Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/m1aho7A62fK7s2UNnicExFjE6us.roa
File: m1aho7A62fK7s2UNnicExFjE6us.roa (raw, json)
Hash identifier: ADQVW+bl8YrIssIav1fCxE/xWNAztKLL5kf78n8W9UA=
Subject key identifier: 9B:56:A1:A3:B0:3A:D9:F2:BB:B3:65:0D:9E:27:04:C4:58:C4:EA:EB
Certificate issuer: /CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
Certificate serial: 019426D93C5B8B5095ADA3F54FC898CF536E
Authority key identifier: FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/m1aho7A62fK7s2UNnicExFjE6us.roa
Signing time: Thu 02 Jan 2025 11:49:18 +0000
ROA not before: Thu 02 Jan 2025 11:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.109.0/24 maxlen: 24
2001:7f8:c3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:3c:5b:8b:50:95:ad:a3:f5:4f:c8:98:cf:53:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
Validity
Not Before: Jan 2 11:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b56a1a3b03ad9f2bbb3650d9e2704c458c4eaeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2d:95:8c:6d:33:b6:b9:67:d9:3c:09:3f:ea:
b4:3c:4d:73:c3:72:4a:00:d7:30:bd:f3:93:cb:2f:
d0:fb:9c:93:ad:b4:dd:83:ce:cb:42:0a:a5:e3:7d:
c6:28:29:db:f8:e1:d7:ec:58:9f:2f:7c:54:99:db:
76:f4:da:f3:6f:29:e8:69:f0:ac:6e:ab:8f:9b:e2:
95:8e:d5:80:e0:9d:a1:ba:ff:d9:82:36:8e:45:fa:
96:9c:ef:ca:b0:4e:f3:58:62:1d:fb:f3:7b:79:2f:
04:e4:73:bc:fd:aa:8d:a2:af:39:48:c7:18:28:1e:
d5:1f:8b:90:5b:28:21:71:c6:a1:99:79:d8:ee:84:
fd:68:0a:f2:0b:a8:50:4d:48:e1:45:d1:73:1d:2c:
c4:e3:1b:6e:f6:65:ec:5d:ac:de:54:8e:c0:ce:d9:
e3:b4:63:ca:fc:f0:fb:ed:03:21:dd:3f:a9:b1:ff:
dd:45:72:6d:5e:10:28:ee:6e:32:12:53:35:18:51:
30:cd:d1:1d:c3:88:e7:66:a8:47:79:70:2d:7e:de:
c3:cc:41:fa:b8:fc:64:cc:99:80:68:77:ad:02:a5:
c6:db:82:2a:88:5f:ec:b6:53:dd:49:06:88:f9:41:
d4:8f:2a:00:51:30:10:d3:98:51:1f:09:72:99:8e:
bd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:56:A1:A3:B0:3A:D9:F2:BB:B3:65:0D:9E:27:04:C4:58:C4:EA:EB
X509v3 Authority Key Identifier:
keyid:FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/m1aho7A62fK7s2UNnicExFjE6us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/_H1Kt3YauiTzPVtt-8J8q3OLte4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.109.0/24
IPv6:
2001:7f8:c3::/48
Signature Algorithm: sha256WithRSAEncryption
3c:00:09:fc:aa:de:35:ab:de:32:4b:de:40:3a:1d:94:e8:52:
84:27:16:a7:e8:29:37:0d:75:9e:b7:a3:8c:52:15:f6:75:19:
48:96:02:a6:d8:bd:6c:58:48:aa:8a:e3:03:57:d6:45:31:f9:
17:d7:bd:8d:11:e2:f6:a4:c8:71:be:d2:b5:e0:33:04:d6:04:
fe:5e:b5:a4:ce:bb:e7:2c:c9:b7:e9:fe:6d:d9:61:92:2a:7b:
db:9a:7f:36:0d:d1:f2:e6:03:6f:cc:38:df:e0:ca:64:d9:c2:
b3:71:64:d1:c8:75:cb:1f:ad:19:cc:dd:d5:6c:d0:e4:5e:e6:
56:ee:30:93:d9:e4:3d:41:8b:b2:16:79:99:be:b6:94:21:2b:
72:3e:98:5c:4e:f9:37:ec:3d:60:94:94:20:ac:a9:c9:9c:cc:
99:56:2c:b4:5a:74:89:89:35:0a:c6:5e:35:f9:2d:89:b9:e0:
ef:3a:b8:4d:c6:9a:16:a5:42:67:73:40:0d:4e:7c:45:c0:1c:
b0:34:1c:32:13:57:7f:ba:44:63:95:1c:39:a6:27:93:e9:f2:
5c:15:91:50:71:f0:73:b7:2e:3f:7b:16:62:fa:d8:ea:40:e5:
7c:44:a3:eb:08:3f:88:f2:04:2b:f5:d0:ee:33:7e:14:44:ef:
f6:4a:1c:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2Txbi1CVraP1T8iYz1NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjN2Q0YWI3NzYxYWJhMjRmMzNkNWI2ZGZiYzI3Y2FiNzM4
YmI1ZWUwHhcNMjUwMTAyMTE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU2YTFhM2IwM2FkOWYyYmJiMzY1MGQ5ZTI3MDRjNDU4YzRlYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy2VjG0ztrln2TwJP+q0PE1zw3JK
ANcwvfOTyy/Q+5yTrbTdg87LQgql433GKCnb+OHX7FifL3xUmdt29NrzbynoafCs
bquPm+KVjtWA4J2huv/ZgjaORfqWnO/KsE7zWGId+/N7eS8E5HO8/aqNoq85SMcY
KB7VH4uQWyghccahmXnY7oT9aAryC6hQTUjhRdFzHSzE4xtu9mXsXazeVI7Aztnj
tGPK/PD77QMh3T+psf/dRXJtXhAo7m4yElM1GFEwzdEdw4jnZqhHeXAtft7DzEH6
uPxkzJmAaHetAqXG24IqiF/stlPdSQaI+UHUjyoAUTAQ05hRHwlymY69/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJtWoaOwOtnyu7NlDZ4nBMRYxOrrMB8GA1UdIwQY
MBaAFPx9Srd2Grok8z1bbfvCfKtzi7XuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYt
NDUyZWMzYTk1ODhiLzEvbTFhaG83QTYyZks3czJVTm5pY0V4RmpFNnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYtNDUyZWMzYTk1ODhi
LzEvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFtMA8E
AgACMAkDBwAgAQf4AMMwDQYJKoZIhvcNAQELBQADggEBADwACfyq3jWr3jJL3kA6
HZToUoQnFqfoKTcNdZ63o4xSFfZ1GUiWAqbYvWxYSKqK4wNX1kUx+RfXvY0R4vak
yHG+0rXgMwTWBP5etaTOu+csybfp/m3ZYZIqe9uafzYN0fLmA2/MON/gymTZwrNx
ZNHIdcsfrRnM3dVs0ORe5lbuMJPZ5D1Bi7IWeZm+tpQhK3I+mFxO+TfsPWCUlCCs
qcmczJlWLLRadImJNQrGXjX5LYm54O86uE3GmhalQmdzQA1OfEXAHLA0HDITV3+6
RGOVHDmmJ5Pp8lwVkVBx8HO3Lj97FmL62OpA5XxEo+sIP4jyBCv10O4zfhRE7/ZK
HBI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:29 2025 by rpki-client