Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/nDB6bqiXy-rzhdku9Lj005kPHfA.roa
File: nDB6bqiXy-rzhdku9Lj005kPHfA.roa (raw, json)
Hash identifier: 0AJR+PurXnO7T0pJNk8Tq3MFQx7X/cSxW3eCAXJvtLk=
Subject key identifier: 9C:30:7A:6E:A8:97:CB:EA:F3:85:D9:2E:F4:B8:F4:D3:99:0F:1D:F0
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 019425FD604F5FF305EDCAEFFE35691339ED
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/nDB6bqiXy-rzhdku9Lj005kPHfA.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212141
IP address blocks: 185.203.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:60:4f:5f:f3:05:ed:ca:ef:fe:35:69:13:39:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c307a6ea897cbeaf385d92ef4b8f4d3990f1df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4b:59:60:6f:49:f5:74:c4:81:ac:1a:fc:e8:
9e:13:c0:d6:6f:39:f8:a4:c2:91:92:84:f1:60:ec:
3e:1d:fa:27:75:09:f6:5a:89:ba:f8:c7:c3:61:10:
14:35:d4:2f:92:e2:ac:0d:38:e0:61:33:cf:bf:f1:
68:af:62:a1:e4:f3:72:77:f1:12:84:f3:d4:04:20:
9c:7b:a7:15:b5:31:bd:2a:95:60:8c:ef:88:d2:fb:
f6:23:6c:f7:d3:7f:f7:ee:21:10:15:0c:0f:87:33:
85:ff:61:dd:c0:76:54:d6:33:73:79:25:02:b6:c8:
e2:c9:9a:af:2a:3c:5a:4b:3b:7f:bf:cd:29:70:52:
5d:55:61:f2:e2:9b:1a:25:b1:db:0a:68:be:2e:d2:
db:43:f8:71:af:fb:64:83:ac:db:24:28:51:7a:0d:
3b:b6:d3:d0:04:50:4d:60:b4:64:e4:2a:e1:0f:ba:
f1:38:f8:ea:6d:86:cb:d0:c0:6b:fd:13:4a:42:fe:
c8:34:06:bd:01:ba:c4:02:b7:41:ca:ab:c9:23:ad:
df:0a:8b:ec:f2:24:22:9b:7a:a7:a6:82:7e:62:b6:
42:94:60:b1:40:e2:5f:1c:16:52:e6:b4:04:1d:30:
fc:53:ab:ba:79:1a:dd:d1:1e:7a:63:d7:80:5f:e6:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:30:7A:6E:A8:97:CB:EA:F3:85:D9:2E:F4:B8:F4:D3:99:0F:1D:F0
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/nDB6bqiXy-rzhdku9Lj005kPHfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9c:70:d6:9d:ff:0b:68:8e:b8:97:4c:dd:e3:87:ef:b9:4a:
b8:1b:be:71:fe:73:7b:69:80:15:b4:5c:37:91:2d:ce:0f:0f:
99:f6:96:65:e9:67:4d:15:e8:d6:c9:d4:67:a1:80:ed:e4:04:
44:a2:11:13:73:1b:04:5f:52:f8:b7:84:96:95:bb:cb:4c:88:
83:b7:4c:d4:56:d9:36:51:ab:8a:5f:bf:35:91:8b:80:b4:e8:
fe:09:64:54:d4:fb:85:b0:12:7e:60:04:20:91:fd:66:44:1e:
f8:bd:b7:00:ce:9f:c8:77:bf:0c:2f:ad:4d:7e:15:d9:94:0f:
c3:9d:42:21:01:28:e1:71:80:45:91:54:0f:53:95:5f:90:8a:
dc:11:a7:c4:43:9d:e8:6c:74:8e:e0:a2:38:32:13:fd:69:a2:
03:f2:57:31:a1:3e:2e:02:a6:8d:22:1c:e4:de:51:5d:07:ac:
a5:89:32:ae:f8:e0:18:84:95:32:9d:cf:9a:2b:4d:b3:fe:1e:
39:a7:48:e8:7c:df:26:4b:27:07:ac:c8:93:13:03:dc:4a:08:
4e:0b:82:63:a2:fe:45:0d:c2:d3:5f:03:80:8e:9e:e1:fe:2a:
6e:e2:5e:02:e5:fb:73:8f:58:bb:f7:bd:9e:51:49:a7:f5:ae:
b9:88:8a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/WBPX/MF7crv/jVpEzntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzMwN2E2ZWE4OTdjYmVhZjM4NWQ5MmVmNGI4ZjRkMzk5MGYxZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUtZYG9J9XTEgawa/OieE8DWbzn4
pMKRkoTxYOw+HfondQn2Wom6+MfDYRAUNdQvkuKsDTjgYTPPv/For2Kh5PNyd/ES
hPPUBCCce6cVtTG9KpVgjO+I0vv2I2z303/37iEQFQwPhzOF/2HdwHZU1jNzeSUC
tsjiyZqvKjxaSzt/v80pcFJdVWHy4psaJbHbCmi+LtLbQ/hxr/tkg6zbJChReg07
ttPQBFBNYLRk5CrhD7rxOPjqbYbL0MBr/RNKQv7INAa9AbrEArdByqvJI63fCovs
8iQim3qnpoJ+YrZClGCxQOJfHBZS5rQEHTD8U6u6eRrd0R56Y9eAX+a0twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwwem6ol8vq84XZLvS49NOZDx3wMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvbkRCNmJxaVh5LXJ6aGRrdTlMajAwNWtQSGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucvHMA0G
CSqGSIb3DQEBCwUAA4IBAQB6nHDWnf8LaI64l0zd44fvuUq4G75x/nN7aYAVtFw3
kS3ODw+Z9pZl6WdNFejWydRnoYDt5AREohETcxsEX1L4t4SWlbvLTIiDt0zUVtk2
UauKX781kYuAtOj+CWRU1PuFsBJ+YAQgkf1mRB74vbcAzp/Id78ML61NfhXZlA/D
nUIhASjhcYBFkVQPU5VfkIrcEafEQ53obHSO4KI4MhP9aaID8lcxoT4uAqaNIhzk
3lFdB6yliTKu+OAYhJUync+aK02z/h45p0jofN8mSycHrMiTEwPcSghOC4Jjov5F
DcLTXwOAjp7h/ipu4l4C5ftzj1i7972eUUmn9a65iIrt
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:03:13 2025 by rpki-client