Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/Vh9zdU6UPXBw1wsGMQVn_pjjotw.roa
File: Vh9zdU6UPXBw1wsGMQVn_pjjotw.roa (raw, json)
Hash identifier: RHQ7Mk9Ul2niP+vY1weS4xjGH8dOqLq3Efjab5Bc1HU=
Subject key identifier: 56:1F:73:75:4E:94:3D:70:70:D7:0B:06:31:05:67:FE:98:E3:A2:DC
Certificate issuer: /CN=7d0b44e492549e1b7da532c80c348850c5a44e80
Certificate serial: 019424B2A4246C8F380210700F01C6545650
Authority key identifier: 7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/Vh9zdU6UPXBw1wsGMQVn_pjjotw.roa
Signing time: Thu 02 Jan 2025 01:47:54 +0000
ROA not before: Thu 02 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.83.40.0/22 maxlen: 22
2a05:9800::/29 maxlen: 29
2a05:9800::/32 maxlen: 32
2a05:9804::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a4:24:6c:8f:38:02:10:70:0f:01:c6:54:56:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0b44e492549e1b7da532c80c348850c5a44e80
Validity
Not Before: Jan 2 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=561f73754e943d7070d70b06310567fe98e3a2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a7:69:6f:5a:2b:ee:eb:6b:af:c1:5b:72:63:
10:f4:2f:47:d5:56:4c:77:58:aa:bc:ac:d6:26:01:
65:1f:2f:30:82:ea:21:2d:89:a4:95:0f:c2:dc:87:
64:cf:40:12:90:bb:07:a9:f4:63:76:4d:ad:f7:47:
2e:58:ca:75:39:1b:f6:76:57:ab:04:fc:5f:7e:75:
86:75:c7:35:2d:7f:61:78:bb:b4:28:99:79:44:78:
ee:64:56:f0:16:23:03:af:80:b3:fb:41:79:e2:61:
48:ad:e8:f7:f6:bc:97:aa:77:3a:d3:de:1e:ac:c4:
fe:d0:b9:e4:ae:d9:2d:63:36:d5:79:9b:3b:24:14:
9e:ee:ce:44:53:47:81:71:5b:95:e1:70:1e:0c:3b:
60:d7:fe:a7:f1:e0:d8:28:76:5c:cb:48:d0:ad:27:
84:01:b0:d4:0a:e7:3e:10:db:e4:88:e5:b6:20:64:
b5:e7:46:96:ca:8f:ed:58:19:73:f0:36:06:6b:c5:
6e:d5:80:7f:52:ee:53:f6:78:3b:89:49:2a:59:bf:
7b:c4:64:6b:dc:3a:67:87:cf:23:a0:77:b8:22:ac:
10:af:b0:e0:41:aa:37:14:7c:10:f3:34:04:c5:9b:
7c:3f:8b:f4:31:ee:70:82:00:07:05:e2:bb:09:56:
b3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1F:73:75:4E:94:3D:70:70:D7:0B:06:31:05:67:FE:98:E3:A2:DC
X509v3 Authority Key Identifier:
keyid:7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/Vh9zdU6UPXBw1wsGMQVn_pjjotw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.40.0/22
IPv6:
2a05:9800::/29
Signature Algorithm: sha256WithRSAEncryption
7c:f6:9a:1a:cd:34:8f:46:d4:d7:6b:99:ed:cf:d8:a4:b7:9f:
58:29:29:12:73:62:74:89:0a:e1:da:fc:e2:0a:27:48:fd:9b:
1a:08:66:b0:a3:7a:23:10:dc:ba:11:8d:bf:9a:04:93:68:56:
85:87:66:72:c2:1e:e4:c1:8e:c2:16:9d:74:76:dc:38:4e:63:
8f:43:83:5d:f0:15:ef:d1:12:32:5c:cd:a3:e9:a2:c4:27:20:
38:fe:e9:02:e4:39:b5:c3:25:0f:2d:bf:b1:0f:14:7f:c9:10:
0c:0f:0d:3b:82:6f:41:cd:96:5d:21:a1:33:9a:8a:00:61:92:
ce:14:95:1d:fd:5b:81:1f:af:84:12:cb:30:87:08:95:95:58:
45:17:14:91:be:e0:61:36:41:9e:45:35:6e:9c:b9:57:07:eb:
e5:9f:d2:15:2c:5a:bd:f7:d5:35:36:c7:e9:cc:fc:e7:dc:28:
e0:d9:73:f1:ff:26:1a:ae:a3:63:78:19:7e:99:80:c9:38:a9:
a9:4c:25:55:b5:d1:16:bc:15:ad:26:c9:5f:90:83:e2:a0:fc:
5b:3a:75:73:5a:ab:1e:81:1c:89:1d:54:56:c7:3e:00:de:e5:
0c:56:2d:3c:87:f6:f1:7a:22:16:df:59:39:3e:ea:dd:47:a7:
6a:7e:8d:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksqQkbI84AhBwDwHGVFZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGI0NGU0OTI1NDllMWI3ZGE1MzJjODBjMzQ4ODUwYzVh
NDRlODAwHhcNMjUwMTAyMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFmNzM3NTRlOTQzZDcwNzBkNzBiMDYzMTA1NjdmZTk4ZTNhMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8adpb1or7utrr8FbcmMQ9C9H1VZM
d1iqvKzWJgFlHy8wguohLYmklQ/C3Idkz0ASkLsHqfRjdk2t90cuWMp1ORv2dler
BPxffnWGdcc1LX9heLu0KJl5RHjuZFbwFiMDr4Cz+0F54mFIrej39ryXqnc6094e
rMT+0LnkrtktYzbVeZs7JBSe7s5EU0eBcVuV4XAeDDtg1/6n8eDYKHZcy0jQrSeE
AbDUCuc+ENvkiOW2IGS150aWyo/tWBlz8DYGa8Vu1YB/Uu5T9ng7iUkqWb97xGRr
3Dpnh88joHe4IqwQr7DgQao3FHwQ8zQExZt8P4v0Me5wggAHBeK7CVazZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFYfc3VOlD1wcNcLBjEFZ/6Y46LcMB8GA1UdIwQY
MBaAFH0LROSSVJ4bfaUyyAw0iFDFpE6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDct
NzIwNGI4MTEyNTBmLzEvVmg5emRVNlVQWEJ3MXdzR01RVm5fcGpqb3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDctNzIwNGI4MTEyNTBm
LzEvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVMoMA0E
AgACMAcDBQMqBZgAMA0GCSqGSIb3DQEBCwUAA4IBAQB89poazTSPRtTXa5ntz9ik
t59YKSkSc2J0iQrh2vziCidI/ZsaCGawo3ojENy6EY2/mgSTaFaFh2Zywh7kwY7C
Fp10dtw4TmOPQ4Nd8BXv0RIyXM2j6aLEJyA4/ukC5Dm1wyUPLb+xDxR/yRAMDw07
gm9BzZZdIaEzmooAYZLOFJUd/VuBH6+EEsswhwiVlVhFFxSRvuBhNkGeRTVunLlX
B+vln9IVLFq999U1NsfpzPzn3Cjg2XPx/yYarqNjeBl+mYDJOKmpTCVVtdEWvBWt
JslfkIPioPxbOnVzWqsegRyJHVRWxz4A3uUMVi08h/bxeiIW31k5PurdR6dqfo0C
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:56 2025 by rpki-client