Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/7jIS7Kg3pQ0rAdPTN8-mhFQ9NMI.roa
File: 7jIS7Kg3pQ0rAdPTN8-mhFQ9NMI.roa (raw, json)
Hash identifier: X1BBv86nq4mpZk7vS1wx5rzfijmXxCD6/5jYb3vftEE=
Subject key identifier: EE:32:12:EC:A8:37:A5:0D:2B:01:D3:D3:37:CF:A6:84:54:3D:34:C2
Certificate issuer: /CN=d4d65ca34a968b0d8561ab8776dbb02ddb7c7833
Certificate serial: 0194569EBD9475EF71FCFE23F675D2432CF7
Authority key identifier: D4:D6:5C:A3:4A:96:8B:0D:85:61:AB:87:76:DB:B0:2D:DB:7C:78:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NZco0qWiw2FYauHdtuwLdt8eDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/7jIS7Kg3pQ0rAdPTN8-mhFQ9NMI.roa
Signing time: Sat 11 Jan 2025 18:27:11 +0000
ROA not before: Sat 11 Jan 2025 18:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 185.238.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:56:9e:bd:94:75:ef:71:fc:fe:23:f6:75:d2:43:2c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d65ca34a968b0d8561ab8776dbb02ddb7c7833
Validity
Not Before: Jan 11 18:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee3212eca837a50d2b01d3d337cfa684543d34c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:40:2d:4d:4b:f9:20:0e:4c:a2:f5:62:12:ee:
ed:52:42:9f:d7:2a:21:f1:9a:1b:8e:44:aa:28:c6:
dd:1a:1c:d3:c4:fa:e4:42:fc:29:fd:d9:9e:d2:c2:
86:5d:ef:75:03:a1:f2:5a:58:c1:6f:1a:7e:25:7d:
52:ca:e5:4c:0f:2b:06:54:71:33:9d:12:22:f4:c9:
87:e8:b2:41:67:66:d1:a2:61:2a:e8:21:87:16:de:
3d:d7:37:de:d1:12:4f:1d:e7:2d:f6:e0:09:4a:4f:
1e:08:5c:98:13:e2:25:d6:bc:70:a9:3b:fc:f2:b8:
6a:47:74:f9:e1:5b:14:5e:92:d9:1f:0a:b3:72:b6:
c1:a1:1c:4d:6a:dd:16:59:6b:5a:ee:1a:c8:80:c8:
1f:d1:98:ba:c8:06:07:0e:45:bc:f4:9b:da:40:85:
1c:02:de:4f:db:5f:c1:2f:34:93:92:6d:4a:af:3e:
8e:b2:b0:4a:bf:a4:a1:5f:4a:42:0d:34:92:d0:cb:
9b:5f:f5:f9:b3:36:7f:03:ab:88:52:08:42:24:26:
ee:d1:87:75:f0:1e:8d:a5:0a:c2:20:0e:bc:83:60:
ed:0f:8e:57:91:3f:f3:8d:88:8a:c9:29:9f:d8:cc:
2c:31:42:02:43:82:ce:02:cd:65:5c:12:d6:4c:4d:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:32:12:EC:A8:37:A5:0D:2B:01:D3:D3:37:CF:A6:84:54:3D:34:C2
X509v3 Authority Key Identifier:
keyid:D4:D6:5C:A3:4A:96:8B:0D:85:61:AB:87:76:DB:B0:2D:DB:7C:78:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NZco0qWiw2FYauHdtuwLdt8eDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/7jIS7Kg3pQ0rAdPTN8-mhFQ9NMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/1NZco0qWiw2FYauHdtuwLdt8eDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.40.0/22
Signature Algorithm: sha256WithRSAEncryption
