Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9WKsimr4vOF_rpwncL6ruOF18YY.roa
File: 9WKsimr4vOF_rpwncL6ruOF18YY.roa (raw, json)
Hash identifier: xH/VPFrvixhNlhTD8hrquKiIRK1N1S8LQ39X4kWgDbU=
Subject key identifier: F5:62:AC:8A:6A:F8:BC:E1:7F:AE:9C:27:70:BE:AB:B8:E1:75:F1:86
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 01944BB3C146D97DFFAA872186F449C8B484
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9WKsimr4vOF_rpwncL6ruOF18YY.roa
Signing time: Thu 09 Jan 2025 15:34:19 +0000
ROA not before: Thu 09 Jan 2025 15:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55207
IP address blocks: 185.186.8.0/24 maxlen: 24
2a0b:6b86::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:b3:c1:46:d9:7d:ff:aa:87:21:86:f4:49:c8:b4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 9 15:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f562ac8a6af8bce17fae9c2770beabb8e175f186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:db:ab:3b:33:9b:03:1a:80:f3:d5:0c:92:
83:56:69:40:72:21:3a:e3:77:44:84:b4:81:48:2f:
22:e4:ac:92:de:3d:1c:f8:ee:7b:2e:6e:ca:53:bc:
0f:df:09:f2:d6:07:11:c4:63:00:76:e1:94:e7:a4:
22:6a:2b:53:62:d8:24:7b:58:ff:a5:ce:0e:dd:32:
c2:af:74:c1:e2:a3:2c:41:8b:55:af:89:5a:46:b8:
3d:2e:26:78:ab:0c:55:71:ee:f6:3e:a9:cd:31:c2:
7d:0f:c5:1f:3a:78:7a:e9:c3:02:f0:1c:36:9e:3c:
a8:eb:75:b1:cf:b7:94:7c:c8:29:ec:59:af:ec:f5:
76:b7:90:07:2a:00:ec:12:ca:5f:be:1a:2a:84:71:
56:c2:84:14:4f:17:81:b1:43:02:ab:78:0a:a0:6d:
51:3a:c5:9b:a8:8f:30:44:eb:82:45:73:c5:4b:ec:
45:40:be:14:0e:03:0e:d6:2f:40:1e:3a:ee:b6:93:
ac:b3:e4:fc:55:f1:2e:fc:dc:02:0a:e7:bc:25:31:
d5:ca:cd:cb:d6:30:72:83:4e:24:c5:9a:c3:91:37:
09:de:b8:33:cb:89:c8:0d:e4:d9:45:5c:2e:79:74:
ec:a9:ae:5d:2b:39:c2:2a:a1:61:1e:0d:62:cf:64:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:62:AC:8A:6A:F8:BC:E1:7F:AE:9C:27:70:BE:AB:B8:E1:75:F1:86
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/9WKsimr4vOF_rpwncL6ruOF18YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
IPv6:
2a0b:6b86::/48
Signature Algorithm: sha256WithRSAEncryption
af:a1:f4:8b:8d:4f:cb:25:ce:4b:5f:c1:42:6a:f8:74:44:d9:
fe:8c:84:de:db:bb:69:19:6e:d0:d9:36:3f:6a:55:72:bd:d2:
04:1f:43:5c:3b:73:97:20:b9:70:b0:23:05:d0:34:4f:2e:72:
6d:12:21:fb:74:19:b2:f8:43:92:c1:47:74:cc:90:f9:2c:5f:
cd:3f:be:99:f0:0a:a4:14:e2:2d:26:bb:a2:b2:b4:79:4e:61:
2b:dc:a6:f7:b4:8f:9a:7f:7f:bb:1c:9a:7a:25:da:fa:1b:a2:
40:13:e8:82:69:ad:f3:4f:2c:9b:82:0c:5c:68:94:a5:64:b2:
9a:6a:1a:15:43:39:65:c7:9f:fa:1a:a5:92:e3:f0:82:59:67:
d6:74:70:b4:84:3c:53:2f:c8:06:65:f7:33:49:1a:ee:0d:67:
a4:d8:0b:31:c3:51:1d:fa:0f:c8:da:ee:25:2e:ae:00:fc:8b:
2e:c0:b5:31:38:45:b1:8d:e3:12:d4:9c:03:a6:46:be:ec:be:
e3:52:2c:fa:18:7f:39:9b:d6:aa:8e:03:cc:9e:95:85:11:c1:
63:d6:82:00:42:84:70:5e:9e:50:5e:bd:62:66:cb:37:e7:8c:
cc:24:68:c7:23:cb:69:84:b6:19:46:36:62:26:a3:94:30:4b:
34:fb:ba:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZRLs8FG2X3/qochhvRJyLSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTA5MTUzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYyYWM4YTZhZjhiY2UxN2ZhZTljMjc3MGJlYWJiOGUxNzVmMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHrbqzszmwMagPPVDJKDVmlAciE6
43dEhLSBSC8i5KyS3j0c+O57Lm7KU7wP3wny1gcRxGMAduGU56QiaitTYtgke1j/
pc4O3TLCr3TB4qMsQYtVr4laRrg9LiZ4qwxVce72PqnNMcJ9D8UfOnh66cMC8Bw2
njyo63Wxz7eUfMgp7Fmv7PV2t5AHKgDsEspfvhoqhHFWwoQUTxeBsUMCq3gKoG1R
OsWbqI8wROuCRXPFS+xFQL4UDgMO1i9AHjrutpOss+T8VfEu/NwCCue8JTHVys3L
1jByg04kxZrDkTcJ3rgzy4nIDeTZRVwueXTsqa5dKznCKqFhHg1iz2SbWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPVirIpq+Lzhf66cJ3C+q7jhdfGGMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvOVdLc2ltcjR2T0ZfcnB3bmNMNnJ1T0YxOFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuboIMA8E
AgACMAkDBwAqC2uGAAAwDQYJKoZIhvcNAQELBQADggEBAK+h9IuNT8slzktfwUJq
+HRE2f6MhN7bu2kZbtDZNj9qVXK90gQfQ1w7c5cguXCwIwXQNE8ucm0SIft0GbL4
Q5LBR3TMkPksX80/vpnwCqQU4i0mu6KytHlOYSvcpve0j5p/f7scmnol2vobokAT
6IJprfNPLJuCDFxolKVksppqGhVDOWXHn/oapZLj8IJZZ9Z0cLSEPFMvyAZl9zNJ
Gu4NZ6TYCzHDUR36D8ja7iUurgD8iy7AtTE4RbGN4xLUnAOmRr7svuNSLPoYfzmb
1qqOA8yelYURwWPWggBChHBenlBevWJmyzfnjMwkaMcjy2mEthlGNmImo5QwSzT7
unY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:12:12 2025 by rpki-client