Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O9n2W45IL4ZPQ7ySmP_wgMSjmM0.roa
File: O9n2W45IL4ZPQ7ySmP_wgMSjmM0.roa (raw, json)
Hash identifier: LHjzPi1frnVBcp5q4ol11nwZf0XWlDw2urze+/Pgr4A=
Subject key identifier: 3B:D9:F6:5B:8E:48:2F:86:4F:43:BC:92:98:FF:F0:80:C4:A3:98:CD
Certificate issuer: /CN=525b705a91dbc30ed10eb7222b7797b834e01863
Certificate serial: 019425FDE660346BF7FC000FC5DF6E296F08
Authority key identifier: 52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O9n2W45IL4ZPQ7ySmP_wgMSjmM0.roa
Signing time: Thu 02 Jan 2025 07:49:44 +0000
ROA not before: Thu 02 Jan 2025 07:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204880
IP address blocks: 185.236.240.0/23 maxlen: 24
185.236.242.0/23 maxlen: 24
2a0d:eb00::/32 maxlen: 32
2a0d:eb01::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e6:60:34:6b:f7:fc:00:0f:c5:df:6e:29:6f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525b705a91dbc30ed10eb7222b7797b834e01863
Validity
Not Before: Jan 2 07:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd9f65b8e482f864f43bc9298fff080c4a398cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:26:f2:85:9b:ca:28:d0:ef:07:bd:e0:21:
d0:15:c0:7f:7d:d8:af:ff:f5:0f:d1:60:25:61:5c:
9b:a5:7b:9b:04:e5:56:0b:98:3a:66:d8:3e:be:5b:
03:29:8c:3f:f3:76:da:fa:53:51:a6:9e:7a:4b:6e:
22:48:af:cf:f8:2e:b1:14:93:43:b0:41:11:d4:c7:
02:bc:e7:19:e4:46:f1:92:37:80:85:7d:51:4e:e9:
d4:19:54:4b:48:e7:8e:c1:bb:0c:f5:8f:24:f9:db:
07:50:c2:83:7d:1d:44:01:cf:7d:ab:15:23:26:0c:
ba:47:f3:7f:2e:19:4d:ce:69:45:e8:28:16:b3:07:
0a:a2:bb:8c:ea:b4:e9:41:57:3e:4a:07:75:81:8a:
ec:b7:23:1c:58:32:5f:b1:7d:7f:19:1f:70:ec:80:
7e:ba:7b:e1:6f:fe:1e:d3:13:2b:61:48:fc:50:52:
81:b4:93:7d:38:5e:f4:68:fc:33:9c:49:b1:24:e1:
38:ec:64:10:0e:78:31:5c:8c:d2:64:15:5c:4a:da:
d0:f8:8c:08:60:f6:f3:16:37:9e:ce:c6:c7:82:e2:
ca:cc:38:b7:af:b6:17:c8:5a:91:ef:60:e8:37:31:
ed:8c:76:64:53:ab:d6:e4:90:70:68:cf:03:8d:36:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D9:F6:5B:8E:48:2F:86:4F:43:BC:92:98:FF:F0:80:C4:A3:98:CD
X509v3 Authority Key Identifier:
keyid:52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O9n2W45IL4ZPQ7ySmP_wgMSjmM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.240.0/22
IPv6:
2a0d:eb00::-2a0d:eb01:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:2d:19:8d:b6:79:7a:b4:b8:df:5a:77:cb:fa:4c:9e:1b:6e:
10:21:8d:59:64:ca:7a:1c:ce:54:92:1f:0d:91:f6:11:0c:d5:
db:e8:37:c2:81:c2:88:7e:34:d5:89:ca:5b:7d:9d:0b:61:40:
8a:be:f2:41:02:79:93:47:db:f5:fa:0f:64:42:97:6c:90:83:
d3:4b:08:22:45:08:5b:b3:ea:de:1c:c6:65:28:42:71:ae:75:
b6:9b:95:44:7d:7d:32:83:3d:bf:d2:ca:86:11:42:48:b8:5c:
7d:81:f2:08:dd:4b:4e:b5:3c:7d:4c:ca:36:90:87:8f:f3:5d:
4e:f2:fe:1e:bc:75:4a:b6:28:3d:dd:f1:52:8c:af:ed:6b:cd:
bb:0e:aa:b4:44:ed:e8:c8:a7:99:65:99:65:65:74:e5:72:2e:
af:d6:e6:a5:f3:96:36:a9:c4:51:a4:dc:4f:a7:8d:6b:4d:bc:
ed:06:fb:19:09:82:53:a5:6e:58:72:cb:0c:15:5d:9b:af:2a:
25:09:8b:51:e3:02:7b:26:67:c6:77:b8:7e:e4:74:11:f7:dc:
5c:97:f8:fb:c4:2a:32:a1:55:9f:02:b7:13:d8:fb:da:f0:9f:
b7:7f:14:99:b7:75:32:9e:ce:7a:ab:e7:be:b4:b9:76:a4:33:
a7:62:3e:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/eZgNGv3/AAPxd9uKW8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNWI3MDVhOTFkYmMzMGVkMTBlYjcyMjJiNzc5N2I4MzRl
MDE4NjMwHhcNMjUwMTAyMDc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ5ZjY1YjhlNDgyZjg2NGY0M2JjOTI5OGZmZjA4MGM0YTM5OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+sm8oWbyijQ7we94CHQFcB/fdiv
//UP0WAlYVybpXubBOVWC5g6Ztg+vlsDKYw/83ba+lNRpp56S24iSK/P+C6xFJND
sEER1McCvOcZ5EbxkjeAhX1RTunUGVRLSOeOwbsM9Y8k+dsHUMKDfR1EAc99qxUj
Jgy6R/N/LhlNzmlF6CgWswcKoruM6rTpQVc+Sgd1gYrstyMcWDJfsX1/GR9w7IB+
unvhb/4e0xMrYUj8UFKBtJN9OF70aPwznEmxJOE47GQQDngxXIzSZBVcStrQ+IwI
YPbzFjeezsbHguLKzDi3r7YXyFqR72DoNzHtjHZkU6vW5JBwaM8DjTZcbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDvZ9luOSC+GT0O8kpj/8IDEo5jNMB8GA1UdIwQY
MBaAFFJbcFqR28MO0Q63Iit3l7g04BhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQt
ZjQ2ODg3ZGY5ODYzLzEvTzluMlc0NUlMNFpQUTd5U21QX3dnTVNqbU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQtZjQ2ODg3ZGY5ODYz
LzEvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuezwMBYE
AgACMBAwDgMEACoN6wMGACoN6wEAMA0GCSqGSIb3DQEBCwUAA4IBAQAPLRmNtnl6
tLjfWnfL+kyeG24QIY1ZZMp6HM5Ukh8NkfYRDNXb6DfCgcKIfjTVicpbfZ0LYUCK
vvJBAnmTR9v1+g9kQpdskIPTSwgiRQhbs+reHMZlKEJxrnW2m5VEfX0ygz2/0sqG
EUJIuFx9gfII3UtOtTx9TMo2kIeP811O8v4evHVKtig93fFSjK/ta827Dqq0RO3o
yKeZZZllZXTlci6v1ual85Y2qcRRpNxPp41rTbztBvsZCYJTpW5YcssMFV2bryol
CYtR4wJ7JmfGd7h+5HQR99xcl/j7xCoyoVWfArcT2Pva8J+3fxSZt3Uyns56q+e+
tLl2pDOnYj4k
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:22:39 2025 by rpki-client