Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/9eHZykamoBycMzl12szE1onG2oo.roa
File: 9eHZykamoBycMzl12szE1onG2oo.roa (raw, json)
Hash identifier: EJHUoypugYi9QZVEXxjb+FxPmxIREjwl9B9NBHyjGxI=
Subject key identifier: F5:E1:D9:CA:46:A6:A0:1C:9C:33:39:75:DA:CC:C4:D6:89:C6:DA:8A
Certificate issuer: /CN=dca0adb1a8b797020f0ec7a29a9b5abad40b653e
Certificate serial: 03DB9A75
Authority key identifier: DC:A0:AD:B1:A8:B7:97:02:0F:0E:C7:A2:9A:9B:5A:BA:D4:0B:65:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KCtsai3lwIPDseimptautQLZT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/9eHZykamoBycMzl12szE1onG2oo.roa
Signing time: Sat 01 Jan 2022 02:55:03 +0000
ROA not before: Sat 01 Jan 2022 02:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.186.25.0/24 maxlen: 24
2a0b:6c81::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64723573 (0x3db9a75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca0adb1a8b797020f0ec7a29a9b5abad40b653e
Validity
Not Before: Jan 1 02:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5e1d9ca46a6a01c9c333975daccc4d689c6da8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:06:b9:64:36:69:7c:bb:17:e2:b1:a4:75:8c:
23:a5:73:95:8c:6a:13:19:b8:9d:60:7f:c6:99:ea:
31:75:07:b5:e1:47:1a:50:67:27:b6:ab:2e:c6:56:
d3:66:ab:52:3f:5b:7d:91:db:6a:3f:3e:4e:e3:d0:
0b:51:4a:44:30:59:c5:b1:95:92:a8:1e:ba:59:bb:
ab:37:5b:12:d1:02:a0:c4:e3:e8:a5:cd:78:50:de:
87:73:1f:a0:51:1f:28:bc:d5:10:61:14:65:f1:be:
2f:80:fa:18:36:66:c1:fa:39:97:ec:23:5a:6b:67:
a0:ae:bf:1e:3e:e9:dd:87:4c:47:9b:bf:e2:c6:05:
66:67:27:42:5d:dc:cf:23:61:98:38:2d:5d:eb:fa:
51:ca:5d:e1:9c:52:74:aa:45:cc:e8:80:6d:8e:12:
a8:1d:81:37:b0:7a:20:f4:07:0d:04:0d:8d:3e:26:
73:ee:64:ca:eb:f6:28:b7:f9:e0:ed:23:68:3b:1e:
09:73:f3:9c:d5:06:2b:5e:4e:6d:09:01:45:bc:7a:
72:d8:63:a9:16:82:42:35:5b:62:37:89:a5:60:4a:
8a:14:73:dc:98:90:70:9e:43:0b:f6:fb:e2:a8:b8:
e7:dd:bf:24:84:b2:cf:e8:6d:0b:aa:be:ae:e1:df:
a6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E1:D9:CA:46:A6:A0:1C:9C:33:39:75:DA:CC:C4:D6:89:C6:DA:8A
X509v3 Authority Key Identifier:
keyid:DC:A0:AD:B1:A8:B7:97:02:0F:0E:C7:A2:9A:9B:5A:BA:D4:0B:65:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KCtsai3lwIPDseimptautQLZT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/9eHZykamoBycMzl12szE1onG2oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/3KCtsai3lwIPDseimptautQLZT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.25.0/24
IPv6:
2a0b:6c81::/32
Signature Algorithm: sha256WithRSAEncryption
