Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/nRY6f0HmJ7S8CYmolnmrtVb1JGw.roa
File: nRY6f0HmJ7S8CYmolnmrtVb1JGw.roa (raw, json)
Hash identifier: jhgaQrPs/TQq82v7wbUyYwj7VfBFttXWHM8WTx1fF9k=
Subject key identifier: 9D:16:3A:7F:41:E6:27:B4:BC:09:89:A8:96:79:AB:B5:56:F5:24:6C
Certificate issuer: /CN=f5346d3edbec6da72780722c0a41abeea63661d8
Certificate serial: 01942144236938EB0ADFFB7F9CD4541048A8
Authority key identifier: F5:34:6D:3E:DB:EC:6D:A7:27:80:72:2C:0A:41:AB:EE:A6:36:61:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TRtPtvsbacngHIsCkGr7qY2Ydg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/nRY6f0HmJ7S8CYmolnmrtVb1JGw.roa
Signing time: Wed 01 Jan 2025 09:48:21 +0000
ROA not before: Wed 01 Jan 2025 09:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.57.216.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:23:69:38:eb:0a:df:fb:7f:9c:d4:54:10:48:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5346d3edbec6da72780722c0a41abeea63661d8
Validity
Not Before: Jan 1 09:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d163a7f41e627b4bc0989a89679abb556f5246c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:36:1c:d5:c6:fe:64:1e:4f:5d:53:f1:5a:
17:20:e8:54:8f:8f:77:f6:e0:e2:96:2c:8b:e3:8d:
7b:6e:4a:ea:22:3d:bd:26:38:31:8b:2d:2e:5c:0f:
48:95:e0:89:36:1d:42:8a:c8:ae:cd:45:82:1c:24:
7b:5c:3f:0b:8a:dc:f8:0f:87:65:7f:1e:72:66:90:
1c:42:da:3d:ea:5a:4b:61:8e:02:ed:ad:3a:3c:ba:
06:8e:aa:4e:71:7c:9f:75:ee:6c:fa:bb:dc:89:9d:
8d:a1:44:8f:79:43:ae:05:7b:0e:fa:ea:28:a1:fd:
79:ba:e7:e4:fc:7b:c3:46:21:0e:1d:a5:bf:3a:29:
8b:b9:a0:c3:e4:df:ad:9f:28:66:1f:8d:24:c1:af:
4c:6b:ba:6d:08:fa:be:b9:db:2d:39:aa:4c:04:d1:
3d:52:0f:71:3b:91:2e:ca:8a:7c:e3:6b:3f:bc:37:
df:35:38:1c:4b:f7:98:1c:c8:e3:ee:89:50:a8:15:
df:32:59:aa:5f:a6:b0:54:80:23:91:b1:e2:5b:0d:
38:29:ad:9e:cf:4c:3f:f8:78:ad:65:ef:1f:f5:1f:
0d:55:83:6f:ce:16:f0:f3:25:ec:aa:1b:b6:75:c6:
9a:5c:49:a8:e8:32:41:56:17:31:4c:c4:5f:80:f5:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:16:3A:7F:41:E6:27:B4:BC:09:89:A8:96:79:AB:B5:56:F5:24:6C
X509v3 Authority Key Identifier:
keyid:F5:34:6D:3E:DB:EC:6D:A7:27:80:72:2C:0A:41:AB:EE:A6:36:61:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TRtPtvsbacngHIsCkGr7qY2Ydg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/nRY6f0HmJ7S8CYmolnmrtVb1JGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/be8064-9e11-461a-936d-fa70bd90e894/1/9TRtPtvsbacngHIsCkGr7qY2Ydg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.216.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:0b:ae:2d:df:4d:1f:9b:68:49:36:2e:29:3d:2b:92:10:77:
41:6b:d5:d4:11:e6:2c:fb:6a:13:ca:c3:7e:1b:4b:dc:36:b4:
1c:af:7e:fe:60:ee:2d:63:fe:8b:38:84:10:79:eb:ba:40:82:
61:65:95:80:18:dc:11:d5:5d:60:32:02:43:49:8a:6c:f4:0b:
3f:25:2e:18:1e:be:eb:9f:43:77:f5:4f:01:33:7e:2a:0a:09:
23:4a:27:ea:91:1e:cd:e5:c3:97:b1:df:d2:52:90:83:f6:ad:
e7:d8:c9:37:5b:c5:68:d1:9a:5d:11:51:d3:1e:de:9a:2d:10:
b2:4d:56:ac:3e:9a:3b:40:13:69:15:ee:cc:17:32:ab:35:3b:
6b:5e:c7:d8:74:de:4a:6c:03:4a:10:a2:b1:29:83:0e:61:db:
a4:ae:ae:15:e7:ab:9b:a8:a5:84:f5:62:57:5a:ba:75:d5:f8:
a4:5e:3d:03:ab:99:39:47:7e:d4:f5:5d:c1:92:31:f2:65:5f:
a8:58:2c:73:a5:ef:e1:22:6f:d9:36:3c:a2:5f:06:b9:60:a7:
ac:d2:44:51:39:2f:a3:a8:4c:20:25:05:0d:bb:c2:0c:08:c7:
cd:b7:3d:3e:12:f1:fe:01:ab:fc:9e:7c:52:26:3f:78:a0:ed:
dd:8c:f0:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCNpOOsK3/t/nNRUEEioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzQ2ZDNlZGJlYzZkYTcyNzgwNzIyYzBhNDFhYmVlYTYz
NjYxZDgwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDE2M2E3ZjQxZTYyN2I0YmMwOTg5YTg5Njc5YWJiNTU2ZjUyNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE82HNXG/mQeT11T8VoXIOhUj493
9uDiliyL4417bkrqIj29Jjgxiy0uXA9IleCJNh1CisiuzUWCHCR7XD8Litz4D4dl
fx5yZpAcQto96lpLYY4C7a06PLoGjqpOcXyfde5s+rvciZ2NoUSPeUOuBXsO+uoo
of15uufk/HvDRiEOHaW/OimLuaDD5N+tnyhmH40kwa9Ma7ptCPq+udstOapMBNE9
Ug9xO5Euyop842s/vDffNTgcS/eYHMjj7olQqBXfMlmqX6awVIAjkbHiWw04Ka2e
z0w/+HitZe8f9R8NVYNvzhbw8yXsqhu2dcaaXEmo6DJBVhcxTMRfgPWnAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0WOn9B5ie0vAmJqJZ5q7VW9SRsMB8GA1UdIwQY
MBaAFPU0bT7b7G2nJ4ByLApBq+6mNmHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVRSdFB0dnNiYWNuZ0hJc0NrR3I3cVkyWWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iZTgwNjQtOWUxMS00NjFhLTkzNmQt
ZmE3MGJkOTBlODk0LzEvblJZNmYwSG1KN1M4Q1ltb2xubXJ0VmIxSkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iZTgwNjQtOWUxMS00NjFhLTkzNmQtZmE3MGJkOTBlODk0
LzEvOVRSdFB0dnNiYWNuZ0hJc0NrR3I3cVkyWWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTnYMA0G
CSqGSIb3DQEBCwUAA4IBAQDAC64t300fm2hJNi4pPSuSEHdBa9XUEeYs+2oTysN+
G0vcNrQcr37+YO4tY/6LOIQQeeu6QIJhZZWAGNwR1V1gMgJDSYps9As/JS4YHr7r
n0N39U8BM34qCgkjSifqkR7N5cOXsd/SUpCD9q3n2Mk3W8Vo0ZpdEVHTHt6aLRCy
TVasPpo7QBNpFe7MFzKrNTtrXsfYdN5KbANKEKKxKYMOYdukrq4V56ubqKWE9WJX
Wrp11fikXj0Dq5k5R37U9V3BkjHyZV+oWCxzpe/hIm/ZNjyiXwa5YKes0kRROS+j
qEwgJQUNu8IMCMfNtz0+EvH+Aav8nnxSJj94oO3djPBU
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:04 2025 by rpki-client