Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/a9grNvqYQZL96vSZgUaaUYW4pkM.roa
File: a9grNvqYQZL96vSZgUaaUYW4pkM.roa (raw, json)
Hash identifier: UKQ9pbHuGJ7bkpOIdTsqFdrfM/n6bQ9BIxk/0hKXTX8=
Subject key identifier: 6B:D8:2B:36:FA:98:41:92:FD:EA:F4:99:81:46:9A:51:85:B8:A6:43
Certificate issuer: /CN=bfe57cc3db1840470c73a09605d187d7bd9595cb
Certificate serial: 0194236A0AEEF4C57622572BD68D3AAA4852
Authority key identifier: BF:E5:7C:C3:DB:18:40:47:0C:73:A0:96:05:D1:87:D7:BD:95:95:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-V8w9sYQEcMc6CWBdGH172Vlcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/a9grNvqYQZL96vSZgUaaUYW4pkM.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205544
IP address blocks: 185.245.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0a:ee:f4:c5:76:22:57:2b:d6:8d:3a:aa:48:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe57cc3db1840470c73a09605d187d7bd9595cb
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bd82b36fa984192fdeaf49981469a5185b8a643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a9:83:b1:72:8f:80:10:47:10:34:9f:44:09:
12:c9:85:dd:c7:fa:b6:b5:a4:8a:0b:cc:35:a0:db:
fb:bb:78:60:b3:68:81:89:e1:6c:24:46:0e:0e:9c:
6f:5c:34:8a:b8:f3:a4:0e:89:3e:82:2e:42:16:76:
d5:39:f2:9f:53:0c:9e:75:84:fb:d2:55:1d:ac:ff:
aa:44:99:5b:86:14:92:2a:b8:b8:13:81:2b:50:e0:
2a:f9:90:bd:f9:bd:d4:22:d4:f0:15:27:e0:5c:74:
db:e3:c2:a9:63:d7:01:bb:63:32:35:45:1f:02:ad:
b3:34:8c:3a:24:b2:bb:33:07:c6:50:19:87:3d:5f:
21:88:91:15:0b:f4:6a:71:f9:5f:df:cd:d5:17:07:
75:c3:b3:b1:a9:24:31:a8:fd:19:9a:42:66:49:3e:
9b:b5:49:da:c1:77:ea:2d:b4:e2:3c:2d:64:12:8e:
49:6f:e4:3c:86:11:7a:2a:d4:6b:89:f6:59:61:b3:
04:61:a5:e4:78:fe:b8:4c:00:c2:62:8d:d0:13:0c:
86:61:f7:7e:f8:2a:3b:7d:e9:52:99:d4:bf:f6:b3:
d0:30:5d:b7:b0:a9:69:63:56:ba:21:ca:65:e3:71:
d3:53:9c:1a:24:1c:89:b6:2f:ca:14:43:6a:17:1f:
08:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D8:2B:36:FA:98:41:92:FD:EA:F4:99:81:46:9A:51:85:B8:A6:43
X509v3 Authority Key Identifier:
keyid:BF:E5:7C:C3:DB:18:40:47:0C:73:A0:96:05:D1:87:D7:BD:95:95:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-V8w9sYQEcMc6CWBdGH172Vlcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/a9grNvqYQZL96vSZgUaaUYW4pkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/v-V8w9sYQEcMc6CWBdGH172Vlcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.124.0/22
Signature Algorithm: sha256WithRSAEncryption
