Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/2GHd82bYgw8BDEpGFEObsgj4GIY.roa
File: 2GHd82bYgw8BDEpGFEObsgj4GIY.roa (raw, json)
Hash identifier: liSBYiGTK2+U82E9Rpm6tCjVkQrA0pUPU05Mwutm5Y4=
Subject key identifier: D8:61:DD:F3:66:D8:83:0F:01:0C:4A:46:14:43:9B:B2:08:F8:18:86
Certificate issuer: /CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Certificate serial: 019421B1D712A38902D6970128EF4FD48B53
Authority key identifier: A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/2GHd82bYgw8BDEpGFEObsgj4GIY.roa
Signing time: Wed 01 Jan 2025 11:48:10 +0000
ROA not before: Wed 01 Jan 2025 11:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.253.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d7:12:a3:89:02:d6:97:01:28:ef:4f:d4:8b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Validity
Not Before: Jan 1 11:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d861ddf366d8830f010c4a4614439bb208f81886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:88:cd:d0:5f:46:3e:f9:ef:e5:16:67:29:3f:
54:95:5a:88:cb:ac:fe:98:cc:3b:79:25:66:c4:c5:
7d:79:48:83:58:35:68:03:e4:fa:9c:4b:6e:df:ef:
fb:0b:7a:55:50:ca:5c:c9:d8:19:d0:f9:23:9f:7e:
36:11:1d:6d:f4:06:f4:be:1b:c9:b6:08:f1:7c:79:
d0:97:25:95:24:f5:f6:7f:85:c6:dd:ff:a5:43:84:
af:82:21:dc:bf:95:5a:f7:1d:0b:43:11:1f:12:36:
de:3c:90:d9:25:4d:4a:4c:27:69:74:1e:06:f4:23:
4b:24:28:4e:ed:b0:2b:9e:c4:9d:65:e7:f3:01:4c:
92:68:d6:dc:b6:15:2f:32:15:a3:78:f6:87:f4:4d:
e1:e6:7e:9c:fa:af:d9:c9:69:c0:8a:81:c8:eb:09:
cb:5d:55:2d:83:96:f9:c2:5b:c6:1f:8a:e3:5b:35:
58:68:92:8a:76:3e:62:4c:eb:73:75:02:94:ca:71:
dd:b8:ec:39:3f:54:f3:1a:df:84:0b:91:35:b5:00:
d3:53:bb:3b:4c:a4:81:12:46:40:31:7c:a9:f0:6c:
b9:33:83:6e:80:29:4c:28:9b:41:04:48:63:11:8e:
68:bc:51:16:5e:51:9f:07:38:3a:f1:70:51:9b:7d:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:61:DD:F3:66:D8:83:0F:01:0C:4A:46:14:43:9B:B2:08:F8:18:86
X509v3 Authority Key Identifier:
keyid:A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/2GHd82bYgw8BDEpGFEObsgj4GIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/qcxE1_HQ3Apavyd2SVth3kgZkl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.9.0/24
Signature Algorithm: sha256WithRSAEncryption
95:90:af:b6:f1:78:04:50:0f:4c:5e:16:10:d5:2c:11:79:d5:
43:57:f9:4b:0f:dd:fd:33:2d:3d:db:e9:00:0d:52:4d:62:ff:
08:30:2e:a5:2c:9c:16:3a:45:c6:4a:89:6b:cf:32:91:3f:8c:
52:ae:2e:16:ac:eb:cc:47:37:44:9a:63:17:ea:ab:07:fc:f1:
a5:fe:e0:93:fa:33:cd:ec:17:7e:14:e9:7a:42:ab:b1:1e:2d:
f1:b7:8a:ac:1c:df:77:71:89:9b:d4:ca:2d:04:79:f5:bd:e4:
ef:7f:08:f9:04:7b:64:04:93:4c:14:d2:5f:4a:88:ca:27:68:
3c:fb:63:1b:57:b7:e2:4a:8c:54:3e:b0:08:58:5e:38:14:d1:
8a:d6:f6:09:fc:83:90:de:77:b0:a1:2f:a3:c5:75:fa:58:34:
82:3a:be:45:50:f3:af:9c:f8:e3:10:50:fa:9f:7b:7c:1b:c8:
96:e9:14:57:9f:72:7f:d8:1b:06:f5:39:57:32:07:91:e6:8d:
99:f9:85:86:26:8d:2d:ba:97:52:d8:dd:54:48:79:4e:23:8a:
6a:1b:b3:f1:ac:87:c5:e1:8e:34:d7:84:af:ca:de:9c:45:ce:
23:d9:7a:2b:4e:bd:98:d8:9a:e7:93:1a:c0:e9:fd:17:4f:7a:
f5:ec:d0:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdcSo4kC1pcBKO9P1ItTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Y2M0NGQ3ZjFkMGRjMGE1YWJmMjc3NjQ5NWI2MWRlNDgx
OTkyNWYwHhcNMjUwMTAxMTE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYxZGRmMzY2ZDg4MzBmMDEwYzRhNDYxNDQzOWJiMjA4ZjgxODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4jN0F9GPvnv5RZnKT9UlVqIy6z+
mMw7eSVmxMV9eUiDWDVoA+T6nEtu3+/7C3pVUMpcydgZ0Pkjn342ER1t9Ab0vhvJ
tgjxfHnQlyWVJPX2f4XG3f+lQ4SvgiHcv5Va9x0LQxEfEjbePJDZJU1KTCdpdB4G
9CNLJChO7bArnsSdZefzAUySaNbcthUvMhWjePaH9E3h5n6c+q/ZyWnAioHI6wnL
XVUtg5b5wlvGH4rjWzVYaJKKdj5iTOtzdQKUynHduOw5P1TzGt+EC5E1tQDTU7s7
TKSBEkZAMXyp8Gy5M4NugClMKJtBBEhjEY5ovFEWXlGfBzg68XBRm32uFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhh3fNm2IMPAQxKRhRDm7II+BiGMB8GA1UdIwQY
MBaAFKnMRNfx0NwKWr8ndklbYd5IGZJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWN4RTFfSFEzQXBhdnlkMlNWdGgza2daa2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kYWI4NjctYTU3OS00YTk1LWFlZjct
MTYxN2YzOGE2ZGZjLzEvMkdIZDgyYllndzhCREVwR0ZFT2JzZ2o0R0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kYWI4NjctYTU3OS00YTk1LWFlZjctMTYxN2YzOGE2ZGZj
LzEvcWN4RTFfSFEzQXBhdnlkMlNWdGgza2daa2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0JMA0G
CSqGSIb3DQEBCwUAA4IBAQCVkK+28XgEUA9MXhYQ1SwRedVDV/lLD939My092+kA
DVJNYv8IMC6lLJwWOkXGSolrzzKRP4xSri4WrOvMRzdEmmMX6qsH/PGl/uCT+jPN
7Bd+FOl6QquxHi3xt4qsHN93cYmb1MotBHn1veTvfwj5BHtkBJNMFNJfSojKJ2g8
+2MbV7fiSoxUPrAIWF44FNGK1vYJ/IOQ3newoS+jxXX6WDSCOr5FUPOvnPjjEFD6
n3t8G8iW6RRXn3J/2BsG9TlXMgeR5o2Z+YWGJo0tupdS2N1USHlOI4pqG7PxrIfF
4Y4014Svyt6cRc4j2XorTr2Y2JrnkxrA6f0XT3r17NAV
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:16 2025 by rpki-client