Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/9KG_X1JcHTmSDP-JQ2rjaLf8dF0.roa
File: 9KG_X1JcHTmSDP-JQ2rjaLf8dF0.roa (raw, json)
Hash identifier: IJsz7QtJODgr4XlSOlR3sVLiifHafwYANxLLuTbye5I=
Subject key identifier: F4:A1:BF:5F:52:5C:1D:39:92:0C:FF:89:43:6A:E3:68:B7:FC:74:5D
Certificate issuer: /CN=78703e7a62309bf027c1f10536926a19b7f14b1e
Certificate serial: 0194236A1BC676C4AB228ED7FD8A5D021573
Authority key identifier: 78:70:3E:7A:62:30:9B:F0:27:C1:F1:05:36:92:6A:19:B7:F1:4B:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHA-emIwm_AnwfEFNpJqGbfxSx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/9KG_X1JcHTmSDP-JQ2rjaLf8dF0.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50629
IP address blocks: 185.117.212.0/23 maxlen: 23
2a06:8780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1b:c6:76:c4:ab:22:8e:d7:fd:8a:5d:02:15:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78703e7a62309bf027c1f10536926a19b7f14b1e
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4a1bf5f525c1d39920cff89436ae368b7fc745d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:69:00:ee:4e:e7:4e:5b:e6:d4:87:d9:37:c9:
55:b0:e2:65:b6:9d:9a:7c:39:aa:2b:77:b4:7f:54:
c4:dd:3d:4c:86:77:21:8d:2e:ea:c8:9a:26:5b:7e:
6f:df:ee:94:08:50:3f:f9:26:bf:70:9a:4c:14:f1:
1b:fd:ec:7c:e7:cb:30:fd:49:b5:4b:9f:3d:18:4f:
59:ce:c3:3f:fd:14:4e:06:ab:8f:76:a4:18:a3:24:
17:3d:5b:7a:cd:84:ed:e9:25:fc:a4:b3:d7:fa:11:
05:ac:36:3b:3c:d9:69:81:cf:a2:15:57:68:35:0e:
10:7e:dd:16:13:d1:d8:0a:e8:e1:7e:52:e2:d3:06:
27:73:65:f0:c4:29:1d:ee:ce:97:ff:50:ed:dc:ac:
63:b4:1c:06:38:f1:f8:3e:4b:7d:6c:5f:85:62:94:
c4:df:53:80:ce:6a:a8:33:1b:23:51:1f:cb:87:63:
24:aa:cc:29:6b:ac:84:69:bc:85:24:8b:c0:e1:60:
3c:8c:aa:f7:d7:be:2a:29:e1:2a:70:9a:16:63:5e:
4e:04:7d:2b:be:6e:57:2d:c1:ee:2c:1d:a5:89:a7:
23:fe:9e:eb:65:e9:9e:1e:ec:75:6d:d6:07:4e:49:
90:51:b5:5f:75:db:20:8e:95:52:3a:3a:72:76:a4:
e3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A1:BF:5F:52:5C:1D:39:92:0C:FF:89:43:6A:E3:68:B7:FC:74:5D
X509v3 Authority Key Identifier:
keyid:78:70:3E:7A:62:30:9B:F0:27:C1:F1:05:36:92:6A:19:B7:F1:4B:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHA-emIwm_AnwfEFNpJqGbfxSx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/9KG_X1JcHTmSDP-JQ2rjaLf8dF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/eHA-emIwm_AnwfEFNpJqGbfxSx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.212.0/23
IPv6:
2a06:8780::/32
Signature Algorithm: sha256WithRSAEncryption