61:ad:7c:c7:12:da:31:b3:19:92:bb:d8:53:31:91:03:88:8a:
d6:bc:70:b1:2c:56:b1:24:31:de:d9:38:c7:37:37:eb:23:3f:
ab:94:b1:2b:69:92:dd:5b:85:a2:a8:21:a3:7f:51:35:28:f9:
b4:82:f3:cf:0c:9e:68:63:6a:10:03:2d:d6:81:4b:d9:b7:c2:
0d:4e:cf:f7:bb:bc:1b:5b:93:90:51:c4:c8:bd:45:d3:d9:6a:
7b:ca:cb:a0:5d:b2:fd:89:5a:66:fe:5b:d2:97:fd:a6:d8:99:
17:0a:6c:1c:3c:34:11:eb:c2:1b:27:d1:ee:04:a0:4a:89:e0:
1d:9c:9d:0e:a6:81:57:10:85:36:af:87:6d:dc:22:8d:7d:a3:
b4:73:96:97:03:99:60:36:4e:c7:39:e9:16:0b:e1:b4:15:d5:
28:af:af:9b:f5:75:c7:4e:04:18:e4:2c:4f:3b:72:ce:2b:bc:
cd:76:7c:b9:56:46:5d:ee:da:34:32:17:9e:bd:b9:db:58:2f:
63:9c:50:3e:79:53:27:57:d3:e4:4c:49:e0:72:c3:49:2f:92:
80:eb:38:3d:3b:9d:0b:87:86:2f:b5:34:88:b6:d9:a6:ff:4e:
0a:fe:19:0b:65:3d:ab:b7:92:45:a0:71:01:6c:b7:a1:f6:cc:
f1:5a:ef:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagru9MV2Ilcr1o06qkhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTU3Y2MzZGIxODQwNDcwYzczYTA5NjA1ZDE4N2Q3YmQ5
NTk1Y2IwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ4MmIzNmZhOTg0MTkyZmRlYWY0OTk4MTQ2OWE1MTg1YjhhNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqmDsXKPgBBHEDSfRAkSyYXdx/q2
taSKC8w1oNv7u3hgs2iBieFsJEYODpxvXDSKuPOkDok+gi5CFnbVOfKfUwyedYT7
0lUdrP+qRJlbhhSSKri4E4ErUOAq+ZC9+b3UItTwFSfgXHTb48KpY9cBu2MyNUUf
Aq2zNIw6JLK7MwfGUBmHPV8hiJEVC/Rqcflf383VFwd1w7OxqSQxqP0ZmkJmST6b
tUnawXfqLbTiPC1kEo5Jb+Q8hhF6KtRrifZZYbMEYaXkeP64TADCYo3QEwyGYfd+
+Co7felSmdS/9rPQMF23sKlpY1a6Icpl43HTU5waJByJti/KFENqFx8IBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvYKzb6mEGS/er0mYFGmlGFuKZDMB8GA1UdIwQY
MBaAFL/lfMPbGEBHDHOglgXRh9e9lZXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1WOHc5c1lRRWNNYzZDV0JkR0gxNzJWbGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xN2I3OTctMmU2Ni00MGRmLTg2OGEt
MGEyNzVhNjc2M2NlLzEvYTlnck52cVlRWkw5NnZTWmdVYWFVWVc0cGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xN2I3OTctMmU2Ni00MGRmLTg2OGEtMGEyNzVhNjc2M2Nl
LzEvdi1WOHc5c1lRRWNNYzZDV0JkR0gxNzJWbGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufV8MA0G
CSqGSIb3DQEBCwUAA4IBAQBhrXzHEtoxsxmSu9hTMZEDiIrWvHCxLFaxJDHe2TjH
NzfrIz+rlLEraZLdW4WiqCGjf1E1KPm0gvPPDJ5oY2oQAy3WgUvZt8INTs/3u7wb
W5OQUcTIvUXT2Wp7ysugXbL9iVpm/lvSl/2m2JkXCmwcPDQR68IbJ9HuBKBKieAd
nJ0OpoFXEIU2r4dt3CKNfaO0c5aXA5lgNk7HOekWC+G0FdUor6+b9XXHTgQY5CxP
O3LOK7zNdny5VkZd7to0MheevbnbWC9jnFA+eVMnV9PkTEngcsNJL5KA6zg9O50L
h4YvtTSIttmm/04K/hkLZT2rt5JFoHEBbLeh9szxWu9h
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:40:05 2025 by rpki-client