Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/Orf9dx9lP2Aq1RT4wGk6GNHmX0A.roa
File: Orf9dx9lP2Aq1RT4wGk6GNHmX0A.roa (raw, json)
Hash identifier: gI2QpRe4bPe1SlAUdlEc7QRHCXDom37+yMhhP7/Xj/Q=
Subject key identifier: 3A:B7:FD:77:1F:65:3F:60:2A:D5:14:F8:C0:69:3A:18:D1:E6:5F:40
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 0194266BE22DC638A26E318743CD8CE64420
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/Orf9dx9lP2Aq1RT4wGk6GNHmX0A.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205733
IP address blocks: 185.91.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e2:2d:c6:38:a2:6e:31:87:43:cd:8c:e6:44:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab7fd771f653f602ad514f8c0693a18d1e65f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:d1:05:c2:67:04:86:a2:64:11:01:71:6d:
1a:36:4a:69:c1:c2:9a:6f:76:da:98:d7:4d:9d:25:
56:05:36:3b:71:d6:e6:d7:47:b0:b5:b3:17:4b:1e:
08:49:23:b8:be:ef:04:0e:40:f2:6a:4e:3d:da:16:
81:ec:b0:e1:a5:bf:b9:ce:13:40:1b:fb:98:ad:b0:
f4:ac:c8:e1:92:fd:53:d6:72:29:5d:2d:e7:7a:04:
34:22:ac:3b:10:88:16:77:93:1b:cd:ba:35:2c:fd:
41:19:22:ae:52:15:eb:cb:46:96:34:0c:95:f4:a0:
37:81:7c:64:18:d4:2a:22:be:c3:f2:33:2a:ba:8e:
2f:c8:9c:cd:82:e0:4c:05:7c:cf:8c:36:9a:13:1b:
15:d8:e4:08:bf:b9:3e:fa:f3:65:54:1e:ee:19:08:
d1:fe:44:5a:b2:df:50:00:86:b9:e5:08:25:60:e9:
00:eb:b1:1b:4f:a5:ae:32:47:5b:22:69:f4:07:8f:
32:d5:d4:70:0c:f7:e1:de:0c:d8:57:be:83:9e:93:
f8:2a:93:89:86:b8:c0:61:3e:59:c7:b0:7f:26:ed:
05:1d:2f:a3:ec:ee:ad:bd:54:b6:78:98:2a:96:99:
75:cc:2b:10:7d:13:ea:4c:17:45:df:db:e8:2b:35:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:FD:77:1F:65:3F:60:2A:D5:14:F8:C0:69:3A:18:D1:E6:5F:40
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/Orf9dx9lP2Aq1RT4wGk6GNHmX0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:9a:eb:52:24:96:e4:8c:c7:11:b5:03:c7:a4:46:57:9e:cf:
d8:25:c2:3d:a0:a8:23:c8:42:32:5c:10:d8:95:71:55:ff:9f:
81:23:8f:48:46:b5:ad:5d:47:c5:ec:17:f1:95:e5:da:67:76:
7c:9a:54:53:ca:f0:17:5b:1a:42:51:dc:3c:28:0c:5b:58:e6:
31:54:89:13:2a:72:df:74:06:9e:e8:7e:c5:cc:f0:5c:9f:ef:
36:9c:6b:ec:d7:95:27:b3:0c:35:80:7f:0b:cc:2f:df:66:53:
eb:45:91:06:69:e6:fd:ea:06:85:6e:a8:bc:44:ee:aa:93:08:
d5:bb:a7:24:7e:64:68:6b:ac:4a:f4:c5:97:8d:79:c4:ef:40:
c0:ea:68:03:d3:3d:88:45:a8:c1:70:95:86:c2:a4:f8:c2:fc:
d4:cd:da:a5:48:83:61:9e:28:3c:1c:00:d1:81:8e:58:a5:4d:
4d:81:36:0b:d0:d3:fd:de:82:7a:46:51:fc:e4:d9:08:aa:fc:
9b:a7:3b:53:e9:18:d3:b4:f5:47:97:53:6a:d4:4e:75:83:b5:
db:70:d5:54:9d:55:05:2b:04:3c:9f:86:27:49:3b:7a:c9:2f:
87:02:72:a4:86:a7:1b:82:0a:af:ae:bf:02:f8:45:65:de:76:
03:d3:ff:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma+ItxjiibjGHQ82M5kQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3ZmQ3NzFmNjUzZjYwMmFkNTE0ZjhjMDY5M2ExOGQxZTY1ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPzRBcJnBIaiZBEBcW0aNkppwcKa
b3bamNdNnSVWBTY7cdbm10ewtbMXSx4ISSO4vu8EDkDyak492haB7LDhpb+5zhNA
G/uYrbD0rMjhkv1T1nIpXS3negQ0Iqw7EIgWd5Mbzbo1LP1BGSKuUhXry0aWNAyV
9KA3gXxkGNQqIr7D8jMquo4vyJzNguBMBXzPjDaaExsV2OQIv7k++vNlVB7uGQjR
/kRast9QAIa55QglYOkA67EbT6WuMkdbImn0B48y1dRwDPfh3gzYV76DnpP4KpOJ
hrjAYT5Zx7B/Ju0FHS+j7O6tvVS2eJgqlpl1zCsQfRPqTBdF39voKzUlawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq3/XcfZT9gKtUU+MBpOhjR5l9AMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvT3JmOWR4OWxQMkFxMVJUNHdHazZHTkhtWDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVvNMA0G
CSqGSIb3DQEBCwUAA4IBAQCfmutSJJbkjMcRtQPHpEZXns/YJcI9oKgjyEIyXBDY
lXFV/5+BI49IRrWtXUfF7BfxleXaZ3Z8mlRTyvAXWxpCUdw8KAxbWOYxVIkTKnLf
dAae6H7FzPBcn+82nGvs15Unsww1gH8LzC/fZlPrRZEGaeb96gaFbqi8RO6qkwjV
u6ckfmRoa6xK9MWXjXnE70DA6mgD0z2IRajBcJWGwqT4wvzUzdqlSINhnig8HADR
gY5YpU1NgTYL0NP93oJ6RlH85NkIqvybpztT6RjTtPVHl1Nq1E51g7XbcNVUnVUF
KwQ8n4YnSTt6yS+HAnKkhqcbggqvrr8C+EVl3nYD0/+k
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:22 2025 by rpki-client