Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/2vSBXa-4cZ9KNUTnl_Cntx4udbg.roa
File: 2vSBXa-4cZ9KNUTnl_Cntx4udbg.roa (raw, json)
Hash identifier: gZugcctK6vS3axiBuW+2L4PJ0fff6TOOybJrcmsWbI0=
Subject key identifier: DA:F4:81:5D:AF:B8:71:9F:4A:35:44:E7:97:F0:A7:B7:1E:2E:75:B8
Certificate issuer: /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial: 01941FFA0D91063945FE5CA8CD0A5B4B21B4
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/2vSBXa-4cZ9KNUTnl_Cntx4udbg.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199873
IP address blocks: 185.43.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:91:06:39:45:fe:5c:a8:cd:0a:5b:4b:21:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daf4815dafb8719f4a3544e797f0a7b71e2e75b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6f:eb:ab:06:83:72:0e:64:aa:76:a1:1a:bd:
71:e7:fb:04:ab:ee:c7:b2:8c:db:3b:40:e4:5c:6a:
b1:54:ca:fe:cf:e0:bd:bc:6d:a7:9f:7c:06:03:59:
49:6a:4d:ba:ef:d8:da:6f:3f:e3:2c:07:99:70:45:
7a:aa:b7:1e:05:09:a7:cb:f0:93:cc:df:69:52:31:
05:ed:c5:f7:b1:65:5f:6e:87:e1:fb:f4:3e:fd:8a:
8a:35:79:e1:dd:70:2a:7f:c1:37:c8:a0:38:38:95:
fa:62:3f:7a:3d:e7:59:a8:cc:a7:f8:fe:c0:7d:56:
ff:61:15:39:f7:5d:64:70:a4:3a:07:d4:d1:4a:5c:
b3:52:d5:b3:22:9e:49:30:20:71:b2:f5:7e:2c:ca:
ec:dc:f7:ca:63:06:bc:fe:73:4f:de:2f:4f:6f:4d:
14:38:cd:97:0f:3d:1f:ea:1f:5c:42:2f:d8:fe:0d:
26:d9:ae:da:e0:f7:a6:30:6e:09:e3:8f:da:d8:20:
0e:e2:dd:74:aa:94:f2:f4:30:ba:74:a3:b4:74:a6:
35:d5:92:b1:57:7b:ff:ce:b0:43:55:bb:ee:8e:4e:
a7:d0:ad:d8:9c:04:dc:c9:32:b9:f8:56:46:52:2d:
65:be:0e:2e:c5:60:68:bf:68:7b:e4:72:d5:d0:96:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F4:81:5D:AF:B8:71:9F:4A:35:44:E7:97:F0:A7:B7:1E:2E:75:B8
X509v3 Authority Key Identifier:
keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/2vSBXa-4cZ9KNUTnl_Cntx4udbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.195.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:92:63:11:42:29:fe:04:55:21:ab:4f:3e:0c:b8:b0:34:f7:
53:3c:42:0c:0e:bc:23:a6:78:37:4a:68:c3:cc:01:e6:d2:52:
70:cf:b1:15:f4:54:ca:84:e7:24:a8:86:6d:09:87:93:71:1c:
b2:5d:6f:fa:79:4d:e4:dc:b5:f4:34:47:68:ac:64:71:87:b2:
68:06:33:a0:87:d7:21:46:7e:a3:dd:4b:bc:f6:a9:03:17:91:
96:e6:30:c7:64:1b:01:bf:7e:d4:4c:ea:0a:60:5d:c4:1c:c7:
8d:89:7c:6e:bc:54:dc:d9:f1:14:0d:e5:05:33:3a:ac:7b:bc:
36:7a:ab:9b:2a:14:a6:b6:e0:17:16:af:f7:b7:4e:8e:9f:ac:
04:14:35:b3:c9:ca:c2:5a:e4:d4:f6:8a:8b:7f:dc:11:e0:6a:
ee:2c:e5:e5:1d:e9:36:17:3e:c4:3a:8f:b0:28:cf:57:23:97:
bd:21:32:a1:cd:bc:9b:31:3c:1e:c5:75:3d:b2:6d:ae:29:91:
c3:57:37:99:fc:39:6f:d4:53:54:97:0b:02:2c:ba:3b:8f:6d:
ec:e3:3c:08:1a:a3:26:7a:0d:90:cc:fb:c5:fc:1c:d3:fe:2d:
ca:a0:92:78:a0:6a:ae:1a:28:8f:54:57:41:c2:1b:01:71:9e:
66:15:e5:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+g2RBjlF/lyozQpbSyG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWY0ODE1ZGFmYjg3MTlmNGEzNTQ0ZTc5N2YwYTdiNzFlMmU3NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2/rqwaDcg5kqnahGr1x5/sEq+7H
sozbO0DkXGqxVMr+z+C9vG2nn3wGA1lJak2679jabz/jLAeZcEV6qrceBQmny/CT
zN9pUjEF7cX3sWVfbofh+/Q+/YqKNXnh3XAqf8E3yKA4OJX6Yj96PedZqMyn+P7A
fVb/YRU5911kcKQ6B9TRSlyzUtWzIp5JMCBxsvV+LMrs3PfKYwa8/nNP3i9Pb00U
OM2XDz0f6h9cQi/Y/g0m2a7a4PemMG4J44/a2CAO4t10qpTy9DC6dKO0dKY11ZKx
V3v/zrBDVbvujk6n0K3YnATcyTK5+FZGUi1lvg4uxWBov2h75HLV0JbeyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNr0gV2vuHGfSjVE55fwp7ceLnW4MB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvMnZTQlhhLTRjWjlLTlVUbmxfQ250eDR1ZGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSvDMA0G
CSqGSIb3DQEBCwUAA4IBAQAekmMRQin+BFUhq08+DLiwNPdTPEIMDrwjpng3SmjD
zAHm0lJwz7EV9FTKhOckqIZtCYeTcRyyXW/6eU3k3LX0NEdorGRxh7JoBjOgh9ch
Rn6j3Uu89qkDF5GW5jDHZBsBv37UTOoKYF3EHMeNiXxuvFTc2fEUDeUFMzqse7w2
equbKhSmtuAXFq/3t06On6wEFDWzycrCWuTU9oqLf9wR4GruLOXlHek2Fz7EOo+w
KM9XI5e9ITKhzbybMTwexXU9sm2uKZHDVzeZ/Dlv1FNUlwsCLLo7j23s4zwIGqMm
eg2QzPvF/BzT/i3KoJJ4oGquGiiPVFdBwhsBcZ5mFeXz
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:52:51 2025 by rpki-client