Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/321889-abc6-43a8-b28a-bb29063f4881/1/k9U72mP-Km1xWLf3e9wAtG2m9RI.roa
File: k9U72mP-Km1xWLf3e9wAtG2m9RI.roa (raw, json)
Hash identifier: Pej7Eh2aiqSEO+t6zjd8tEra9H0XG62qu73Vt5mmuqQ=
Subject key identifier: 93:D5:3B:DA:63:FE:2A:6D:71:58:B7:F7:7B:DC:00:B4:6D:A6:F5:12
Certificate issuer: /CN=b7b9fc504a4d2178ae4f73c877c5f907bb476bf8
Certificate serial: 0194B801646A9ABDFCCC93E9F0A5AC20CDF2
Authority key identifier: B7:B9:FC:50:4A:4D:21:78:AE:4F:73:C8:77:C5:F9:07:BB:47:6B:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t7n8UEpNIXiuT3PId8X5B7tHa_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/321889-abc6-43a8-b28a-bb29063f4881/1/k9U72mP-Km1xWLf3e9wAtG2m9RI.roa
Signing time: Thu 30 Jan 2025 16:18:06 +0000
ROA not before: Thu 30 Jan 2025 16:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.114.0/24 maxlen: 24
2001:7f8:c5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:01:64:6a:9a:bd:fc:cc:93:e9:f0:a5:ac:20:cd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7b9fc504a4d2178ae4f73c877c5f907bb476bf8
Validity
Not Before: Jan 30 16:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93d53bda63fe2a6d7158b7f77bdc00b46da6f512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:58:3a:9b:59:b1:74:7c:19:57:eb:b8:d3:
b2:ac:66:a3:ce:0f:43:c0:1b:16:9f:b3:c3:cc:10:
3b:01:0a:67:c1:0d:ea:7b:15:22:35:b0:45:d8:74:
a4:8d:4f:01:8f:e9:d1:b3:ff:f4:36:61:fa:83:8b:
ac:75:e6:1d:6c:46:96:42:96:3f:b2:3c:cf:83:e7:
95:f9:d4:25:99:c6:68:c7:79:b0:1e:3f:54:65:e0:
92:f6:66:1b:09:8d:68:af:4f:b2:bd:53:61:d7:59:
54:a1:4b:e4:97:d6:1f:7e:2d:76:5f:aa:c8:56:76:
3d:1a:22:47:46:1a:3f:3f:49:2a:ad:e8:5c:55:62:
ff:19:28:8f:26:08:89:69:dd:2f:c3:48:d4:6a:3f:
b0:96:43:d6:59:3f:9d:21:71:0d:60:70:37:40:e7:
70:cc:04:6e:1a:46:a2:04:af:da:a0:43:c4:5b:3d:
76:d8:b3:ea:98:dd:91:94:da:c8:1d:76:8a:c4:d3:
21:76:7c:fd:c7:c5:28:fa:09:7f:5d:28:1b:98:cd:
ec:81:f4:2b:90:74:4d:c1:e1:a7:59:88:7d:cc:dd:
23:89:65:35:ab:cb:6b:cc:e1:12:f7:de:4b:14:d2:
df:e5:17:3d:c5:de:cf:c7:73:3e:df:29:31:7b:7c:
c3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D5:3B:DA:63:FE:2A:6D:71:58:B7:F7:7B:DC:00:B4:6D:A6:F5:12
X509v3 Authority Key Identifier:
keyid:B7:B9:FC:50:4A:4D:21:78:AE:4F:73:C8:77:C5:F9:07:BB:47:6B:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7n8UEpNIXiuT3PId8X5B7tHa_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/321889-abc6-43a8-b28a-bb29063f4881/1/k9U72mP-Km1xWLf3e9wAtG2m9RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/321889-abc6-43a8-b28a-bb29063f4881/1/t7n8UEpNIXiuT3PId8X5B7tHa_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.114.0/24
