Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/nofXYpB0FisO0jICtG3Ef-GQMH0.roa
File: nofXYpB0FisO0jICtG3Ef-GQMH0.roa (raw, json)
Hash identifier: 6sPkKup7pdVWKTBxrRqOcxcRj13RLFPr/8N1XCriJwg=
Subject key identifier: 9E:87:D7:62:90:74:16:2B:0E:D2:32:02:B4:6D:C4:7F:E1:90:30:7D
Certificate issuer: /CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Certificate serial: 01942067CC6A3CF9795833CFFF9592442435
Authority key identifier: BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/nofXYpB0FisO0jICtG3Ef-GQMH0.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.224.0/22 maxlen: 22
2a05:9540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cc:6a:3c:f9:79:58:33:cf:ff:95:92:44:24:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e87d7629074162b0ed23202b46dc47fe190307d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:90:5d:08:4c:e4:2d:c7:9b:9d:90:09:49:78:
70:b8:e5:1c:d1:9f:d6:51:44:89:ed:9e:a3:0b:4c:
43:d0:71:b2:ea:45:8f:50:fe:cb:7c:ba:b9:f4:c2:
a5:e6:fe:a2:b5:a2:9a:09:76:3b:bd:89:cc:9b:e5:
ff:8d:f9:54:fc:96:b8:24:e3:95:21:41:17:05:99:
50:ff:cb:2f:37:11:58:3e:ca:80:1c:40:f8:ed:7a:
b7:51:4f:86:96:76:e5:ca:e8:ad:7b:f5:d1:c1:67:
18:45:1e:a2:e1:77:6a:f4:9d:7d:ae:be:cc:01:a8:
82:b6:77:58:be:e7:78:2c:3b:73:43:32:67:07:2e:
d0:9d:10:58:a5:b4:d0:32:f0:1d:7b:b9:9e:36:1e:
55:9f:e6:6a:ce:f2:d6:e3:dc:85:77:7d:db:c9:79:
e2:60:97:ab:9a:97:50:2e:ac:87:48:d7:10:34:96:
9e:4a:92:32:b3:08:1e:16:5a:78:35:b4:0f:e7:81:
1b:db:83:bb:65:33:81:00:43:9c:9c:da:31:dd:f7:
3f:3c:e9:40:db:ca:eb:93:1d:72:20:16:9d:e9:23:
2e:d7:03:0b:bf:62:eb:26:e1:c7:a5:67:8c:91:1d:
8f:cf:f0:3d:54:f7:35:95:6a:c5:cd:06:72:ce:93:
ec:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:87:D7:62:90:74:16:2B:0E:D2:32:02:B4:6D:C4:7F:E1:90:30:7D
X509v3 Authority Key Identifier:
keyid:BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/nofXYpB0FisO0jICtG3Ef-GQMH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.224.0/22
IPv6:
2a05:9540::/29
Signature Algorithm: sha256WithRSAEncryption
4a:af:25:76:ab:ed:09:fb:0d:5e:c2:78:e4:de:ed:14:54:e0:
d0:a9:6f:3b:82:0b:13:47:5b:76:b8:3f:da:e5:6c:d8:0b:97:
52:44:a2:06:53:af:59:e7:1f:c0:52:53:fb:83:7e:e4:df:27:
2b:80:8d:d7:27:c2:8c:14:38:51:f0:bc:75:47:71:19:44:df:
0a:36:4a:7d:b1:0f:be:e8:d6:91:06:7b:4a:9e:89:14:0a:d0:
21:58:53:ac:e4:22:46:6e:00:e3:3a:b8:9c:11:09:24:f2:00:
b2:d4:17:29:65:1b:3d:ca:44:d8:3f:3e:89:60:ac:84:b0:78:
65:cf:2c:92:92:8b:a8:cb:8a:cd:91:6b:0e:3e:0b:24:e9:06:
4e:f8:03:2d:01:6a:eb:6a:39:f1:0a:f7:d5:bc:54:0d:4d:42:
dd:4a:3f:98:0f:46:49:19:ee:0b:a3:bf:5c:47:94:ef:73:77:
f6:69:21:de:5c:81:96:06:3c:47:43:35:98:38:59:1d:3a:77:
2a:c9:e1:d6:3c:16:88:39:f0:17:41:64:77:5f:79:65:2e:17:
67:2b:67:4b:09:db:60:06:a5:3f:02:d6:b3:e2:0a:95:ee:57:
76:9e:63:42:6d:a7:2e:60:72:95:54:4b:e2:a0:06:6f:48:85:
18:be:2b:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgZ8xqPPl5WDPP/5WSRCQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDA5YTg3NzQzODE3YzU2ZjgwODgwMDdhNTc0NmViNjlm
ZjJlMzAwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg3ZDc2MjkwNzQxNjJiMGVkMjMyMDJiNDZkYzQ3ZmUxOTAzMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JBdCEzkLcebnZAJSXhwuOUc0Z/W
UUSJ7Z6jC0xD0HGy6kWPUP7LfLq59MKl5v6itaKaCXY7vYnMm+X/jflU/Ja4JOOV
IUEXBZlQ/8svNxFYPsqAHED47Xq3UU+Glnblyuite/XRwWcYRR6i4Xdq9J19rr7M
AaiCtndYvud4LDtzQzJnBy7QnRBYpbTQMvAde7meNh5Vn+ZqzvLW49yFd33byXni
YJermpdQLqyHSNcQNJaeSpIyswgeFlp4NbQP54Eb24O7ZTOBAEOcnNox3fc/POlA
28rrkx1yIBad6SMu1wMLv2LrJuHHpWeMkR2Pz/A9VPc1lWrFzQZyzpPsEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ6H12KQdBYrDtIyArRtxH/hkDB9MB8GA1UdIwQY
MBaAFL/Qmod0OBfFb4CIAHpXRutp/y4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUt
ZGJjYThjMzFlYmM4LzEvbm9mWFlwQjBGaXNPMGpJQ3RHM0VmLUdRTUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUtZGJjYThjMzFlYmM4
LzEvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVLgMA0E
AgACMAcDBQMqBZVAMA0GCSqGSIb3DQEBCwUAA4IBAQBKryV2q+0J+w1ewnjk3u0U
VODQqW87ggsTR1t2uD/a5WzYC5dSRKIGU69Z5x/AUlP7g37k3ycrgI3XJ8KMFDhR
8Lx1R3EZRN8KNkp9sQ++6NaRBntKnokUCtAhWFOs5CJGbgDjOricEQkk8gCy1Bcp
ZRs9ykTYPz6JYKyEsHhlzyySkouoy4rNkWsOPgsk6QZO+AMtAWrrajnxCvfVvFQN
TULdSj+YD0ZJGe4Lo79cR5Tvc3f2aSHeXIGWBjxHQzWYOFkdOncqyeHWPBaIOfAX
QWR3X3llLhdnK2dLCdtgBqU/Ataz4gqV7ld2nmNCbacuYHKVVEvioAZvSIUYviut
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:47:56 2025 by rpki-client