Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/auS9-c0NKZclAN6n9ZeMxPqllbY.roa
File: auS9-c0NKZclAN6n9ZeMxPqllbY.roa (raw, json)
Hash identifier: jmic3pbI/PzbYEfrYr0mHzcn9EBC12zQGVngarCFUoA=
Subject key identifier: 6A:E4:BD:F9:CD:0D:29:97:25:00:DE:A7:F5:97:8C:C4:FA:A5:95:B6
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 0194221FCE9825DE6116D15384914664D4CC
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/auS9-c0NKZclAN6n9ZeMxPqllbY.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.26.158.0/24 maxlen: 24
2a00:d0c0:1299::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ce:98:25:de:61:16:d1:53:84:91:46:64:d4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ae4bdf9cd0d29972500dea7f5978cc4faa595b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:76:18:7f:ae:39:15:ca:57:b0:72:08:b7:
2b:b5:e9:a3:87:b0:42:64:34:45:9d:e9:4f:be:7b:
64:8b:66:b1:25:ae:9d:a1:57:bc:42:a7:e5:6b:1e:
21:e8:8a:d2:f6:88:8e:4f:20:44:13:33:41:f4:d4:
b1:59:f1:84:e0:98:22:71:ca:82:55:f6:c6:ad:ba:
57:78:56:18:11:9d:6e:15:b6:98:5e:da:b2:82:58:
96:df:40:4c:59:6f:81:52:9f:12:1f:d8:4b:46:d9:
20:64:af:41:28:2e:ab:a2:3a:0a:08:e5:a6:a2:08:
7b:23:27:35:38:4d:17:fc:a6:41:22:a6:31:58:ba:
8d:94:3a:3b:48:46:9f:8d:26:36:cb:f1:8b:a0:8c:
60:c3:74:4f:56:b4:5e:59:c0:28:8c:3e:03:f3:3d:
00:18:a7:91:84:1a:31:fa:88:7d:11:66:cf:f3:7f:
7a:bb:9a:c1:cc:da:3c:a2:45:01:65:ad:06:87:68:
15:3b:82:b7:ab:d3:73:9f:10:35:df:3a:16:f6:a8:
0c:bd:cd:3d:4f:08:04:39:b5:ae:f1:b0:14:97:98:
7e:e3:bc:63:5a:6f:df:9c:63:40:fb:25:c5:07:3c:
fd:36:ea:0a:48:d1:c2:38:3f:05:5f:76:12:0c:f4:
77:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E4:BD:F9:CD:0D:29:97:25:00:DE:A7:F5:97:8C:C4:FA:A5:95:B6
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/auS9-c0NKZclAN6n9ZeMxPqllbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.158.0/24
IPv6:
2a00:d0c0:1299::/48
Signature Algorithm: sha256WithRSAEncryption
6f:bc:f8:17:4b:4a:34:d7:2d:e3:75:0d:8f:69:b6:16:a4:24:
5e:81:20:88:20:59:bd:22:ea:c2:8c:0f:b9:5d:e4:4a:f2:fe:
a3:56:7e:82:90:da:fa:cd:a5:ab:71:ff:63:73:44:4b:d6:29:
ca:93:16:ba:f3:0c:30:26:23:9e:8e:4c:29:aa:ed:9a:9e:6f:
66:85:ee:49:31:1c:c7:d9:10:0e:1b:9c:4e:3c:2e:78:da:fd:
32:fd:09:25:f8:e3:67:1a:5a:56:a7:6f:61:0b:5c:45:3a:e7:
64:44:ea:75:2c:d2:d7:a0:b5:a1:6f:4a:b9:29:6e:a6:b3:a0:
4c:c6:cc:5d:fc:96:bd:89:26:9d:ec:4e:67:6f:3d:8c:21:60:
8d:ba:7f:8f:76:29:4f:f5:13:94:1f:ea:f4:14:08:87:c7:62:
ad:fb:14:51:a9:8d:35:03:25:37:be:bb:d8:95:66:7b:b9:e6:
7d:cb:e3:de:85:67:0e:2c:a5:29:f9:3a:6a:1b:02:76:25:c6:
00:d0:59:2a:06:92:d5:21:05:c7:a8:ea:60:f0:35:83:f9:da:
fa:1f:09:6c:ab:99:fb:78:97:51:14:48:8d:01:f4:be:7c:a8:
39:af:19:c1:d0:31:a8:87:11:69:51:e3:1b:ab:4b:7f:e2:a6:
e8:99:9a:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH86YJd5hFtFThJFGZNTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWU0YmRmOWNkMGQyOTk3MjUwMGRlYTdmNTk3OGNjNGZhYTU5NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKV2GH+uORXKV7ByCLcrtemjh7BC
ZDRFnelPvntki2axJa6doVe8Qqflax4h6IrS9oiOTyBEEzNB9NSxWfGE4JgiccqC
VfbGrbpXeFYYEZ1uFbaYXtqygliW30BMWW+BUp8SH9hLRtkgZK9BKC6rojoKCOWm
ogh7Iyc1OE0X/KZBIqYxWLqNlDo7SEafjSY2y/GLoIxgw3RPVrReWcAojD4D8z0A
GKeRhBox+oh9EWbP8396u5rBzNo8okUBZa0Gh2gVO4K3q9NznxA13zoW9qgMvc09
TwgEObWu8bAUl5h+47xjWm/fnGNA+yXFBzz9NuoKSNHCOD8FX3YSDPR3rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGrkvfnNDSmXJQDep/WXjMT6pZW2MB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvYXVTOS1jME5LWmNsQU42bjlaZU14UHFsbGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRqeMA8E
AgACMAkDBwAqANDAEpkwDQYJKoZIhvcNAQELBQADggEBAG+8+BdLSjTXLeN1DY9p
thakJF6BIIggWb0i6sKMD7ld5Ery/qNWfoKQ2vrNpatx/2NzREvWKcqTFrrzDDAm
I56OTCmq7Zqeb2aF7kkxHMfZEA4bnE48Lnja/TL9CSX442caWlanb2ELXEU652RE
6nUs0tegtaFvSrkpbqazoEzGzF38lr2JJp3sTmdvPYwhYI26f492KU/1E5Qf6vQU
CIfHYq37FFGpjTUDJTe+u9iVZnu55n3L496FZw4spSn5OmobAnYlxgDQWSoGktUh
Bceo6mDwNYP52vofCWyrmft4l1EUSI0B9L58qDmvGcHQMaiHEWlR4xurS3/ipuiZ
mjk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:29 2025 by rpki-client