Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d8e64d-9d6c-4149-a69a-79d52dc66926/1/iZXergsmx3c-YFSPwK1duaC7zXE.roa
File: iZXergsmx3c-YFSPwK1duaC7zXE.roa (raw, json)
Hash identifier: ux75uK3r8KWiMZRMZNyHuR7X45YAulKv87yeHOUi7Zc=
Subject key identifier: 89:95:DE:AE:0B:26:C7:77:3E:60:54:8F:C0:AD:5D:B9:A0:BB:CD:71
Certificate issuer: /CN=f5d412953ac06a7c52cb26796f8806b1bb859617
Certificate serial: 0194214428427AA7485A459A733A56598171
Authority key identifier: F5:D4:12:95:3A:C0:6A:7C:52:CB:26:79:6F:88:06:B1:BB:85:96:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dQSlTrAanxSyyZ5b4gGsbuFlhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d8e64d-9d6c-4149-a69a-79d52dc66926/1/iZXergsmx3c-YFSPwK1duaC7zXE.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203443
IP address blocks: 185.134.48.0/22 maxlen: 22
2a07:6800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:28:42:7a:a7:48:5a:45:9a:73:3a:56:59:81:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d412953ac06a7c52cb26796f8806b1bb859617
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8995deae0b26c7773e60548fc0ad5db9a0bbcd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:36:13:ab:de:e7:fe:01:cd:c7:e2:89:3d:8e:
d9:af:6c:48:8a:dc:76:7f:b3:89:fe:5f:22:dc:04:
59:ba:57:1a:8f:a6:cd:52:3a:70:e9:20:5c:cf:14:
eb:a6:84:7d:18:9a:06:12:b2:aa:bd:5d:2b:be:b9:
b3:a6:08:d6:88:39:1b:75:cc:31:c4:be:48:3b:45:
0f:79:83:9b:7c:ba:ee:c9:c4:b5:ff:ea:3c:eb:1a:
65:01:31:a0:dc:7c:de:27:15:ac:57:3b:26:e5:eb:
f7:27:6e:24:b1:8b:34:8b:41:8a:2d:9c:0e:b1:56:
c8:da:68:f8:32:d3:95:60:1e:41:5b:98:85:0c:0a:
ab:a7:5c:ec:fa:54:b1:e2:89:97:90:ab:84:c4:2b:
cd:a5:bb:66:ed:51:43:a1:82:08:67:7f:5d:99:b7:
ff:3e:24:5e:23:ae:b3:82:06:32:82:60:b2:5b:70:
1e:48:db:28:e0:7e:a4:d3:5c:3b:2d:7f:54:d8:01:
7c:f9:c8:cb:b9:de:52:3d:06:ff:f2:8f:a8:24:c5:
50:8e:98:ee:23:75:ea:18:97:8a:bf:99:fc:b2:a8:
e1:d5:3c:e4:0c:b6:2e:20:1b:ab:3d:ef:5f:f0:7d:
51:ab:be:df:2e:c3:1c:6e:a6:40:47:a1:44:6f:c9:
5c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:95:DE:AE:0B:26:C7:77:3E:60:54:8F:C0:AD:5D:B9:A0:BB:CD:71
X509v3 Authority Key Identifier:
keyid:F5:D4:12:95:3A:C0:6A:7C:52:CB:26:79:6F:88:06:B1:BB:85:96:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dQSlTrAanxSyyZ5b4gGsbuFlhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d8e64d-9d6c-4149-a69a-79d52dc66926/1/iZXergsmx3c-YFSPwK1duaC7zXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d8e64d-9d6c-4149-a69a-79d52dc66926/1/9dQSlTrAanxSyyZ5b4gGsbuFlhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.48.0/22
IPv6:
