Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/J9w6s9UYitKDtFNbH2R4wwTWW5M.roa
File: J9w6s9UYitKDtFNbH2R4wwTWW5M.roa (raw, json)
Hash identifier: exsjpKHS6Ms5mb6MfDtLFXpHkNlOMLDkTaRdaYDCdu0=
Subject key identifier: 27:DC:3A:B3:D5:18:8A:D2:83:B4:53:5B:1F:64:78:C3:04:D6:5B:93
Certificate issuer: /CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Certificate serial: 018CC26CFE5ABEC3282C0021FD303515DDE3
Authority key identifier: FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/J9w6s9UYitKDtFNbH2R4wwTWW5M.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203690
IP address blocks: 185.184.10.0/24 maxlen: 24
2a0b:2180:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fe:5a:be:c3:28:2c:00:21:fd:30:35:15:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27dc3ab3d5188ad283b4535b1f6478c304d65b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:42:6d:6b:d8:bf:47:c2:79:84:cf:34:62:4d:
9f:95:6e:ab:32:be:1c:21:56:e2:26:64:03:a1:d4:
ea:f2:06:09:1f:5d:b5:16:96:03:5b:08:a9:31:54:
1d:4b:d1:63:52:94:4d:9b:53:3f:40:ae:66:ed:93:
2f:c5:52:83:e0:2a:39:2f:df:e0:4e:6c:81:18:4d:
85:40:a0:65:85:48:0c:ab:14:f8:26:fd:72:33:d3:
5e:16:a7:00:5d:44:61:c6:61:82:01:b4:53:ae:cb:
7e:7d:f6:cb:76:e3:45:5e:80:f6:b1:b8:82:84:a4:
6e:c8:73:90:ca:39:44:8a:43:be:95:ee:d1:72:52:
af:73:b2:96:17:e8:6d:20:c2:ef:38:b8:42:22:3d:
5e:66:e7:99:60:19:b8:c5:5d:b8:e7:57:3f:66:2d:
bc:d5:73:67:23:e1:56:25:30:f0:d5:28:bc:82:ab:
fb:48:a6:15:64:6d:0f:fc:e7:81:ad:b8:9b:64:be:
0b:f5:ea:f4:09:f7:7b:82:f4:6b:fb:ed:90:e0:d2:
4f:5b:02:47:d5:72:23:31:d7:8b:b4:d2:5f:fd:a0:
d3:c4:aa:16:9b:bb:f6:4a:d0:8f:7c:2b:8b:e2:01:
2a:bb:d3:68:78:2d:94:4f:7b:d8:8b:bc:9d:db:a4:
29:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DC:3A:B3:D5:18:8A:D2:83:B4:53:5B:1F:64:78:C3:04:D6:5B:93
X509v3 Authority Key Identifier:
keyid:FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/J9w6s9UYitKDtFNbH2R4wwTWW5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/_4Nu2M0puBuEIaHauSCQXi7XYYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.10.0/24
IPv6:
2a0b:2180:2::/48
Signature Algorithm: sha256WithRSAEncryption
1d:f1:0e:95:c5:5f:c7:25:33:12:fd:7a:7e:e3:f4:af:d1:69:
df:c8:59:98:74:53:31:92:24:f0:7f:fe:4f:26:15:f4:36:a3:
70:f6:15:28:10:23:78:32:cf:78:c2:72:4d:67:b7:5c:32:57:
63:0f:15:f2:e7:e0:d4:01:b0:14:8b:89:91:01:f2:6f:7e:a9:
5c:7b:6d:24:2d:fe:7e:8d:94:dc:12:b8:50:93:67:b0:a2:a2:
47:4b:b3:a3:d9:d8:f4:65:2e:7d:cf:d4:f5:85:91:ed:61:96:
07:3c:9c:55:c8:5c:fb:e6:d4:62:74:e1:8d:91:62:54:cf:a8:
dd:76:53:cf:a2:48:e1:38:a5:9a:a3:25:41:20:20:8b:f8:47:
4b:0b:06:79:f1:9b:ce:a0:79:d2:5f:2e:53:bc:08:c5:ed:ce:
0d:65:4d:3a:54:f1:c5:f3:b6:92:a1:af:8b:ce:4a:af:dc:91:
50:ee:85:16:4b:41:e9:44:0f:ac:85:56:d6:a0:e6:d1:23:cc:
b2:ef:ef:19:ed:28:7a:f2:67:8e:36:56:a9:a5:b4:18:72:9e:
59:05:a6:61:92:3e:fa:b5:7a:b2:95:50:65:3a:64:24:54:7b:
b8:6d:22:14:5d:6b:e4:b6:3f:2c:90:df:e9:bd:bf:8b:a1:71:
f0:b6:04:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbP5avsMoLAAh/TA1Fd3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODM2ZWQ4Y2QyOWI4MWI4NDIxYTFkYWI5MjA5MDVlMmVk
NzYxODQwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2RjM2FiM2Q1MTg4YWQyODNiNDUzNWIxZjY0NzhjMzA0ZDY1YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkJta9i/R8J5hM80Yk2flW6rMr4c
IVbiJmQDodTq8gYJH121FpYDWwipMVQdS9FjUpRNm1M/QK5m7ZMvxVKD4Co5L9/g
TmyBGE2FQKBlhUgMqxT4Jv1yM9NeFqcAXURhxmGCAbRTrst+ffbLduNFXoD2sbiC
hKRuyHOQyjlEikO+le7RclKvc7KWF+htIMLvOLhCIj1eZueZYBm4xV2451c/Zi28
1XNnI+FWJTDw1Si8gqv7SKYVZG0P/OeBrbibZL4L9er0Cfd7gvRr++2Q4NJPWwJH
1XIjMdeLtNJf/aDTxKoWm7v2StCPfCuL4gEqu9NoeC2UT3vYi7yd26Qp2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCfcOrPVGIrSg7RTWx9keMME1luTMB8GA1UdIwQY
MBaAFP+DbtjNKbgbhCGh2rkgkF4u12GEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzROdTJNMHB1QnVFSWFIYXVTQ1FYaTdYWVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81N2Q1ODEtMzk5NC00ZDgzLWExYjAt
OTY4NDcwYjY1MGY0LzEvSjl3NnM5VVlpdEtEdEZOYkgyUjR3d1RXVzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81N2Q1ODEtMzk5NC00ZDgzLWExYjAtOTY4NDcwYjY1MGY0
LzEvXzROdTJNMHB1QnVFSWFIYXVTQ1FYaTdYWVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubgKMA8E
AgACMAkDBwAqCyGAAAIwDQYJKoZIhvcNAQELBQADggEBAB3xDpXFX8clMxL9en7j
9K/Rad/IWZh0UzGSJPB//k8mFfQ2o3D2FSgQI3gyz3jCck1nt1wyV2MPFfLn4NQB
sBSLiZEB8m9+qVx7bSQt/n6NlNwSuFCTZ7CiokdLs6PZ2PRlLn3P1PWFke1hlgc8
nFXIXPvm1GJ04Y2RYlTPqN12U8+iSOE4pZqjJUEgIIv4R0sLBnnxm86gedJfLlO8
CMXtzg1lTTpU8cXztpKhr4vOSq/ckVDuhRZLQelED6yFVtag5tEjzLLv7xntKHry
Z442VqmltBhynlkFpmGSPvq1erKVUGU6ZCRUe7htIhRda+S2PyyQ3+m9v4uhcfC2
BMQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:52:00 2025 by rpki-client