IPv6:
2001:7f8:c5::/48
Signature Algorithm: sha256WithRSAEncryption
09:e0:6a:0f:ab:49:4a:95:f0:00:5d:5f:69:12:a2:97:97:1b:
b4:bd:32:fe:70:4d:d6:ea:7a:64:ff:7a:87:93:b2:97:26:3a:
80:99:01:a6:34:ac:8a:7a:92:66:06:57:36:ab:08:e7:92:aa:
c8:3e:40:5e:be:b1:51:c4:51:e3:3a:6b:3b:7a:fd:6e:09:2a:
2a:6a:7d:2c:ca:26:a4:eb:b5:a2:89:ab:90:8b:f8:38:3f:ae:
b3:39:b1:aa:3a:10:19:6b:d0:37:39:13:61:19:a9:44:58:51:
80:09:d8:ea:bd:19:d5:c4:99:3a:2b:46:fe:1d:f3:10:db:6f:
3a:a1:f4:32:f6:41:73:ab:50:3b:28:b8:4c:88:29:6b:01:68:
3e:10:4c:6a:16:34:fa:0d:d9:39:74:7b:04:2b:8e:e5:bc:ae:
95:6f:7b:5a:79:da:5c:5b:34:a9:29:0e:c1:bb:98:2c:40:42:
d8:3e:d5:50:3a:9a:8c:df:99:5f:f3:1f:48:5c:5c:56:73:ee:
cf:f4:22:cb:c0:9a:8a:1c:0a:0f:86:53:05:e2:9b:d2:df:fe:
2e:c9:ab:00:94:aa:2f:3a:4b:d9:8b:73:06:ab:58:94:41:de:
2e:9a:2f:90:0e:e9:e7:a8:a0:4d:96:ca:f3:a2:4c:91:89:c2:
79:27:2d:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZS4AWRqmr38zJPp8KWsIM3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YjlmYzUwNGE0ZDIxNzhhZTRmNzNjODc3YzVmOTA3YmI0
NzZiZjgwHhcNMjUwMTMwMTYxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Q1M2JkYTYzZmUyYTZkNzE1OGI3Zjc3YmRjMDBiNDZkYTZmNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP5YOptZsXR8GVfruNOyrGajzg9D
wBsWn7PDzBA7AQpnwQ3qexUiNbBF2HSkjU8Bj+nRs//0NmH6g4usdeYdbEaWQpY/
sjzPg+eV+dQlmcZox3mwHj9UZeCS9mYbCY1or0+yvVNh11lUoUvkl9Yffi12X6rI
VnY9GiJHRho/P0kqrehcVWL/GSiPJgiJad0vw0jUaj+wlkPWWT+dIXENYHA3QOdw
zARuGkaiBK/aoEPEWz122LPqmN2RlNrIHXaKxNMhdnz9x8Uo+gl/XSgbmM3sgfQr
kHRNweGnWYh9zN0jiWU1q8trzOES995LFNLf5Rc9xd7Px3M+3ykxe3zDFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJPVO9pj/iptcVi393vcALRtpvUSMB8GA1UdIwQY
MBaAFLe5/FBKTSF4rk9zyHfF+Qe7R2v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDduOFVFcE5JWGl1VDNQSWQ4WDVCN3RIYV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zMjE4ODktYWJjNi00M2E4LWIyOGEt
YmIyOTA2M2Y0ODgxLzEvazlVNzJtUC1LbTF4V0xmM2U5d0F0RzJtOVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zMjE4ODktYWJjNi00M2E4LWIyOGEtYmIyOTA2M2Y0ODgx
LzEvdDduOFVFcE5JWGl1VDNQSWQ4WDVCN3RIYV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFyMA8E
AgACMAkDBwAgAQf4AMUwDQYJKoZIhvcNAQELBQADggEBAAngag+rSUqV8ABdX2kS
opeXG7S9Mv5wTdbqemT/eoeTspcmOoCZAaY0rIp6kmYGVzarCOeSqsg+QF6+sVHE
UeM6azt6/W4JKipqfSzKJqTrtaKJq5CL+Dg/rrM5sao6EBlr0Dc5E2EZqURYUYAJ
2Oq9GdXEmTorRv4d8xDbbzqh9DL2QXOrUDsouEyIKWsBaD4QTGoWNPoN2Tl0ewQr
juW8rpVve1p52lxbNKkpDsG7mCxAQtg+1VA6mozfmV/zH0hcXFZz7s/0IsvAmooc
Cg+GUwXim9Lf/i7JqwCUqi86S9mLcwarWJRB3i6aL5AO6eeooE2WyvOiTJGJwnkn
LWM=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:31 2025 by rpki-client