Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/9dm3RFT9BYoMAAVpyE60LHFzSlc.roa
File: 9dm3RFT9BYoMAAVpyE60LHFzSlc.roa (raw, json)
Hash identifier: uwrhQ0q4VpiHZaTRgjsMBaRGiUAzHgpiv2VyGMcmfoA=
Subject key identifier: F5:D9:B7:44:54:FD:05:8A:0C:00:05:69:C8:4E:B4:2C:71:73:4A:57
Certificate issuer: /CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Certificate serial: 01942368C6CFF787436FC0A8B13ED682A823
Authority key identifier: FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/9dm3RFT9BYoMAAVpyE60LHFzSlc.roa
Signing time: Wed 01 Jan 2025 19:47:36 +0000
ROA not before: Wed 01 Jan 2025 19:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.187.123.0/24 maxlen: 24
2a0b:9e80:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c6:cf:f7:87:43:6f:c0:a8:b1:3e:d6:82:a8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Validity
Not Before: Jan 1 19:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5d9b74454fd058a0c000569c84eb42c71734a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f9:e8:f2:c5:cd:14:9b:d0:1a:4c:aa:b4:35:
1c:0c:cf:53:09:8c:0f:2a:4f:76:99:2e:80:0b:c2:
b8:76:0b:51:f5:30:9c:9b:40:fc:b0:b5:4b:b2:f4:
fa:c5:71:f2:3c:dd:2d:a0:4e:de:3d:b2:0b:47:5d:
1e:94:ed:ef:b7:63:0f:5b:82:6c:58:9c:80:07:2b:
b2:6b:35:d3:20:7e:9f:80:d7:07:c2:cb:ca:02:b5:
7e:66:5c:97:49:db:13:f4:67:0f:b2:2d:3d:9c:04:
28:ed:9b:f4:ce:99:0c:01:b7:3f:c7:dc:a4:12:f4:
b0:55:99:1c:ad:8d:06:3e:bd:38:25:29:bf:f7:28:
e3:ad:bb:aa:f5:73:10:3f:d8:ba:c1:fa:2b:e8:54:
ae:23:62:ab:f9:c0:86:a0:11:4f:e9:33:9d:84:fd:
12:fc:0c:58:02:bd:a5:bc:26:d5:ce:ff:5f:0c:b1:
64:1d:db:d0:f8:9d:2b:50:9e:09:4f:52:9e:df:16:
53:0c:36:8a:af:1b:07:4c:b7:61:2a:7b:c9:f9:8e:
00:38:45:c0:b0:94:db:be:ed:c9:df:14:73:16:95:
fe:32:2c:b0:7a:84:78:80:bc:36:07:1f:12:a0:41:
b7:61:c8:10:39:0d:da:d6:12:52:12:a3:fe:ad:b5:
f1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D9:B7:44:54:FD:05:8A:0C:00:05:69:C8:4E:B4:2C:71:73:4A:57
X509v3 Authority Key Identifier:
keyid:FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/9dm3RFT9BYoMAAVpyE60LHFzSlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.123.0/24
IPv6:
2a0b:9e80:2000::/48
Signature Algorithm: sha256WithRSAEncryption
58:97:47:1c:e0:9f:dd:6a:85:7f:8a:db:fb:a7:20:0e:44:fa:
a5:9c:8c:5d:94:6a:87:32:9f:7b:3b:f7:81:ab:53:34:6d:73:
0d:38:45:10:cb:e8:3c:4c:e9:0e:60:97:7a:19:9b:c5:9e:01:
1a:09:e5:43:26:98:5f:4e:e1:f7:f8:72:e1:e8:6f:f0:56:7a:
57:24:f0:cb:67:d0:ba:13:f7:a8:da:f0:fa:b9:2f:97:35:f3:
9f:0f:f7:21:ab:10:5d:23:bb:21:af:76:af:59:a8:d5:85:a7:
bf:18:e5:6d:39:4d:ac:11:cd:80:16:1d:f0:c9:a8:a4:97:9e:
a6:53:ce:12:ee:59:e5:4c:16:f6:8d:e8:8e:12:f4:c2:09:70:
13:62:9e:c4:a8:50:61:8e:f0:84:43:a9:ea:0c:4e:12:45:3d:
f8:7e:02:10:82:03:53:87:68:c0:67:31:1f:4b:7e:ee:ca:d3:
4c:e8:d3:c6:7b:22:53:55:20:af:da:99:f0:52:4c:0c:40:ac:
b8:3b:d7:91:cc:69:a3:54:18:36:25:fe:69:42:d4:54:1b:ba:
73:1b:7a:7d:be:87:a8:5b:67:9d:48:bc:55:ac:23:34:f4:59:
8b:9b:f7:ba:10:c0:87:7e:dd:d1:0f:d0:c8:79:2f:37:13:4e:
54:23:05:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjaMbP94dDb8CosT7WgqgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjI1NjJjYWU4NzNmNGZjNGEzMjMyYmY0OWRkNTM0M2I3
MDg0ZjkwHhcNMjUwMTAxMTk0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ5Yjc0NDU0ZmQwNThhMGMwMDA1NjljODRlYjQyYzcxNzM0YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPno8sXNFJvQGkyqtDUcDM9TCYwP
Kk92mS6AC8K4dgtR9TCcm0D8sLVLsvT6xXHyPN0toE7ePbILR10elO3vt2MPW4Js
WJyAByuyazXTIH6fgNcHwsvKArV+ZlyXSdsT9GcPsi09nAQo7Zv0zpkMAbc/x9yk
EvSwVZkcrY0GPr04JSm/9yjjrbuq9XMQP9i6wfor6FSuI2Kr+cCGoBFP6TOdhP0S
/AxYAr2lvCbVzv9fDLFkHdvQ+J0rUJ4JT1Ke3xZTDDaKrxsHTLdhKnvJ+Y4AOEXA
sJTbvu3J3xRzFpX+MiyweoR4gLw2Bx8SoEG3YcgQOQ3a1hJSEqP+rbXxVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPXZt0RU/QWKDAAFachOtCxxc0pXMB8GA1UdIwQY
MBaAFP9iViyuhz9PxKMjK/Sd1TQ7cIT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEt
ODhmN2I5MWI2ZTMyLzEvOWRtM1JGVDlCWW9NQUFWcHlFNjBMSEZ6U2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEtODhmN2I5MWI2ZTMy
LzEvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubt7MA8E
AgACMAkDBwAqC56AIAAwDQYJKoZIhvcNAQELBQADggEBAFiXRxzgn91qhX+K2/un
IA5E+qWcjF2Uaocyn3s794GrUzRtcw04RRDL6DxM6Q5gl3oZm8WeARoJ5UMmmF9O
4ff4cuHob/BWelck8Mtn0LoT96ja8Pq5L5c1858P9yGrEF0juyGvdq9ZqNWFp78Y
5W05TawRzYAWHfDJqKSXnqZTzhLuWeVMFvaN6I4S9MIJcBNinsSoUGGO8IRDqeoM
ThJFPfh+AhCCA1OHaMBnMR9Lfu7K00zo08Z7IlNVIK/amfBSTAxArLg715HMaaNU
GDYl/mlC1FQbunMben2+h6hbZ51IvFWsIzT0WYub97oQwId+3dEP0Mh5LzcTTlQj
BZM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:41:12 2025 by rpki-client