Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/9hSS_TvQhCvC8fhsSyJYV-rq3kg.roa
File: 9hSS_TvQhCvC8fhsSyJYV-rq3kg.roa (raw, json)
Hash identifier: IKnNzHp7XVRMYKLUBlGGbOEdrSNJK7VVnYm2JR8nfXc=
Subject key identifier: F6:14:92:FD:3B:D0:84:2B:C2:F1:F8:6C:4B:22:58:57:EA:EA:DE:48
Certificate issuer: /CN=ca09149f34784f5b202c56761b01d35dd02569cd
Certificate serial: 0194228DAE2944FB2B0187E335997C76E4D6
Authority key identifier: CA:09:14:9F:34:78:4F:5B:20:2C:56:76:1B:01:D3:5D:D0:25:69:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygkUnzR4T1sgLFZ2GwHTXdAlac0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/9hSS_TvQhCvC8fhsSyJYV-rq3kg.roa
Signing time: Wed 01 Jan 2025 15:48:18 +0000
ROA not before: Wed 01 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206855
IP address blocks: 185.136.24.0/22 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ae:29:44:fb:2b:01:87:e3:35:99:7c:76:e4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca09149f34784f5b202c56761b01d35dd02569cd
Validity
Not Before: Jan 1 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f61492fd3bd0842bc2f1f86c4b225857eaeade48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:52:68:c2:85:6a:15:57:bb:55:f3:9b:8f:
f4:88:a9:72:41:77:54:33:23:4c:ed:6f:7b:1c:5a:
bd:e7:9c:13:f7:08:e9:10:c4:ea:97:8f:95:8d:8d:
88:cc:bd:ec:1c:1d:da:96:5a:9d:97:1b:d0:c6:16:
3b:92:26:33:59:0a:8a:88:b0:af:8f:f0:0a:bd:ec:
a9:67:7c:58:85:fe:d9:97:b2:27:2c:7b:f3:13:d3:
f3:07:a5:db:0d:fe:fa:f4:a3:3b:80:a4:ba:89:0d:
c4:f8:fe:86:4b:03:92:66:2c:4b:5b:5e:fa:d9:c2:
c5:0e:5e:4e:2d:34:56:11:9a:3f:e8:7f:0f:81:fe:
49:38:31:e3:a5:24:33:fb:b7:54:f5:76:c1:81:3d:
6c:ac:31:aa:17:d6:cc:71:2f:06:e3:8e:7f:b0:70:
e5:d1:d3:89:32:a0:55:d6:f9:6e:4f:04:fa:8d:9a:
38:ba:0d:02:c8:a0:f8:e3:83:dc:88:c3:bb:4b:be:
8e:4e:fb:69:89:9a:04:9a:a4:7b:62:b7:3d:30:8f:
75:ff:da:70:ec:f2:be:b8:04:ec:1b:02:8c:86:c0:
e8:3c:eb:1e:db:75:d5:2a:bf:a1:00:49:36:7a:1d:
cb:7d:b2:1b:30:7f:c0:f0:16:2e:5d:9e:69:65:6f:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:14:92:FD:3B:D0:84:2B:C2:F1:F8:6C:4B:22:58:57:EA:EA:DE:48
X509v3 Authority Key Identifier:
keyid:CA:09:14:9F:34:78:4F:5B:20:2C:56:76:1B:01:D3:5D:D0:25:69:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygkUnzR4T1sgLFZ2GwHTXdAlac0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/9hSS_TvQhCvC8fhsSyJYV-rq3kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b0dcda-a37e-4703-8d5a-9aad903a7276/1/ygkUnzR4T1sgLFZ2GwHTXdAlac0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.24.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:6c:4b:f6:d0:64:15:2d:6f:2d:f5:79:b1:81:5f:31:05:83:
