Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/NYiqXRmP7nBBaBEa9iT79WYJ0gs.roa
File: NYiqXRmP7nBBaBEa9iT79WYJ0gs.roa (raw, json)
Hash identifier: UqGys13kNv1mtJhLUKGkAEs9pExc7CtEz6E2KnEqZvM=
Subject key identifier: 35:88:AA:5D:19:8F:EE:70:41:68:11:1A:F6:24:FB:F5:66:09:D2:0B
Certificate issuer: /CN=4e3c01ba0c5cbf20ae3e93ca3d379e62df5c959a
Certificate serial: 0194221F720A6B2F4A366B637C0530DF8F7F
Authority key identifier: 4E:3C:01:BA:0C:5C:BF:20:AE:3E:93:CA:3D:37:9E:62:DF:5C:95:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TjwBugxcvyCuPpPKPTeeYt9clZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/NYiqXRmP7nBBaBEa9iT79WYJ0gs.roa
Signing time: Wed 01 Jan 2025 13:47:53 +0000
ROA not before: Wed 01 Jan 2025 13:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18106
IP address blocks: 185.5.132.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:72:0a:6b:2f:4a:36:6b:63:7c:05:30:df:8f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e3c01ba0c5cbf20ae3e93ca3d379e62df5c959a
Validity
Not Before: Jan 1 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3588aa5d198fee704168111af624fbf56609d20b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:08:5d:f7:62:40:4f:b1:4b:fd:32:d2:cb:
f3:d1:5d:50:ec:48:8e:0a:23:1a:2e:eb:84:36:76:
f5:2b:75:7d:5a:94:19:40:1d:c2:f6:e5:bc:88:db:
5c:d0:14:b0:08:0d:42:9f:5e:7b:02:25:84:76:36:
67:64:4f:0a:b0:4c:fe:7a:de:fc:35:af:52:e1:a1:
ce:93:67:de:5a:58:1e:0a:0d:15:a3:ca:2a:34:d8:
77:5a:d5:f4:f9:f5:c3:09:59:5e:b1:5f:f5:29:57:
13:64:73:ab:81:f4:ac:c1:b3:eb:4b:a3:ee:4e:3c:
d3:b4:3d:24:f3:ce:ee:4b:a3:b6:c8:5c:d8:06:f7:
90:c4:87:28:2e:5c:a5:05:ef:77:68:1f:bc:a4:19:
71:3b:8a:b7:fe:f0:ea:16:fe:c3:1e:33:22:4e:66:
59:51:24:4b:95:3e:77:22:e1:63:df:6c:61:87:a0:
57:02:99:d8:cc:2c:f6:04:c8:a5:76:1f:53:50:2d:
7e:6e:2a:c2:22:74:c5:ee:59:ae:f8:03:d1:b6:82:
1e:2e:e7:2f:40:52:2c:ba:ce:d8:e7:46:fe:36:3d:
47:2f:5c:5a:31:d3:7d:7a:e0:2e:dd:7d:73:e9:e5:
f5:28:cf:6f:fc:ee:62:ed:fc:18:36:b2:45:ac:7b:
0f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:88:AA:5D:19:8F:EE:70:41:68:11:1A:F6:24:FB:F5:66:09:D2:0B
X509v3 Authority Key Identifier:
keyid:4E:3C:01:BA:0C:5C:BF:20:AE:3E:93:CA:3D:37:9E:62:DF:5C:95:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TjwBugxcvyCuPpPKPTeeYt9clZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/NYiqXRmP7nBBaBEa9iT79WYJ0gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b8e773-4e71-4d09-b74a-b27f552672e0/1/TjwBugxcvyCuPpPKPTeeYt9clZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.132.0/23