84:93:98:e0:33:42:7e:b7:3c:67:96:f8:99:e7:ca:a9:fc:4b:
63:18:5b:39:0d:20:72:73:08:11:a4:d3:96:3e:e5:9c:11:f2:
a2:f3:21:9b:56:80:f2:2d:05:21:1b:e0:71:91:2f:47:9e:f2:
54:b0:aa:f1:04:33:b8:4e:d5:77:70:82:50:f9:f6:b0:62:31:
c8:ab:ac:1b:c5:c2:68:33:94:f5:3c:4b:fe:df:97:86:3c:d3:
44:9e:64:d8:55:d8:64:81:dc:56:1c:02:2d:61:35:ad:44:0a:
06:2e:b3:9f:95:0f:22:de:11:87:0c:9f:1d:78:f0:03:b8:35:
b5:e5:63:5a:80:67:e5:b2:54:8d:e5:44:b8:cf:9e:7f:cf:d6:
54:6d:48:05:39:eb:1e:79:81:50:d2:57:d5:41:f5:b9:f1:4b:
78:af:50:cb:5f:3a:97:75:96:47:0b:ca:97:74:6a:f0:c2:59:
48:24:cc:b9:fc:01:e9:71:ee:4d:55:a3:0c:82:c5:1b:e3:45:
5f:6d:75:77:07:29:97:f0:3b:47:f4:90:a5:f7:ec:41:87:c7:
6e:12:d2:02:07:46:be:25:c8:75:4c:24:f4:2e:84:6d:8b:11:
fb:d6:52:33:89:15:ef:69:23:60:d5:d2:3a:55:c9:26:4c:5f:
e8:47:ae:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjahvGdsSrIo7X/YpdAhVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzAzZTdhNjIzMDliZjAyN2MxZjEwNTM2OTI2YTE5Yjdm
MTRiMWUwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGExYmY1ZjUyNWMxZDM5OTIwY2ZmODk0MzZhZTM2OGI3ZmM3NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2kA7k7nTlvm1IfZN8lVsOJltp2a
fDmqK3e0f1TE3T1MhnchjS7qyJomW35v3+6UCFA/+Sa/cJpMFPEb/ex858sw/Um1
S589GE9ZzsM//RROBquPdqQYoyQXPVt6zYTt6SX8pLPX+hEFrDY7PNlpgc+iFVdo
NQ4Qft0WE9HYCujhflLi0wYnc2XwxCkd7s6X/1Dt3KxjtBwGOPH4Pkt9bF+FYpTE
31OAzmqoMxsjUR/Lh2Mkqswpa6yEabyFJIvA4WA8jKr3174qKeEqcJoWY15OBH0r
vm5XLcHuLB2liacj/p7rZemeHux1bdYHTkmQUbVfddsgjpVSOjpydqTjewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPShv19SXB05kgz/iUNq42i3/HRdMB8GA1UdIwQY
MBaAFHhwPnpiMJvwJ8HxBTaSahm38UseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhBLWVtSXdtX0Fud2ZFRk5wSnFHYmZ4U3g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81ZmQ0YmYtNzRkOS00MDcyLWI1NTct
MDg0Y2NhMWM4NjIzLzEvOUtHX1gxSmNIVG1TRFAtSlEycmphTGY4ZEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81ZmQ0YmYtNzRkOS00MDcyLWI1NTctMDg0Y2NhMWM4NjIz
LzEvZUhBLWVtSXdtX0Fud2ZFRk5wSnFHYmZ4U3g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuXXUMA0E
AgACMAcDBQAqBoeAMA0GCSqGSIb3DQEBCwUAA4IBAQCEk5jgM0J+tzxnlviZ58qp
/EtjGFs5DSBycwgRpNOWPuWcEfKi8yGbVoDyLQUhG+BxkS9HnvJUsKrxBDO4TtV3
cIJQ+fawYjHIq6wbxcJoM5T1PEv+35eGPNNEnmTYVdhkgdxWHAItYTWtRAoGLrOf
lQ8i3hGHDJ8dePADuDW15WNagGflslSN5US4z55/z9ZUbUgFOeseeYFQ0lfVQfW5
8Ut4r1DLXzqXdZZHC8qXdGrwwllIJMy5/AHpce5NVaMMgsUb40VfbXV3BymX8DtH
9JCl9+xBh8duEtICB0a+Jch1TCT0LoRtixH71lIziRXvaSNg1dI6VckmTF/oR66V
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:30 2025 by rpki-client