af:1a:e8:69:ce:1d:ad:c7:fc:b0:91:53:1b:74:eb:ed:62:d3:
42:cd:45:aa:43:12:de:61:6a:1b:1f:bd:4a:80:3d:9d:7b:57:
2a:71:68:cb:06:79:20:f7:0c:96:44:fc:06:96:3a:4e:aa:e9:
dd:60:05:ee:40:81:46:cf:5e:eb:5d:ff:a9:63:85:6f:84:7c:
e3:e7:b3:84:61:76:57:3e:5c:66:a2:e0:84:f8:26:b9:47:96:
89:b5:13:3a:2e:be:27:0e:e7:dc:0e:93:c8:b8:bd:ac:e1:ea:
c3:78:0a:86:cb:b1:5e:47:ea:99:c5:b1:f5:b8:db:a0:22:4c:
d6:4a:8e:39:a6:40:f7:67:2b:9b:25:c8:f0:d1:02:6c:d9:9e:
89:6f:bf:f0:e0:ed:a9:cc:3f:16:c1:7b:bd:99:c2:50:2a:97:
40:2a:16:22:26:e5:7c:11:8d:37:d6:57:1c:2f:f0:b7:8c:65:
28:59:bc:94:6d:b7:24:6c:61:9e:e2:24:4a:13:07:ea:4b:98:
25:4d:72:09:0e:0b:fd:f8:54:d6:bc:df:a3:68:b5:97:41:8d:
37:44:48:47:7c:4d:01:e4:26:3a:18:0f:8e:95:90:4e:79:9b:
a1:02:8c:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQija4pRPsrAYfjNZl8duTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDkxNDlmMzQ3ODRmNWIyMDJjNTY3NjFiMDFkMzVkZDAy
NTY5Y2QwHhcNMjUwMTAxMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE0OTJmZDNiZDA4NDJiYzJmMWY4NmM0YjIyNTg1N2VhZWFkZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJxSaMKFahVXu1Xzm4/0iKlyQXdU
MyNM7W97HFq955wT9wjpEMTql4+VjY2IzL3sHB3allqdlxvQxhY7kiYzWQqKiLCv
j/AKveypZ3xYhf7Zl7InLHvzE9PzB6XbDf769KM7gKS6iQ3E+P6GSwOSZixLW176
2cLFDl5OLTRWEZo/6H8Pgf5JODHjpSQz+7dU9XbBgT1srDGqF9bMcS8G445/sHDl
0dOJMqBV1vluTwT6jZo4ug0CyKD444PciMO7S76OTvtpiZoEmqR7Yrc9MI91/9pw
7PK+uATsGwKMhsDoPOse23XVKr+hAEk2eh3LfbIbMH/A8BYuXZ5pZW9McQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYUkv070IQrwvH4bEsiWFfq6t5IMB8GA1UdIwQY
MBaAFMoJFJ80eE9bICxWdhsB013QJWnNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdrVW56UjRUMXNnTEZaMkd3SFRYZEFsYWMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iMGRjZGEtYTM3ZS00NzAzLThkNWEt
OWFhZDkwM2E3Mjc2LzEvOWhTU19UdlFoQ3ZDOGZoc1N5SllWLXJxM2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iMGRjZGEtYTM3ZS00NzAzLThkNWEtOWFhZDkwM2E3Mjc2
LzEveWdrVW56UjRUMXNnTEZaMkd3SFRYZEFsYWMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYgYMA0G
CSqGSIb3DQEBCwUAA4IBAQCbbEv20GQVLW8t9XmxgV8xBYOvGuhpzh2tx/ywkVMb
dOvtYtNCzUWqQxLeYWobH71KgD2de1cqcWjLBnkg9wyWRPwGljpOqundYAXuQIFG
z17rXf+pY4VvhHzj57OEYXZXPlxmouCE+Ca5R5aJtRM6Lr4nDufcDpPIuL2s4erD
eAqGy7FeR+qZxbH1uNugIkzWSo45pkD3ZyubJcjw0QJs2Z6Jb7/w4O2pzD8WwXu9
mcJQKpdAKhYiJuV8EY031lccL/C3jGUoWbyUbbckbGGe4iRKEwfqS5glTXIJDgv9
+FTWvN+jaLWXQY03REhHfE0B5CY6GA+OlZBOeZuhAozG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net