67:61:6c:4b:dc:6e:0c:3d:fc:72:55:a3:08:c9:11:7f:b7:1d:
eb:c6:5c:e6:5f:3c:ae:cd:e2:b5:b8:0d:25:66:bf:a6:bd:db:
1a:04:c3:97:b7:64:90:05:dc:61:2f:e3:e4:ed:8d:8a:8d:80:
99:72:b2:7c:d0:2d:4a:bd:6b:6a:2e:e6:d9:bb:7d:82:9b:97:
4b:7e:34:9d:1d:4f:c3:56:10:d5:55:f6:db:63:ce:bf:ca:88:
e9:f1:b2:df:cf:e5:c8:b0:de:4f:e1:b1:37:fd:79:a8:34:d4:
06:48:1a:e8:12:47:e7:aa:81:43:78:3f:95:7a:78:d5:83:33:
ec:92:06:f8:92:00:7a:db:29:7d:26:db:03:f6:39:15:91:37:
c2:5e:00:63:5c:64:5f:4c:37:22:b6:f8:66:5f:7d:bf:e1:c6:
01:a7:fd:56:fd:dc:ff:85:9c:49:30:5f:22:ca:90:e5:0f:15:
f5:44:26:1a:3c:0a:0e:7f:b8:c2:0d:cd:e4:ae:0c:4f:8d:bc:
80:0f:72:64:17:4b:30:16:da:d8:86:4c:e0:a3:b3:14:3c:e9:
fd:62:fb:5d:7c:b0:e2:27:03:73:15:cc:42:70:12:53:51:e1:
d6:98:c6:82:66:fa:ad:d4:83:18:e3:4c:92:23:41:79:13:5f:
03:9f:65:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA9uadTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2EwYWRiMWE4Yjc5NzAyMGYwZWM3YTI5YTliNWFiYWQ0MGI2NTNlMB4XDTIyMDEw
MTAyNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVlMWQ5Y2E0NmE2
YTAxYzljMzMzOTc1ZGFjY2M0ZDY4OWM2ZGE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgGuWQ2aXy7F+KxpHWMI6VzlYxqExm4nWB/xpnqMXUHteFH
GlBnJ7arLsZW02arUj9bfZHbaj8+TuPQC1FKRDBZxbGVkqgeulm7qzdbEtECoMTj
6KXNeFDeh3MfoFEfKLzVEGEUZfG+L4D6GDZmwfo5l+wjWmtnoK6/Hj7p3YdMR5u/
4sYFZmcnQl3czyNhmDgtXev6Ucpd4ZxSdKpFzOiAbY4SqB2BN7B6IPQHDQQNjT4m
c+5kyuv2KLf54O0jaDseCXPznNUGK15ObQkBRbx6cthjqRaCQjVbYjeJpWBKihRz
3JiQcJ5DC/b74qi4592/JISyz+htC6q+ruHfpv8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT14dnKRqagHJwzOXXazMTWicbaijAfBgNVHSMEGDAWgBTcoK2xqLeXAg8O
x6Kam1q61AtlPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNLQ3RzYWkzbHdJUERzZWltcHRhdXRRTFpUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvODQ2YmQzLTAzNzMtNDE5MC1hZGZmLTNlMzZjYTlhMmQ2OS8x
LzllSFp5a2Ftb0J5Y016bDEyc3pFMW9uRzJvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
ODQ2YmQzLTAzNzMtNDE5MC1hZGZmLTNlMzZjYTlhMmQ2OS8xLzNLQ3RzYWkzbHdJ
UERzZWltcHRhdXRRTFpUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALm6GTANBAIAAjAHAwUAKgtsgTAN
BgkqhkiG9w0BAQsFAAOCAQEAZ2FsS9xuDD38clWjCMkRf7cd68Zc5l88rs3itbgN
JWa/pr3bGgTDl7dkkAXcYS/j5O2Nio2AmXKyfNAtSr1rai7m2bt9gpuXS340nR1P
w1YQ1VX222POv8qI6fGy38/lyLDeT+GxN/15qDTUBkga6BJH56qBQ3g/lXp41YMz
7JIG+JIAetspfSbbA/Y5FZE3wl4AY1xkX0w3Irb4Zl99v+HGAaf9Vv3c/4WcSTBf
IsqQ5Q8V9UQmGjwKDn+4wg3N5K4MT428gA9yZBdLMBba2IZM4KOzFDzp/WL7XXyw
4icDcxXMQnASU1Hh1pjGgmb6rdSDGONMkiNBeRNfA59lBA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:40:09 2025 by rpki-client