Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/9WKGTgwddlJrF0GDwKviNGYwE3w.roa
File: 9WKGTgwddlJrF0GDwKviNGYwE3w.roa (raw, json)
Hash identifier: OOjveQWMKMKOirXevzy9cqKbvF7vmK68CwZR4Vcag30=
Subject key identifier: F5:62:86:4E:0C:1D:76:52:6B:17:41:83:C0:AB:E2:34:66:30:13:7C
Certificate issuer: /CN=29825ace865225eccb273541c4ed21cda1333d13
Certificate serial: 0183F4DA50D881D087FB4C18EDA24A7795EC
Authority key identifier: 29:82:5A:CE:86:52:25:EC:CB:27:35:41:C4:ED:21:CD:A1:33:3D:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYJazoZSJezLJzVBxO0hzaEzPRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/9WKGTgwddlJrF0GDwKviNGYwE3w.roa
Signing time: Thu 20 Oct 2022 10:04:51 +0000
ROA not before: Thu 20 Oct 2022 10:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206221
IP address blocks: 185.1.240.0/24 maxlen: 24
2001:7f8:12a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:da:50:d8:81:d0:87:fb:4c:18:ed:a2:4a:77:95:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29825ace865225eccb273541c4ed21cda1333d13
Validity
Not Before: Oct 20 10:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f562864e0c1d76526b174183c0abe2346630137c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:fa:d5:b6:ed:a3:73:83:01:c1:56:5a:63:
d1:48:2d:f9:dc:57:09:d3:09:ab:6a:b0:39:f8:df:
01:52:7b:ea:e8:b6:58:08:a7:7b:74:d6:06:cc:7f:
66:c9:ee:02:68:f8:0e:d9:28:09:67:9d:2a:9e:02:
46:dc:8b:50:17:8d:cf:e7:ca:8a:22:4f:0d:bb:44:
b1:fe:d8:d8:c9:5a:73:1c:8b:91:92:cc:b0:eb:48:
05:17:5b:55:10:98:e1:f3:1d:9b:9f:53:82:07:f2:
aa:69:c7:d1:73:7d:6c:9e:bf:3b:75:15:8d:6e:c8:
c2:9d:e0:7b:a1:92:d2:cd:d6:81:14:fe:09:b0:cd:
74:6d:8d:38:96:fa:7f:4b:7b:a5:ca:18:b9:e8:82:
ca:d2:53:a8:a0:cb:15:77:d0:35:5d:dd:c7:d6:44:
34:f3:e3:32:76:31:27:6e:cb:66:54:cb:38:64:59:
da:3c:ff:35:cb:4b:e2:0d:0f:22:14:0a:85:bb:2f:
4a:cb:61:f6:7f:0a:75:b3:a4:0c:b5:3d:a6:d1:87:
23:10:4e:1e:0b:3c:6d:11:31:63:5e:4f:af:f7:d2:
1e:b3:40:87:bc:0e:55:63:d9:ee:af:ac:03:77:22:
c7:5c:94:1a:a6:b8:50:c0:12:82:d2:9d:0a:21:f8:
8f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:62:86:4E:0C:1D:76:52:6B:17:41:83:C0:AB:E2:34:66:30:13:7C
X509v3 Authority Key Identifier:
keyid:29:82:5A:CE:86:52:25:EC:CB:27:35:41:C4:ED:21:CD:A1:33:3D:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYJazoZSJezLJzVBxO0hzaEzPRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/9WKGTgwddlJrF0GDwKviNGYwE3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/03ed98-95ec-498e-bfe0-8f35f835082f/1/KYJazoZSJezLJzVBxO0hzaEzPRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.240.0/24
IPv6:
2001:7f8:12a::/48
Signature Algorithm: sha256WithRSAEncryption
67:9d:d4:33:bb:78:c5:1d:5f:2b:35:9e:6d:f9:e9:81:41:0f:
5c:2d:e4:9a:22:fa:17:04:6c:6e:ee:12:7f:57:0f:2e:1f:34:
1c:90:af:90:e8:35:c5:4a:c1:77:23:ff:93:02:bf:b1:7d:bd:
47:a8:55:63:01:3f:bb:7c:42:d3:91:bf:b3:45:12:26:c4:e3:
cb:4f:89:82:d0:aa:19:ed:d4:ca:e0:f6:e4:f9:9f:28:42:2a:
ca:c5:a9:0b:49:a9:e0:a3:69:56:9f:f5:5d:1b:0b:5a:43:c7:
6a:1d:34:49:8a:b3:c6:3c:5b:11:8b:9f:af:2d:83:12:1f:05:
53:29:9c:32:b4:0e:69:4c:1c:02:92:8a:17:b5:72:20:4d:3a:
72:80:59:18:44:8d:d7:9e:ef:1f:81:66:cd:43:db:05:4a:1b:
80:fa:16:67:08:0b:13:21:3e:d7:d2:b0:52:91:3b:b6:e9:20:
aa:4a:41:6e:53:7f:30:5c:8c:27:0f:e1:e1:5c:1d:ea:ac:af:
03:9b:1d:8a:4e:2a:08:6f:cb:d8:67:e1:ed:8f:f0:c9:03:54:
1f:7c:bb:3e:3c:d9:7d:1b:a9:c1:24:20:f3:68:bd:97:04:44:
b0:46:fb:46:47:e2:78:ea:fc:2c:5c:c3:42:53:dc:09:30:c4:
8c:86:1c:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYP02lDYgdCH+0wY7aJKd5XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODI1YWNlODY1MjI1ZWNjYjI3MzU0MWM0ZWQyMWNkYTEz
MzNkMTMwHhcNMjIxMDIwMTAwNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYyODY0ZTBjMWQ3NjUyNmIxNzQxODNjMGFiZTIzNDY2MzAxMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGv61bbto3ODAcFWWmPRSC353FcJ
0wmrarA5+N8BUnvq6LZYCKd7dNYGzH9mye4CaPgO2SgJZ50qngJG3ItQF43P58qK
Ik8Nu0Sx/tjYyVpzHIuRksyw60gFF1tVEJjh8x2bn1OCB/KqacfRc31snr87dRWN
bsjCneB7oZLSzdaBFP4JsM10bY04lvp/S3ulyhi56ILK0lOooMsVd9A1Xd3H1kQ0
8+MydjEnbstmVMs4ZFnaPP81y0viDQ8iFAqFuy9Ky2H2fwp1s6QMtT2m0YcjEE4e
CzxtETFjXk+v99Ies0CHvA5VY9nur6wDdyLHXJQaprhQwBKC0p0KIfiPywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPVihk4MHXZSaxdBg8Cr4jRmMBN8MB8GA1UdIwQY
MBaAFCmCWs6GUiXsyyc1QcTtIc2hMz0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lKYXpvWlNKZXpMSnpWQnhPMGh6YUV6UFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wM2VkOTgtOTVlYy00OThlLWJmZTAt
OGYzNWY4MzUwODJmLzEvOVdLR1Rnd2RkbEpyRjBHRHdLdmlOR1l3RTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wM2VkOTgtOTVlYy00OThlLWJmZTAtOGYzNWY4MzUwODJm
LzEvS1lKYXpvWlNKZXpMSnpWQnhPMGh6YUV6UFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHwMA8E
AgACMAkDBwAgAQf4ASowDQYJKoZIhvcNAQELBQADggEBAGed1DO7eMUdXys1nm35
6YFBD1wt5Joi+hcEbG7uEn9XDy4fNByQr5DoNcVKwXcj/5MCv7F9vUeoVWMBP7t8
QtORv7NFEibE48tPiYLQqhnt1Mrg9uT5nyhCKsrFqQtJqeCjaVaf9V0bC1pDx2od
NEmKs8Y8WxGLn68tgxIfBVMpnDK0DmlMHAKSihe1ciBNOnKAWRhEjdee7x+BZs1D
2wVKG4D6FmcICxMhPtfSsFKRO7bpIKpKQW5TfzBcjCcP4eFcHeqsrwObHYpOKghv
y9hn4e2P8MkDVB98uz482X0bqcEkIPNovZcERLBG+0ZH4njq/Cxcw0JT3AkwxIyG
HLs=
-----END CERTIFICATE-----
Generated at Sat May 3 15:05:43 2025 by rpki-client