Signature Algorithm: sha256WithRSAEncryption
54:27:de:2f:ae:e9:4e:4f:2b:f8:f8:38:63:75:8e:9f:62:57:
f3:b3:b2:de:ef:74:1b:fb:fe:02:87:56:61:b6:d6:26:e1:aa:
d6:ac:84:b8:12:21:76:12:a7:b2:cb:64:28:71:d7:d0:bc:07:
fa:52:c8:94:c6:f3:9e:34:f0:6b:63:c5:0b:5f:49:7b:42:f8:
06:34:2f:75:12:e2:52:38:ec:20:b3:66:41:52:0e:bd:7a:3c:
b4:2b:f2:98:27:5e:97:15:ea:9d:91:84:be:b0:ed:6f:37:a1:
84:6c:fb:b7:71:74:ab:8d:1b:b6:5f:be:d8:44:c5:ff:f0:f7:
d0:1b:19:f2:5b:02:5f:4d:59:ee:5d:68:dc:ec:58:e4:8e:d2:
8d:53:b3:dd:66:0a:27:1e:e8:a5:40:64:2e:4a:20:0d:38:8b:
8e:2b:da:ad:54:78:da:b9:6a:ee:d2:17:80:9f:97:5a:1b:ad:
a0:57:6f:30:ee:a4:53:c4:d7:59:f6:40:f3:f0:93:f4:79:4d:
d4:16:4b:a1:96:bc:da:f5:28:b7:7f:3e:40:01:4e:c9:d9:38:
e8:05:23:1a:c6:cd:72:d6:5e:82:d0:e3:f4:43:3f:2f:ac:8d:
09:99:96:f6:d8:b7:aa:af:52:3b:f9:57:36:08:2d:5b:59:b1:
38:e0:39:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3IKay9KNmtjfAUw349/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlM2MwMWJhMGM1Y2JmMjBhZTNlOTNjYTNkMzc5ZTYyZGY1
Yzk1OWEwHhcNMjUwMTAxMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg4YWE1ZDE5OGZlZTcwNDE2ODExMWFmNjI0ZmJmNTY2MDlkMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwegIXfdiQE+xS/0y0svz0V1Q7EiO
CiMaLuuENnb1K3V9WpQZQB3C9uW8iNtc0BSwCA1Cn157AiWEdjZnZE8KsEz+et78
Na9S4aHOk2feWlgeCg0Vo8oqNNh3WtX0+fXDCVlesV/1KVcTZHOrgfSswbPrS6Pu
TjzTtD0k887uS6O2yFzYBveQxIcoLlylBe93aB+8pBlxO4q3/vDqFv7DHjMiTmZZ
USRLlT53IuFj32xhh6BXApnYzCz2BMildh9TUC1+birCInTF7lmu+APRtoIeLucv
QFIsus7Y50b+Nj1HL1xaMdN9euAu3X1z6eX1KM9v/O5i7fwYNrJFrHsPGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWIql0Zj+5wQWgRGvYk+/VmCdILMB8GA1UdIwQY
MBaAFE48AboMXL8grj6Tyj03nmLfXJWaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGp3QnVneGN2eUN1UHBQS1BUZWVZdDljbFpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOGU3NzMtNGU3MS00ZDA5LWI3NGEt
YjI3ZjU1MjY3MmUwLzEvTllpcVhSbVA3bkJCYUJFYTlpVDc5V1lKMGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOGU3NzMtNGU3MS00ZDA5LWI3NGEtYjI3ZjU1MjY3MmUw
LzEvVGp3QnVneGN2eUN1UHBQS1BUZWVZdDljbFpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQWEMA0G
CSqGSIb3DQEBCwUAA4IBAQBUJ94vrulOTyv4+DhjdY6fYlfzs7Le73Qb+/4Ch1Zh
ttYm4arWrIS4EiF2Eqeyy2QocdfQvAf6UsiUxvOeNPBrY8ULX0l7QvgGNC91EuJS
OOwgs2ZBUg69ejy0K/KYJ16XFeqdkYS+sO1vN6GEbPu3cXSrjRu2X77YRMX/8PfQ
GxnyWwJfTVnuXWjc7FjkjtKNU7PdZgonHuilQGQuSiANOIuOK9qtVHjauWru0heA
n5daG62gV28w7qRTxNdZ9kDz8JP0eU3UFkuhlrza9Si3fz5AAU7J2TjoBSMaxs1y
1l6C0OP0Qz8vrI0JmZb22Leqr1I7+Vc2CC1bWbE44DnO
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:31:46 2025 by rpki-client