:98:2d:
dc:10:de:3a:ed:b2:b4:e6:04:b7:38:e0:57:cc:fc:
8f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BB:42:03:07:6F:41:3C:6B:B2:08:C0:80:90:57:4D:8F:9D:7B:14
X509v3 Authority Key Identifier:
keyid:1F:97:59:9F:63:D7:87:C6:5B:2E:F9:FF:70:DD:63:65:27:40:44:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H5dZn2PXh8ZbLvn_cN1jZSdARGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1a95b-4be9-497e-bdf7-7ece7d073651/1/9LtCAwdvQTxrsgjAgJBXTY-dexQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1a95b-4be9-497e-bdf7-7ece7d073651/1/H5dZn2PXh8ZbLvn_cN1jZSdARGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.96.0/22
Signature Algorithm: sha256WithRSAEncryption
19:be:11:38:e3:7e:14:ac:3f:4f:43:c8:80:1d:5f:14:2d:a5:
2f:bc:a2:93:8b:66:aa:b5:4c:d8:a9:6e:bb:e7:c4:7a:a8:6d:
70:e3:c8:9a:2a:83:60:71:5b:34:93:39:93:e0:e4:46:e6:60:
01:e4:f5:4a:23:eb:16:2e:2d:3c:38:2b:41:f2:61:b8:56:1b:
d9:9a:19:9f:48:5f:c2:cb:c0:f7:1a:61:ae:35:f2:b2:ed:12:
4b:72:45:f9:af:14:0e:cd:61:51:37:ad:e5:f5:9e:56:ff:dd:
00:55:4b:c3:aa:fa:16:e6:51:f8:90:b9:4b:13:dc:b5:25:1b:
0b:35:9a:75:f6:c5:2f:f9:8d:f0:af:39:a7:e8:27:af:5c:f3:
24:39:30:b1:fd:aa:b8:01:07:6f:5b:29:46:0d:5c:6c:0a:76:
e5:bc:51:45:ed:76:31:0a:1f:39:8d:f3:08:e5:f1:c8:e4:f7:
2f:11:9c:fd:e5:2d:df:c3:4b:83:45:5d:f6:b4:24:0b:0c:8b:
8b:13:75:28:5b:de:29:67:56:1b:c2:5e:57:b0:ac:45:ef:6e:
5d:15:eb:00:a7:81:dc:b4:ab:54:dc:9b:56:ca:6e:96:5c:55:
1d:24:9e:f0:8b:e7:3e:71:d9:ec:46:b8:7e:9a:72:34:62:3a:
6b:29:a1:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR0AngsmB1xDB/sJOpOfj2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOTc1OTlmNjNkNzg3YzY1YjJlZjlmZjcwZGQ2MzY1Mjc0
MDQ0NjYwHhcNMjUwMTE3MTEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJiNDIwMzA3NmY0MTNjNmJiMjA4YzA4MDkwNTc0ZDhmOWQ3YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmIlMojLFlPZYzMkVPbNARauCdXN
3/QJp5nAwJbQPNFrFJan2MBQpTeURgALNtFV5Y5a4VprJIC6wJeF88SIt3t3MZK3
7f335M6/YM2Y58LlR+E5zLDOwOKzi8M41f3UecQvFqgE7+9fECIxhT/6k2fvZ2Y1
myevoIElN1cfPwcXaxrGFxeLJFaIXrrUUUzubXeIsMpHPzSh9B9DTu2zvJla9cC2
yyojpNvThHcQOYPWB/rUHaip8+YskuE6YdeMyczvcHRCitu+eYwMXJmDK9/FHkW8
ZxsZ9V/WvwdZsX8ZASWo9UJ+0AUSuU4KmC3cEN467bK05gS3OOBXzPyPEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPS7QgMHb0E8a7IIwICQV02PnXsUMB8GA1UdIwQY
MBaAFB+XWZ9j14fGWy75/3DdY2UnQERmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDVkWm4yUFhoOFpiTHZuX2NOMWpaU2RBUkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMWE5NWItNGJlOS00OTdlLWJkZjct
N2VjZTdkMDczNjUxLzEvOUx0Q0F3ZHZRVHhyc2dqQWdKQlhUWS1kZXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMWE5NWItNGJlOS00OTdlLWJkZjctN2VjZTdkMDczNjUx
LzEvSDVkWm4yUFhoOFpiTHZuX2NOMWpaU2RBUkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR1gMA0G
CSqGSIb3DQEBCwUAA4IBAQAZvhE4434UrD9PQ8iAHV8ULaUvvKKTi2aqtUzYqW67
58R6qG1w48iaKoNgcVs0kzmT4ORG5mAB5PVKI+sWLi08OCtB8mG4VhvZmhmfSF/C
y8D3GmGuNfKy7RJLckX5rxQOzWFRN63l9Z5W/90AVUvDqvoW5lH4kLlLE9y1JRsL
NZp19sUv+Y3wrzmn6CevXPMkOTCx/aq4AQdvWylGDVxsCnblvFFF7XYxCh85jfMI
5fHI5PcvEZz95S3fw0uDRV32tCQLDIuLE3UoW94pZ1Ybwl5XsKxF725dFesAp4Hc
tKtU3JtWym6WXFUdJJ7wi+c+cdnsRrh+mnI0YjprKaGa
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:52 2025 by rpki-client