Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/8P6Z9Cx8SWSZTkyVumdiUHtewDA.roa
File: 8P6Z9Cx8SWSZTkyVumdiUHtewDA.roa (raw, json)
Hash identifier: TjOKj4a+PWeCDJb76vAZsC0563BFTc5omsFst4XIgOg=
Subject key identifier: F0:FE:99:F4:2C:7C:49:64:99:4E:4C:95:BA:67:62:50:7B:5E:C0:30
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0194266BDB42785C197B9838A326C26D99DB
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/8P6Z9Cx8SWSZTkyVumdiUHtewDA.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209622
IP address blocks: 185.131.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:db:42:78:5c:19:7b:98:38:a3:26:c2:6d:99:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0fe99f42c7c4964994e4c95ba6762507b5ec030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:4a:2a:95:51:b3:c5:7e:72:d0:b4:ab:b0:
59:91:68:a9:c7:85:11:78:73:ea:d4:aa:33:04:73:
1b:40:82:85:14:04:e2:b1:b4:14:5a:ea:8e:2b:88:
55:02:53:16:87:74:71:a0:eb:ed:50:b9:92:73:3d:
33:5d:2b:ac:c1:a2:03:c7:d5:f4:39:53:ae:6b:d4:
be:56:4b:a1:7c:4b:68:9f:55:f3:33:d6:53:b4:57:
ed:16:73:69:72:b2:41:13:11:c6:91:1a:d5:6e:32:
bb:03:85:8d:2a:53:97:d7:2e:fb:31:fa:80:3a:9e:
a0:b6:40:f5:f1:39:de:82:e4:36:73:70:9d:a9:e0:
69:97:a2:70:58:1a:82:66:91:b8:2d:d7:02:6f:7e:
41:8c:e5:16:a6:2d:ec:6a:ea:30:fe:22:6a:ce:49:
a0:c0:58:a2:70:c3:d3:81:36:21:7b:75:c6:1c:ea:
a6:d2:05:b3:82:a6:1a:c1:dd:06:6c:27:f6:26:38:
d0:39:90:17:18:fb:8e:5f:7b:25:1e:a2:6f:ac:af:
7f:96:0c:19:5b:6d:6b:0a:21:86:ff:63:64:c4:9b:
af:81:04:a9:eb:8f:f9:93:ab:a4:35:53:4d:bf:5e:
00:61:3d:31:72:eb:00:3a:0b:dc:55:cb:f1:e4:8f:
5b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FE:99:F4:2C:7C:49:64:99:4E:4C:95:BA:67:62:50:7B:5E:C0:30
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/8P6Z9Cx8SWSZTkyVumdiUHtewDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.146.0/23
Signature Algorithm: sha256WithRSAEncryption
90:83:8b:5c:47:61:99:25:a6:4f:a0:11:1c:35:ba:98:0b:01:
f6:f7:26:d9:c0:31:4b:4b:53:71:65:a6:9c:79:cb:17:33:01:
06:56:70:88:7c:da:55:27:18:fd:5e:fa:3e:2b:49:7f:1d:a5:
a4:fb:1e:fb:de:ea:ea:fc:b9:a2:d1:78:92:40:57:9e:3d:19:
de:6d:68:1b:ab:58:0c:e9:d5:d7:97:89:e1:76:e8:30:31:68:
2f:21:f4:4d:c9:1f:6a:8d:a5:7d:06:ff:b6:1e:bc:52:bf:e4:
f8:41:96:09:c7:16:53:1f:fe:15:74:9c:1c:00:47:17:e7:40:
dd:b6:94:2c:88:20:02:5a:39:c3:90:ce:db:12:61:a4:aa:92:
61:26:c9:e9:42:d1:3d:6a:c9:bf:cc:eb:08:7a:4e:35:fb:40:
18:d4:1b:28:b9:59:9c:34:11:73:cc:bb:9b:83:eb:22:73:57:
30:0f:fc:55:95:c4:74:6a:d8:41:59:ae:64:b7:05:d0:58:cd:
5d:2d:52:95:c4:dd:b2:93:71:05:af:fd:c6:ed:31:1f:6b:c8:
88:54:d3:5c:fb:3a:36:c3:ed:b3:df:56:dd:07:56:86:25:c9:
89:c7:a7:41:87:b5:72:5d:73:5a:fa:ff:50:b4:a2:da:aa:f3:
5c:c5:46:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9tCeFwZe5g4oybCbZnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZlOTlmNDJjN2M0OTY0OTk0ZTRjOTViYTY3NjI1MDdiNWVjMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfxKKpVRs8V+ctC0q7BZkWipx4UR
eHPq1KozBHMbQIKFFATisbQUWuqOK4hVAlMWh3RxoOvtULmScz0zXSuswaIDx9X0
OVOua9S+VkuhfEton1XzM9ZTtFftFnNpcrJBExHGkRrVbjK7A4WNKlOX1y77MfqA
Op6gtkD18TneguQ2c3CdqeBpl6JwWBqCZpG4LdcCb35BjOUWpi3sauow/iJqzkmg
wFiicMPTgTYhe3XGHOqm0gWzgqYawd0GbCf2JjjQOZAXGPuOX3slHqJvrK9/lgwZ
W21rCiGG/2NkxJuvgQSp64/5k6ukNVNNv14AYT0xcusAOgvcVcvx5I9bkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD+mfQsfElkmU5MlbpnYlB7XsAwMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvOFA2WjlDeDhTV1NaVGt5VnVtZGlVSHRld0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYOSMA0G
CSqGSIb3DQEBCwUAA4IBAQCQg4tcR2GZJaZPoBEcNbqYCwH29ybZwDFLS1NxZaac
ecsXMwEGVnCIfNpVJxj9Xvo+K0l/HaWk+x773urq/Lmi0XiSQFeePRnebWgbq1gM
6dXXl4nhdugwMWgvIfRNyR9qjaV9Bv+2HrxSv+T4QZYJxxZTH/4VdJwcAEcX50Dd
tpQsiCACWjnDkM7bEmGkqpJhJsnpQtE9asm/zOsIek41+0AY1BsouVmcNBFzzLub
g+sic1cwD/xVlcR0athBWa5ktwXQWM1dLVKVxN2yk3EFr/3G7TEfa8iIVNNc+zo2
w+2z31bdB1aGJcmJx6dBh7VyXXNa+v9QtKLaqvNcxUYM
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:31:10 2025 by rpki-client