Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/9Xk925SUUXfLnbw9FBp9N3qLdfo.roa
File: 9Xk925SUUXfLnbw9FBp9N3qLdfo.roa (raw, json)
Hash identifier: Ly02I9+k8vuMGWxnQ136VFvx8sd3hejXT82bKGKV7BM=
Subject key identifier: F5:79:3D:DB:94:94:51:77:CB:9D:BC:3D:14:1A:7D:37:7A:8B:75:FA
Certificate issuer: /CN=897da6001b12383068fe71a30f8cf285c66830fe
Certificate serial: 01941FFA60FF3C971F2C67F912248EDDF2F1
Authority key identifier: 89:7D:A6:00:1B:12:38:30:68:FE:71:A3:0F:8C:F2:85:C6:68:30:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iX2mABsSODBo_nGjD4zyhcZoMP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/9Xk925SUUXfLnbw9FBp9N3qLdfo.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.236.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:ff:3c:97:1f:2c:67:f9:12:24:8e:dd:f2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=897da6001b12383068fe71a30f8cf285c66830fe
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5793ddb94945177cb9dbc3d141a7d377a8b75fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:10:67:0a:b6:ab:b8:61:33:dd:fc:20:d8:
39:7e:91:39:fb:0f:28:27:0c:1c:17:3e:d6:78:85:
64:c4:3c:ba:26:2f:c2:e5:31:07:7d:77:0d:f4:f1:
a4:db:8c:60:b8:91:f3:8e:89:c8:b5:e9:d3:9b:2d:
70:36:58:39:ee:f8:29:ee:50:46:84:bc:e8:11:ba:
d5:61:91:7d:d3:85:79:36:01:fe:28:38:2e:67:60:
13:cb:c4:d5:69:be:a0:1a:f7:88:1b:ab:cd:97:86:
3c:fb:4b:40:41:3c:26:d6:6e:1b:e1:3e:08:60:f6:
85:d5:a4:f5:00:d0:41:d1:0b:61:81:22:76:72:b7:
f6:43:ee:95:f5:86:36:2b:eb:e3:38:ac:ca:18:a8:
da:1f:da:61:d7:e0:ba:a9:a0:27:06:31:16:48:bb:
d6:5a:e0:44:b4:4a:d4:40:3c:09:b1:e5:ea:1a:1e:
5a:28:af:44:a8:7e:cb:2d:47:b7:58:c6:cf:bd:e4:
e8:37:b7:c5:e8:6e:63:50:b4:91:d8:59:b1:09:a6:
d5:1b:ed:4d:7e:d8:aa:a9:43:ad:35:6e:0e:ac:9e:
e5:a4:49:9f:37:e7:9f:45:8b:bc:b9:1e:a3:07:3d:
5d:5f:34:1e:3b:ba:90:a7:5c:ec:e5:ee:f9:7c:38:
4a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:79:3D:DB:94:94:51:77:CB:9D:BC:3D:14:1A:7D:37:7A:8B:75:FA
X509v3 Authority Key Identifier:
keyid:89:7D:A6:00:1B:12:38:30:68:FE:71:A3:0F:8C:F2:85:C6:68:30:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX2mABsSODBo_nGjD4zyhcZoMP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/9Xk925SUUXfLnbw9FBp9N3qLdfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/iX2mABsSODBo_nGjD4zyhcZoMP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.221.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:1a:a3:18:40:86:64:22:bd:51:fd:08:e3:14:64:67:f3:e9:
4d:2e:03:48:8a:da:33:8e:ad:95:4a:e5:12:44:66:e3:0b:09:
f4:53:de:ce:c5:70:e1:99:5d:55:d0:27:af:36:4c:fd:2e:09:
e4:44:10:06:65:e8:2b:ed:89:5d:b8:4d:76:a8:c2:30:66:ed:
4f:27:31:be:98:ba:14:15:73:c9:8f:48:5d:00:80:1a:69:67:
81:08:95:3c:10:f2:52:c4:99:96:a6:1a:9d:da:76:42:02:2b:
93:9b:16:0c:14:b9:47:4a:6e:96:f5:1f:76:2c:8d:73:4b:d4:
f0:0e:49:56:6e:c8:f7:5b:1c:48:89:26:98:7f:81:1c:d1:f2:
fb:8f:b8:13:d5:38:af:ce:29:40:47:51:d1:29:ff:11:4b:81:
90:56:ab:bb:50:64:f2:67:44:32:95:55:ff:66:2c:7d:8f:c2:
42:56:38:1e:49:82:6a:42:3a:ca:e1:36:c5:0c:e8:f8:72:e2:
2d:a0:a5:83:15:37:ea:5d:c4:5d:b0:6b:b4:26:b9:9b:6c:59:
a4:ba:26:a3:72:5c:a7:a9:51:2a:44:95:69:c1:8e:03:15:9f:
a7:8c:05:9c:e4:8f:fb:64:8e:9d:5e:b0:c9:b2:a6:4a:a7:8a:
e7:c3:f1:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mD/PJcfLGf5EiSO3fLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2RhNjAwMWIxMjM4MzA2OGZlNzFhMzBmOGNmMjg1YzY2
ODMwZmUwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc5M2RkYjk0OTQ1MTc3Y2I5ZGJjM2QxNDFhN2QzNzdhOGI3NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDIQZwq2q7hhM938INg5fpE5+w8o
JwwcFz7WeIVkxDy6Ji/C5TEHfXcN9PGk24xguJHzjonItenTmy1wNlg57vgp7lBG
hLzoEbrVYZF904V5NgH+KDguZ2ATy8TVab6gGveIG6vNl4Y8+0tAQTwm1m4b4T4I
YPaF1aT1ANBB0QthgSJ2crf2Q+6V9YY2K+vjOKzKGKjaH9ph1+C6qaAnBjEWSLvW
WuBEtErUQDwJseXqGh5aKK9EqH7LLUe3WMbPveToN7fF6G5jULSR2FmxCabVG+1N
ftiqqUOtNW4OrJ7lpEmfN+efRYu8uR6jBz1dXzQeO7qQp1zs5e75fDhK/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPV5PduUlFF3y528PRQafTd6i3X6MB8GA1UdIwQY
MBaAFIl9pgAbEjgwaP5xow+M8oXGaDD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVgybUFCc1NPREJvX25HakQ0enloY1pvTVA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NmRlYzgtNzcyMC00ZWZjLWJkMzkt
ODRmYWFmMTA1YTk3LzEvOVhrOTI1U1VVWGZMbmJ3OUZCcDlOM3FMZGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NmRlYzgtNzcyMC00ZWZjLWJkMzktODRmYWFmMTA1YTk3
LzEvaVgybUFCc1NPREJvX25HakQ0enloY1pvTVA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuezdMA0G
CSqGSIb3DQEBCwUAA4IBAQDUGqMYQIZkIr1R/QjjFGRn8+lNLgNIitozjq2VSuUS
RGbjCwn0U97OxXDhmV1V0CevNkz9LgnkRBAGZegr7YlduE12qMIwZu1PJzG+mLoU
FXPJj0hdAIAaaWeBCJU8EPJSxJmWphqd2nZCAiuTmxYMFLlHSm6W9R92LI1zS9Tw
DklWbsj3WxxIiSaYf4Ec0fL7j7gT1TivzilAR1HRKf8RS4GQVqu7UGTyZ0QylVX/
Zix9j8JCVjgeSYJqQjrK4TbFDOj4cuItoKWDFTfqXcRdsGu0JrmbbFmkuiajclyn
qVEqRJVpwY4DFZ+njAWc5I/7ZI6dXrDJsqZKp4rnw/Fz
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:12 2025 by rpki-client