Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ncvY-3eTmqkT0_LfjDXCRifaifA.roa
File: ncvY-3eTmqkT0_LfjDXCRifaifA.roa (raw, json)
Hash identifier: /UAK3NdqR5Lj2mP9B+Q17l8Do/u1STxSK40QVKRGoYw=
Subject key identifier: 9D:CB:D8:FB:77:93:9A:A9:13:D3:F2:DF:8C:35:C2:46:27:DA:89:F0
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018B37EE72C80764B127DD1CDF15CAF651F5
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ncvY-3eTmqkT0_LfjDXCRifaifA.roa
Signing time: Mon 16 Oct 2023 10:00:55 +0000
ROA not before: Mon 16 Oct 2023 10:00:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:ee:72:c8:07:64:b1:27:dd:1c:df:15:ca:f6:51:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 16 10:00:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dcbd8fb77939aa913d3f2df8c35c24627da89f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:59:cb:b0:36:bf:05:e9:01:7f:dc:e2:30:
3a:78:19:22:35:0d:a7:93:51:d5:5e:a7:3f:4d:fe:
e3:88:e6:3a:fd:19:17:17:53:49:94:60:b5:f3:de:
6d:03:89:d4:e8:ae:8b:0a:0b:59:77:d4:97:41:02:
9a:d8:40:7c:9c:61:4a:c2:73:35:b1:f9:cc:90:4c:
a7:ad:b2:53:00:5d:ed:2c:69:16:04:64:29:d9:1a:
3c:8f:0a:e5:99:3d:1d:73:24:0d:45:37:ed:87:02:
6b:ee:bc:39:c3:a4:1e:5e:93:10:94:f9:cb:8e:3a:
f1:91:0c:c7:ab:f6:65:08:e9:34:1d:30:f3:35:ca:
42:a3:c2:26:62:ea:6b:50:d0:66:fe:39:8b:12:3f:
0c:df:30:bd:48:19:b2:a4:f1:4b:b0:f6:5a:dd:7d:
81:16:05:98:4e:ca:55:5a:8f:84:ee:a8:fe:e0:08:
cd:97:3b:96:9e:eb:07:f9:5c:e9:21:c6:d3:59:23:
0d:5e:b1:a5:d5:5d:42:bf:ba:92:13:47:3d:3f:c2:
55:88:72:2d:5b:ea:77:8d:86:45:bd:d2:0a:7a:7f:
fb:b5:d4:cd:b5:17:7c:e8:f2:a2:fa:28:8b:54:4d:
f7:aa:6f:fc:1a:eb:9a:80:b3:db:ae:e1:83:d5:aa:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CB:D8:FB:77:93:9A:A9:13:D3:F2:DF:8C:35:C2:46:27:DA:89:F0
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ncvY-3eTmqkT0_LfjDXCRifaifA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:07:12:99:f4:0d:76:fd:cb:0c:7f:58:4b:18:53:73:b7:9b:
43:10:1a:22:6e:d7:9e:ed:36:26:96:bc:73:02:04:4d:db:9b:
92:a4:d8:d4:b2:6b:49:46:88:7a:a5:38:d1:1e:9e:1d:20:5a:
33:30:4d:57:1f:31:a4:fe:02:22:79:0b:a7:62:ec:66:07:07:
d8:18:1d:1b:c9:38:8b:2e:ab:3f:d9:4c:70:46:1b:5e:44:c4:
99:cc:75:3e:4e:18:09:3b:08:80:63:14:33:c1:0a:51:a0:62:
9c:78:0b:16:c7:dc:e3:b1:79:0c:12:fa:5e:94:f7:60:2a:ca:
cb:6d:ee:14:0f:ee:50:98:ea:c5:c2:11:0a:4d:dc:51:0c:fb:
64:c1:49:b9:c3:72:ac:f6:99:25:23:f7:da:d1:4b:57:da:06:
fa:d7:d0:f0:c0:db:03:fc:c8:22:a9:66:a3:48:75:7b:7d:14:
1a:b3:ae:9f:d0:6c:3d:0b:1e:2f:30:bd:52:92:31:3a:d1:db:
aa:8e:b5:b6:f7:28:b9:09:96:c7:80:0d:a1:ad:25:61:57:f1:
c5:29:87:56:72:d2:16:8b:71:0b:d8:12:3c:59:19:3b:e4:09:
8f:e4:a2:13:2d:63:c3:c8:5d:94:9a:35:84:ad:e7:89:fe:0b:
4e:af:74:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs37nLIB2SxJ90c3xXK9lH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMDE2MTAwMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNiZDhmYjc3OTM5YWE5MTNkM2YyZGY4YzM1YzI0NjI3ZGE4OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTFZy7A2vwXpAX/c4jA6eBkiNQ2n
k1HVXqc/Tf7jiOY6/RkXF1NJlGC1895tA4nU6K6LCgtZd9SXQQKa2EB8nGFKwnM1
sfnMkEynrbJTAF3tLGkWBGQp2Ro8jwrlmT0dcyQNRTfthwJr7rw5w6QeXpMQlPnL
jjrxkQzHq/ZlCOk0HTDzNcpCo8ImYuprUNBm/jmLEj8M3zC9SBmypPFLsPZa3X2B
FgWYTspVWo+E7qj+4AjNlzuWnusH+VzpIcbTWSMNXrGl1V1Cv7qSE0c9P8JViHIt
W+p3jYZFvdIKen/7tdTNtRd86PKi+iiLVE33qm/8GuuagLPbruGD1apkJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3L2Pt3k5qpE9Py34w1wkYn2onwMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvbmN2WS0zZVRtcWtUMF9MZmpEWENSaWZhaWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQCxBxKZ9A12/csMf1hLGFNzt5tDEBoibtee7TYmlrxz
AgRN25uSpNjUsmtJRoh6pTjRHp4dIFozME1XHzGk/gIieQunYuxmBwfYGB0byTiL
Lqs/2UxwRhteRMSZzHU+ThgJOwiAYxQzwQpRoGKceAsWx9zjsXkMEvpelPdgKsrL
be4UD+5QmOrFwhEKTdxRDPtkwUm5w3Ks9pklI/fa0UtX2gb619DwwNsD/MgiqWaj
SHV7fRQas66f0Gw9Cx4vML1SkjE60duqjrW29yi5CZbHgA2hrSVhV/HFKYdWctIW
i3EL2BI8WRk75AmP5KITLWPDyF2UmjWEreeJ/gtOr3Sl
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:00 2025 by rpki-client