Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/k3rbbEPpjq5KXboRY5_aYtc_PUY.roa
File: k3rbbEPpjq5KXboRY5_aYtc_PUY.roa (raw, json)
Hash identifier: LAFrjjYetPdugPzw+TAKgOjCyawPn+AIflS3rhTUdOc=
Subject key identifier: 93:7A:DB:6C:43:E9:8E:AE:4A:5D:BA:11:63:9F:DA:62:D7:3F:3D:46
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019425FDD9043DB8B7D754D26F4C1B847D09
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/k3rbbEPpjq5KXboRY5_aYtc_PUY.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48550
IP address blocks: 185.133.210.0/24 maxlen: 24
2a06:e880::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d9:04:3d:b8:b7:d7:54:d2:6f:4c:1b:84:7d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=937adb6c43e98eae4a5dba11639fda62d73f3d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:21:01:21:06:42:81:60:8a:a4:c9:fd:43:91:
84:fe:d8:c7:a3:50:1b:6a:07:0c:18:b7:76:01:bc:
67:73:90:1a:2a:73:10:a7:97:15:04:90:10:d2:f3:
7e:f2:d7:8d:fd:c9:96:fe:3b:6e:7b:7d:1c:4f:ad:
38:40:4e:63:2a:d1:d5:cc:1a:12:54:7d:d3:68:bf:
25:28:33:90:35:0e:96:0b:40:47:32:de:e0:d2:c6:
46:ad:05:5c:ec:19:ea:7a:0e:08:ba:85:41:8d:a1:
e1:2b:8c:cf:e8:50:60:f0:16:c6:50:c1:de:94:5a:
42:c3:12:43:63:69:b5:15:c2:ee:a3:41:63:5e:08:
a1:b4:14:2d:fb:9b:2e:22:fa:0b:4a:b0:c5:a6:83:
ef:0e:69:5f:68:4f:2c:f9:61:4a:f0:b1:d4:a3:15:
b3:e1:68:4e:b0:1d:bb:78:5d:e1:30:04:ea:6b:e0:
6e:78:29:26:0a:af:f1:c7:da:15:61:6b:55:9d:17:
d5:1a:c5:56:08:78:75:6e:d7:22:45:51:3b:69:65:
a1:a6:33:d7:f6:d0:0a:4f:d7:38:b6:21:b1:74:35:
e6:3d:4d:c0:ff:63:8f:85:dc:2e:ba:e8:bc:e8:9b:
7a:ca:de:c9:55:71:24:0d:2d:21:4d:19:58:fa:0c:
08:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7A:DB:6C:43:E9:8E:AE:4A:5D:BA:11:63:9F:DA:62:D7:3F:3D:46
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/k3rbbEPpjq5KXboRY5_aYtc_PUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.210.0/24
IPv6:
2a06:e880::/32
Signature Algorithm: sha256WithRSAEncryption
7a:2b:cb:b3:2a:e5:60:ed:07:c8:5e:89:3e:2e:95:22:6b:3a:
7f:6d:7d:e9:7f:14:d2:9f:48:70:c2:aa:19:c5:77:9e:4d:2f:
54:19:50:2d:1f:9a:d7:44:73:65:70:4d:0e:51:40:ac:d6:88:
9c:13:b4:b2:89:94:6a:19:3c:f5:10:a9:6c:f7:38:cd:1d:ed:
c3:96:c7:25:71:57:18:38:8d:1c:b5:e6:ae:70:5f:46:0e:ca:
6f:53:44:fc:bc:36:91:bf:24:0b:5a:2e:02:4f:3c:df:cf:39:
d7:4d:cd:f9:68:c2:f7:cf:d2:c3:08:b4:cf:23:29:9a:fe:53:
85:b4:1e:8b:57:c0:36:1c:e4:cf:08:c3:21:81:5f:ff:6f:c5:
9d:dc:56:b1:fd:38:51:59:20:0e:03:52:d2:29:89:9b:b8:c7:
4f:22:c8:d8:9e:fe:72:59:6c:cf:9f:ee:25:77:35:91:ae:e3:
de:c8:ed:8c:cd:88:1e:47:8e:f9:07:2c:c8:79:28:e6:a3:37:
49:bf:d5:42:2e:c8:24:7f:d8:4c:d8:6b:ba:78:e7:31:9e:db:
8d:57:66:87:d6:e9:75:8e:bb:13:b9:62:4c:43:c1:28:8a:50:
7a:48:61:c3:f9:09:eb:46:52:82:d0:a4:76:fe:05:29:c9:41:
a7:30:4d:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/dkEPbi311TSb0wbhH0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdhZGI2YzQzZTk4ZWFlNGE1ZGJhMTE2MzlmZGE2MmQ3M2YzZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8CEBIQZCgWCKpMn9Q5GE/tjHo1Ab
agcMGLd2Abxnc5AaKnMQp5cVBJAQ0vN+8teN/cmW/jtue30cT604QE5jKtHVzBoS
VH3TaL8lKDOQNQ6WC0BHMt7g0sZGrQVc7Bnqeg4IuoVBjaHhK4zP6FBg8BbGUMHe
lFpCwxJDY2m1FcLuo0FjXgihtBQt+5suIvoLSrDFpoPvDmlfaE8s+WFK8LHUoxWz
4WhOsB27eF3hMATqa+BueCkmCq/xx9oVYWtVnRfVGsVWCHh1btciRVE7aWWhpjPX
9tAKT9c4tiGxdDXmPU3A/2OPhdwuuui86Jt6yt7JVXEkDS0hTRlY+gwI2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJN622xD6Y6uSl26EWOf2mLXPz1GMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvazNyYmJFUHBqcTVLWGJvUlk1X2FZdGNfUFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYXSMA0E
AgACMAcDBQAqBuiAMA0GCSqGSIb3DQEBCwUAA4IBAQB6K8uzKuVg7QfIXok+LpUi
azp/bX3pfxTSn0hwwqoZxXeeTS9UGVAtH5rXRHNlcE0OUUCs1oicE7SyiZRqGTz1
EKls9zjNHe3DlsclcVcYOI0cteaucF9GDspvU0T8vDaRvyQLWi4CTzzfzznXTc35
aML3z9LDCLTPIyma/lOFtB6LV8A2HOTPCMMhgV//b8Wd3Fax/ThRWSAOA1LSKYmb
uMdPIsjYnv5yWWzPn+4ldzWRruPeyO2MzYgeR475ByzIeSjmozdJv9VCLsgkf9hM
2Gu6eOcxntuNV2aH1ul1jrsTuWJMQ8EoilB6SGHD+QnrRlKC0KR2/gUpyUGnME2e
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:19 2025 by rpki-client