Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/9dTJ-nYACxpnRY5rhOVsQaAIp6o.roa
File: 9dTJ-nYACxpnRY5rhOVsQaAIp6o.roa (raw, json)
Hash identifier: IImECG5Z8yt26nxcW9N1eIdxFCugxBSzO203A94ADp0=
Subject key identifier: F5:D4:C9:FA:76:00:0B:1A:67:45:8E:6B:84:E5:6C:41:A0:08:A7:AA
Certificate issuer: /CN=54598408d23cef52560f7eaad4e1db0c862062c3
Certificate serial: 019420D5F75080DB9782AECFBA2E048FCD74
Authority key identifier: 54:59:84:08:D2:3C:EF:52:56:0F:7E:AA:D4:E1:DB:0C:86:20:62:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VFmECNI871JWD36q1OHbDIYgYsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/9dTJ-nYACxpnRY5rhOVsQaAIp6o.roa
Signing time: Wed 01 Jan 2025 07:48:00 +0000
ROA not before: Wed 01 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203990
IP address blocks: 185.117.124.0/22 maxlen: 24
185.117.124.0/24 maxlen: 24
185.117.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f7:50:80:db:97:82:ae:cf:ba:2e:04:8f:cd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54598408d23cef52560f7eaad4e1db0c862062c3
Validity
Not Before: Jan 1 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5d4c9fa76000b1a67458e6b84e56c41a008a7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:84:88:29:d2:2c:0f:df:a2:4d:f4:49:42:18:
80:e2:a4:ed:2c:7d:60:66:b5:17:14:75:36:92:31:
f1:75:ab:57:7c:b6:5c:5b:7a:df:24:1c:da:09:bf:
6c:08:7e:d1:39:ff:5a:53:b4:d3:a7:ab:de:7f:91:
5c:a8:08:4b:69:fc:77:66:6b:88:52:0f:fa:1c:b9:
d1:90:35:cb:43:4e:f1:b1:3e:56:68:53:f0:e8:87:
c7:86:9d:99:3b:0b:e4:de:90:c5:6a:47:c0:9c:80:
93:82:0c:d4:2b:9b:84:ad:04:24:90:c8:cd:cf:f5:
17:2d:8e:7c:a9:6d:af:7d:9e:ef:c3:ac:58:41:3d:
e1:6d:fe:7c:d2:b3:10:07:66:d3:5f:48:53:50:01:
4f:e1:be:0e:73:46:b1:bd:31:8c:2a:83:fe:32:f8:
3d:3d:42:78:b5:96:4f:b9:5b:5c:b2:2a:87:8d:cc:
d8:5b:dd:9a:b1:4b:ca:0f:b9:6e:b6:25:aa:84:0d:
ad:9c:81:63:fe:39:5a:52:fd:c8:19:32:7b:12:2f:
5e:30:94:c9:42:d9:26:f1:16:d9:78:ff:5b:b2:1c:
2b:13:bf:78:51:17:ea:db:c2:80:d3:ba:b5:7c:f1:
0d:5c:52:b9:25:50:53:3f:5c:23:d4:d6:dd:33:ae:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D4:C9:FA:76:00:0B:1A:67:45:8E:6B:84:E5:6C:41:A0:08:A7:AA
X509v3 Authority Key Identifier:
keyid:54:59:84:08:D2:3C:EF:52:56:0F:7E:AA:D4:E1:DB:0C:86:20:62:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFmECNI871JWD36q1OHbDIYgYsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/9dTJ-nYACxpnRY5rhOVsQaAIp6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/VFmECNI871JWD36q1OHbDIYgYsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.124.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:88:1e:8a:3f:45:3c:48:76:c7:53:64:65:83:af:bd:fe:50:
24:f2:34:8e:1c:2a:92:ae:cc:c3:ed:56:f5:15:76:a9:f4:7c:
40:89:21:30:06:bf:4c:a0:5f:19:bf:37:a9:d8:1a:a9:90:f5:
30:f2:35:64:30:96:b1:fb:27:b3:7a:e2:a7:a1:5d:19:d4:80:
7e:dd:7e:4e:9a:2a:2e:1c:8f:11:48:1c:f8:71:a1:c4:93:1c:
64:cb:b8:a5:2d:b5:a7:6d:07:7f:1f:8d:3f:ca:43:de:94:fb:
81:64:29:71:52:c1:77:c9:35:3a:92:58:9c:af:4c:d6:57:e9:
f4:b9:ad:c7:ac:5d:51:cc:d1:f2:0d:5e:a7:25:0b:66:b0:4d:
48:3a:94:ed:a0:47:5f:46:47:de:71:24:60:ff:71:be:10:50:
92:10:cc:50:d2:06:41:81:32:d0:90:fc:2f:4f:e2:8e:aa:3b:
f4:f4:7f:62:aa:ef:2d:3d:cf:57:04:da:bb:8f:e8:5b:d2:d4:
ee:42:ce:eb:1d:73:47:57:7e:75:ae:96:ff:a4:24:24:c1:5a:
fe:4f:c7:f6:02:c0:b7:a7:a9:43:ef:8a:e1:03:bd:63:36:6f:
9d:c0:55:0d:7b:ee:5b:91:79:d9:1a:9e:c8:f2:e9:7d:75:2a:
19:00:f2:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fdQgNuXgq7Pui4Ej810MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NTk4NDA4ZDIzY2VmNTI1NjBmN2VhYWQ0ZTFkYjBjODYy
MDYyYzMwHhcNMjUwMTAxMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ0YzlmYTc2MDAwYjFhNjc0NThlNmI4NGU1NmM0MWEwMDhhN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64SIKdIsD9+iTfRJQhiA4qTtLH1g
ZrUXFHU2kjHxdatXfLZcW3rfJBzaCb9sCH7ROf9aU7TTp6vef5FcqAhLafx3ZmuI
Ug/6HLnRkDXLQ07xsT5WaFPw6IfHhp2ZOwvk3pDFakfAnICTggzUK5uErQQkkMjN
z/UXLY58qW2vfZ7vw6xYQT3hbf580rMQB2bTX0hTUAFP4b4Oc0axvTGMKoP+Mvg9
PUJ4tZZPuVtcsiqHjczYW92asUvKD7lutiWqhA2tnIFj/jlaUv3IGTJ7Ei9eMJTJ
Qtkm8RbZeP9bshwrE794URfq28KA07q1fPENXFK5JVBTP1wj1NbdM65a5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXUyfp2AAsaZ0WOa4TlbEGgCKeqMB8GA1UdIwQY
MBaAFFRZhAjSPO9SVg9+qtTh2wyGIGLDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZtRUNOSTg3MUpXRDM2cTFPSGJESVlnWXNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mOWQxNTItY2EwMC00NmM0LTkzNmEt
ZTkwOTNmZWUzZmQzLzEvOWRUSi1uWUFDeHBuUlk1cmhPVnNRYUFJcDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mOWQxNTItY2EwMC00NmM0LTkzNmEtZTkwOTNmZWUzZmQz
LzEvVkZtRUNOSTg3MUpXRDM2cTFPSGJESVlnWXNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXV8MA0G
CSqGSIb3DQEBCwUAA4IBAQBciB6KP0U8SHbHU2Rlg6+9/lAk8jSOHCqSrszD7Vb1
FXap9HxAiSEwBr9MoF8Zvzep2BqpkPUw8jVkMJax+yezeuKnoV0Z1IB+3X5Omiou
HI8RSBz4caHEkxxky7ilLbWnbQd/H40/ykPelPuBZClxUsF3yTU6klicr0zWV+n0
ua3HrF1RzNHyDV6nJQtmsE1IOpTtoEdfRkfecSRg/3G+EFCSEMxQ0gZBgTLQkPwv
T+KOqjv09H9iqu8tPc9XBNq7j+hb0tTuQs7rHXNHV351rpb/pCQkwVr+T8f2AsC3
p6lD74rhA71jNm+dwFUNe+5bkXnZGp7I8ul9dSoZAPLc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:28 2025 by rpki-client