Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/09dbkFeVxucU6UqoknUc5TBOdeU.roa
File: 09dbkFeVxucU6UqoknUc5TBOdeU.roa (raw, json)
Hash identifier: 5tUbhVvqVK8D7MUwoXkGQ+SZVZggKE8uN7KXzGXLgj0=
Subject key identifier: D3:D7:5B:90:57:95:C6:E7:14:E9:4A:A8:92:75:1C:E5:30:4E:75:E5
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019423D7FE9ED400AA5B67410926D521D93D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/09dbkFeVxucU6UqoknUc5TBOdeU.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211557
IP address blocks: 185.176.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fe:9e:d4:00:aa:5b:67:41:09:26:d5:21:d9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3d75b905795c6e714e94aa892751ce5304e75e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:71:25:07:3b:d5:0d:cf:f7:fd:c6:a7:1f:
9e:d2:f1:f6:b7:b5:9a:0d:5b:5e:3b:6f:55:2e:85:
5d:68:e2:95:af:5d:5e:ef:b8:ee:bb:fd:6e:2f:db:
fa:63:87:51:1d:a4:d2:89:69:55:26:5a:8a:ea:29:
2a:50:42:e6:72:f4:2a:26:ab:3e:4f:5c:2c:90:54:
fc:87:30:2e:5a:3b:4c:30:70:8f:84:39:a3:c7:8a:
47:2d:29:15:e4:b6:7b:04:a5:5c:eb:55:cc:fb:a1:
83:56:be:b2:9e:05:09:9d:8e:d2:0b:94:e9:d3:df:
7c:a8:79:23:f8:71:a7:4f:92:4a:20:7a:44:ae:b4:
e4:bb:da:d8:b4:d7:47:37:e8:d4:94:7c:65:c1:39:
07:d0:6d:8c:a9:56:b7:47:7e:02:f5:a1:47:a4:c7:
05:d6:6a:c1:f6:7c:7a:23:7d:0c:2e:1b:d9:09:00:
e5:ad:19:5c:45:62:48:27:e9:42:f4:72:61:e5:56:
9d:13:1f:ad:9b:10:cb:18:a6:3b:85:cf:9c:80:dc:
47:9e:87:bd:ed:a8:86:a4:0d:d3:3d:c8:ea:02:c5:
fb:4a:2a:78:1f:97:f3:4c:8a:03:07:98:24:e0:a2:
1b:c0:4a:b5:7c:1f:28:d1:c5:ed:7f:f9:12:d1:c2:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D7:5B:90:57:95:C6:E7:14:E9:4A:A8:92:75:1C:E5:30:4E:75:E5
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/09dbkFeVxucU6UqoknUc5TBOdeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.94.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a9:29:99:91:d9:90:ff:7b:42:6e:7c:1e:2b:20:10:85:c4:
88:81:5e:61:77:df:96:02:c9:5e:bd:df:20:23:4b:21:12:a1:
81:f1:c2:37:ce:e1:04:70:b9:f2:39:88:d3:79:d4:1f:ee:93:
da:7e:22:44:0c:54:37:9f:12:77:7e:ba:f7:47:01:82:7f:fe:
6b:03:8d:62:ec:fc:66:86:c6:fa:50:55:13:26:71:99:ae:57:
a4:d7:5c:2a:dc:12:53:26:13:e6:83:47:3f:ad:7b:0a:01:6f:
46:0d:0d:11:88:a4:c4:6d:17:b9:58:2e:fc:8a:ab:b7:c8:dc:
8f:12:cd:5d:7e:ac:76:f3:83:6a:5b:05:99:71:3e:f8:d7:b5:
42:c8:01:2f:f7:bb:db:59:3e:68:cb:6c:19:82:e5:5e:ba:7a:
58:d5:4a:4f:61:32:06:a9:94:53:aa:61:79:b3:97:c9:cd:19:
78:12:62:a9:b4:88:5c:5a:df:a7:5f:58:ef:d5:32:69:f5:76:
d4:d4:cc:bc:7f:56:32:50:81:3d:8d:3d:cc:b2:40:21:69:19:
4d:b6:31:3a:47:8b:52:fd:cb:11:d1:7c:7c:eb:c1:7a:de:c6:
03:33:9b:72:e0:44:39:13:08:cf:8b:59:07:be:0a:1e:81:4c:
81:f7:6e:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1/6e1ACqW2dBCSbVIdk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q3NWI5MDU3OTVjNmU3MTRlOTRhYTg5Mjc1MWNlNTMwNGU3NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkVxJQc71Q3P9/3Gpx+e0vH2t7Wa
DVteO29VLoVdaOKVr11e77juu/1uL9v6Y4dRHaTSiWlVJlqK6ikqUELmcvQqJqs+
T1wskFT8hzAuWjtMMHCPhDmjx4pHLSkV5LZ7BKVc61XM+6GDVr6yngUJnY7SC5Tp
0998qHkj+HGnT5JKIHpErrTku9rYtNdHN+jUlHxlwTkH0G2MqVa3R34C9aFHpMcF
1mrB9nx6I30MLhvZCQDlrRlcRWJIJ+lC9HJh5VadEx+tmxDLGKY7hc+cgNxHnoe9
7aiGpA3TPcjqAsX7Sip4H5fzTIoDB5gk4KIbwEq1fB8o0cXtf/kS0cJ2/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPXW5BXlcbnFOlKqJJ1HOUwTnXlMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMDlkYmtGZVZ4dWNVNlVxb2tuVWM1VEJPZGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubBeMA0G
CSqGSIb3DQEBCwUAA4IBAQBHqSmZkdmQ/3tCbnweKyAQhcSIgV5hd9+WAslevd8g
I0shEqGB8cI3zuEEcLnyOYjTedQf7pPafiJEDFQ3nxJ3frr3RwGCf/5rA41i7Pxm
hsb6UFUTJnGZrlek11wq3BJTJhPmg0c/rXsKAW9GDQ0RiKTEbRe5WC78iqu3yNyP
Es1dfqx284NqWwWZcT7417VCyAEv97vbWT5oy2wZguVeunpY1UpPYTIGqZRTqmF5
s5fJzRl4EmKptIhcWt+nX1jv1TJp9XbU1My8f1YyUIE9jT3MskAhaRlNtjE6R4tS
/csR0Xx868F63sYDM5ty4EQ5EwjPi1kHvgoegUyB924P
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:39 2025 by rpki-client