07:67:ed:d3:ae:d8:95:78:6c:37:fe:38:81:1b:bc:fa:6b:20:
6a:1a:24:ce:5d:47:22:43:13:68:3e:96:57:25:4c:a9:bd:b3:
3f:a4:99:ef:8f:c7:9d:66:b8:cd:ed:79:29:93:70:26:a8:65:
a7:76:b6:8e:8e:38:45:cb:29:59:67:10:e1:2f:53:fc:d4:49:
f2:6f:92:5d:d0:a4:51:ee:f2:3d:af:ab:f0:3c:dc:32:30:6b:
13:ec:60:be:5c:27:39:7d:64:77:a1:b1:35:a7:8a:fd:ce:6a:
36:c2:1b:00:06:ec:bd:27:fc:04:ee:78:8e:0e:cf:15:7d:c6:
15:63:ee:dc:b4:9f:ea:18:97:16:12:c3:06:52:b9:b7:8e:2a:
e3:90:a0:98:69:b7:b0:3f:95:9e:41:65:95:9f:08:68:d1:36:
9d:cb:ff:9b:29:2f:29:bb:4e:d8:4b:74:d0:f2:68:bc:89:2d:
a5:8d:c5:4d:fa:68:55:73:f9:57:ff:47:12:92:8b:21:21:48:
4a:29:0d:ef:83:8d:2b:bf:f8:86:22:da:36:39:77:a2:da:b2:
ef:44:26:81:c1:a0:97:ef:a3:d9:6f:54:fa:e6:90:59:8a:19:
17:34:d5:38:4a:e5:e9:ee:a3:26:bd:8f:3d:57:12:43:e7:b0:
3a:6d:ff:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRWnr2Ude9x/P4j9nXSQyz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDY1Y2EzNGE5NjhiMGQ4NTYxYWI4Nzc2ZGJiMDJkZGI3
Yzc4MzMwHhcNMjUwMTExMTgyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMyMTJlY2E4MzdhNTBkMmIwMWQzZDMzN2NmYTY4NDU0M2QzNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUAtTUv5IA5MovViEu7tUkKf1yoh
8ZobjkSqKMbdGhzTxPrkQvwp/dme0sKGXe91A6HyWljBbxp+JX1SyuVMDysGVHEz
nRIi9MmH6LJBZ2bRomEq6CGHFt491zfe0RJPHect9uAJSk8eCFyYE+Il1rxwqTv8
8rhqR3T54VsUXpLZHwqzcrbBoRxNat0WWWta7hrIgMgf0Zi6yAYHDkW89JvaQIUc
At5P21/BLzSTkm1Krz6OsrBKv6ShX0pCDTSS0MubX/X5szZ/A6uIUghCJCbu0Yd1
8B6NpQrCIA68g2DtD45XkT/zjYiKySmf2MwsMUICQ4LOAs1lXBLWTE3KcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4yEuyoN6UNKwHT0zfPpoRUPTTCMB8GA1UdIwQY
MBaAFNTWXKNKlosNhWGrh3bbsC3bfHgzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5aY28wcVdpdzJGWWF1SGR0dXdMZHQ4ZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zY2MzNGQtMGYzMi00YTVkLTk4NGIt
MzJlZmY5NWIzOWRjLzEvN2pJUzdLZzNwUTByQWRQVE44LW1oRlE5Tk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zY2MzNGQtMGYzMi00YTVkLTk4NGItMzJlZmY5NWIzOWRj
LzEvMU5aY28wcVdpdzJGWWF1SGR0dXdMZHQ4ZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4oMA0G
CSqGSIb3DQEBCwUAA4IBAQAHZ+3TrtiVeGw3/jiBG7z6ayBqGiTOXUciQxNoPpZX
JUypvbM/pJnvj8edZrjN7Xkpk3AmqGWndraOjjhFyylZZxDhL1P81Enyb5Jd0KRR
7vI9r6vwPNwyMGsT7GC+XCc5fWR3obE1p4r9zmo2whsABuy9J/wE7niODs8VfcYV
Y+7ctJ/qGJcWEsMGUrm3jirjkKCYabewP5WeQWWVnwho0Tady/+bKS8pu07YS3TQ
8mi8iS2ljcVN+mhVc/lX/0cSkoshIUhKKQ3vg40rv/iGIto2OXei2rLvRCaBwaCX
76PZb1T65pBZihkXNNU4SuXp7qMmvY89VxJD57A6bf95
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:15:04 2025 by rpki-client