2a07:6800::/29
Signature Algorithm: sha256WithRSAEncryption
4b:e9:6c:f3:20:cc:bf:be:42:1b:18:1b:79:18:50:9f:c9:e3:
72:b0:8b:62:2e:6c:0f:d8:d9:84:5b:ab:f8:58:c6:2d:f4:c0:
c7:a8:96:45:9f:cd:38:21:48:15:8a:7b:05:8c:44:f9:fb:4a:
3f:25:0a:1e:66:c8:e0:f1:cd:02:8e:25:a6:5f:0d:ed:fd:82:
b9:84:31:48:b0:ca:7b:da:58:1c:78:49:92:3f:b9:a5:1c:e9:
72:f6:ae:7a:74:a3:25:e8:41:ec:b5:8b:73:01:f6:5e:d8:fb:
ab:f3:fa:f1:b1:e3:48:29:1a:67:86:3a:54:e3:09:d8:63:47:
98:82:0c:78:e8:39:b6:0a:ee:d1:ee:56:c1:43:4a:9a:c7:f9:
8b:9a:38:78:45:68:05:ca:d9:48:67:eb:17:f0:ff:cc:9f:c5:
14:7f:c5:98:ad:c7:57:e8:f0:6d:ce:8f:23:c5:87:51:93:13:
73:82:35:71:40:94:f9:23:37:93:0b:1f:3d:c3:9a:41:56:e3:
a1:f9:47:4a:88:34:b6:98:90:9a:bb:de:0c:b3:f7:51:84:e5:
f5:63:0b:03:01:05:4d:ea:8c:e3:25:a5:05:20:6d:69:46:ab:
e6:1e:76:e9:ff:11:2e:9c:6b:7e:61:d6:3e:6a:70:ed:a7:95:
3a:b6:c4:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRChCeqdIWkWaczpWWYFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDQxMjk1M2FjMDZhN2M1MmNiMjY3OTZmODgwNmIxYmI4
NTk2MTcwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk1ZGVhZTBiMjZjNzc3M2U2MDU0OGZjMGFkNWRiOWEwYmJjZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDYTq97n/gHNx+KJPY7Zr2xIitx2
f7OJ/l8i3ARZulcaj6bNUjpw6SBczxTrpoR9GJoGErKqvV0rvrmzpgjWiDkbdcwx
xL5IO0UPeYObfLruycS1/+o86xplATGg3HzeJxWsVzsm5ev3J24ksYs0i0GKLZwO
sVbI2mj4MtOVYB5BW5iFDAqrp1zs+lSx4omXkKuExCvNpbtm7VFDoYIIZ39dmbf/
PiReI66zggYygmCyW3AeSNso4H6k01w7LX9U2AF8+cjLud5SPQb/8o+oJMVQjpju
I3XqGJeKv5n8sqjh1TzkDLYuIBurPe9f8H1Rq77fLsMcbqZAR6FEb8lcKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFImV3q4LJsd3PmBUj8CtXbmgu81xMB8GA1UdIwQY
MBaAFPXUEpU6wGp8UssmeW+IBrG7hZYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRRU2xUckFhbnhTeXlaNWI0Z0dzYnVGbGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kOGU2NGQtOWQ2Yy00MTQ5LWE2OWEt
NzlkNTJkYzY2OTI2LzEvaVpYZXJnc214M2MtWUZTUHdLMWR1YUM3elhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kOGU2NGQtOWQ2Yy00MTQ5LWE2OWEtNzlkNTJkYzY2OTI2
LzEvOWRRU2xUckFhbnhTeXlaNWI0Z0dzYnVGbGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYYwMA0E
AgACMAcDBQMqB2gAMA0GCSqGSIb3DQEBCwUAA4IBAQBL6WzzIMy/vkIbGBt5GFCf
yeNysItiLmwP2NmEW6v4WMYt9MDHqJZFn804IUgVinsFjET5+0o/JQoeZsjg8c0C
jiWmXw3t/YK5hDFIsMp72lgceEmSP7mlHOly9q56dKMl6EHstYtzAfZe2Pur8/rx
seNIKRpnhjpU4wnYY0eYggx46Dm2Cu7R7lbBQ0qax/mLmjh4RWgFytlIZ+sX8P/M
n8UUf8WYrcdX6PBtzo8jxYdRkxNzgjVxQJT5IzeTCx89w5pBVuOh+UdKiDS2mJCa
u94Ms/dRhOX1YwsDAQVN6ozjJaUFIG1pRqvmHnbp/xEunGt+YdY+anDtp5U6tsTE
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:36 2025 by rpki-client