Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/Nj_g5XagzgChnaGJmyAjIxliPxQ.roa
File: Nj_g5XagzgChnaGJmyAjIxliPxQ.roa (raw, json)
Hash identifier: 2T2yAo36kvnreO/zfmG7HDMPjTZHcC33NYqG6yteeqQ=
Subject key identifier: 36:3F:E0:E5:76:A0:CE:00:A1:9D:A1:89:9B:20:23:23:19:62:3F:14
Certificate issuer: /CN=8b6a23a2fd1a0956378a37d4fce259df2bd794a7
Certificate serial: 019421446049D89273EE8BA94AB415C1AA94
Authority key identifier: 8B:6A:23:A2:FD:1A:09:56:37:8A:37:D4:FC:E2:59:DF:2B:D7:94:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2ojov0aCVY3ijfU_OJZ3yvXlKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/Nj_g5XagzgChnaGJmyAjIxliPxQ.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 185.68.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:60:49:d8:92:73:ee:8b:a9:4a:b4:15:c1:aa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6a23a2fd1a0956378a37d4fce259df2bd794a7
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=363fe0e576a0ce00a19da1899b20232319623f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4f:24:12:29:e7:21:28:ec:f1:af:ad:13:af:
7a:c4:72:61:80:13:28:52:88:42:05:51:1d:40:71:
74:7f:e0:9a:93:cb:60:d0:3d:23:2d:62:1a:27:32:
19:75:c8:50:0a:c2:f2:0f:fd:3e:b3:1a:42:6f:35:
07:0d:65:7a:ae:7f:6e:c9:2c:42:4f:47:5b:d9:23:
e7:7d:ba:ec:ea:14:3d:e8:4e:0a:85:47:da:37:8f:
ee:ad:59:ce:24:cb:13:e7:e7:65:b0:5a:22:7c:93:
a1:82:b9:4d:b9:e5:df:55:9f:b6:fc:e0:b6:4d:c9:
fe:fd:38:7d:95:cf:15:dc:6e:07:48:1b:70:45:d5:
19:bd:6a:e9:68:82:78:10:34:de:fa:7d:cf:87:fb:
b3:d2:cf:3b:66:35:5e:48:ab:d3:d4:f1:d6:c7:78:
e2:96:cf:12:d4:64:e6:47:07:20:e9:ed:a7:4e:34:
a6:ba:2a:bf:f7:b5:04:3e:f4:e2:7c:f9:f5:9e:0b:
74:cf:dd:32:45:69:1a:79:ff:40:d3:c8:81:8e:0e:
74:d7:bb:d3:c5:76:6b:2c:f9:85:f4:f3:03:67:9c:
5e:46:43:a4:50:61:4e:e5:49:10:d9:21:7a:1e:87:
7d:b5:1f:ff:79:21:5c:80:26:13:a2:9a:c4:0e:ca:
99:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3F:E0:E5:76:A0:CE:00:A1:9D:A1:89:9B:20:23:23:19:62:3F:14
X509v3 Authority Key Identifier:
keyid:8B:6A:23:A2:FD:1A:09:56:37:8A:37:D4:FC:E2:59:DF:2B:D7:94:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2ojov0aCVY3ijfU_OJZ3yvXlKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/Nj_g5XagzgChnaGJmyAjIxliPxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.200.0/22
Signature Algorithm: sha256WithRSAEncryption
82:2e:0b:21:82:2e:39:8c:c0:5f:ef:8d:51:ba:0d:bc:19:cd:
ef:f8:34:35:9c:6b:eb:3e:a8:f2:74:9e:c2:a2:f4:3d:b7:6a:
9c:75:3a:39:0b:b6:9e:e8:56:bd:c3:e9:5b:ff:c8:7f:89:36:
6d:1c:3e:d7:f0:f3:87:68:b2:28:06:cc:41:b5:30:48:1e:a8:
49:f2:2b:de:48:92:95:04:ce:8f:96:be:5a:1c:6c:1f:70:f2:
74:8c:01:91:a1:78:64:4d:f7:dd:ef:2c:1b:03:74:70:80:17:
35:85:af:bd:05:38:55:45:1b:b4:4a:a4:1f:64:a8:dd:7f:6c:
36:28:39:fc:93:a9:fb:ef:d5:aa:49:96:f0:61:7f:ea:db:f8:
4c:fa:d3:cc:5a:fd:66:3f:e1:ae:74:91:5e:68:e0:76:5a:c2:
4d:12:a6:60:5a:83:5e:e5:38:a9:67:b6:49:df:64:a1:3a:74:
18:61:51:aa:ec:4a:f3:ce:8f:2e:7d:2e:17:e9:27:cb:a7:4e:
20:69:e1:24:24:f0:bd:d3:9a:6a:3a:3f:62:d7:2e:ab:60:d2:
c1:c2:03:1f:26:6b:92:1b:64:e4:3e:3f:71:27:bc:55:2a:10:
ba:d1:09:82:fc:a8:61:7d:40:25:7b:49:ec:12:5a:57:2f:6d:
e5:64:1e:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGBJ2JJz7oupSrQVwaqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNmEyM2EyZmQxYTA5NTYzNzhhMzdkNGZjZTI1OWRmMmJk
Nzk0YTcwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNmZTBlNTc2YTBjZTAwYTE5ZGExODk5YjIwMjMyMzE5NjIzZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5E8kEinnISjs8a+tE696xHJhgBMo
UohCBVEdQHF0f+Cak8tg0D0jLWIaJzIZdchQCsLyD/0+sxpCbzUHDWV6rn9uySxC
T0db2SPnfbrs6hQ96E4KhUfaN4/urVnOJMsT5+dlsFoifJOhgrlNueXfVZ+2/OC2
Tcn+/Th9lc8V3G4HSBtwRdUZvWrpaIJ4EDTe+n3Ph/uz0s87ZjVeSKvT1PHWx3ji
ls8S1GTmRwcg6e2nTjSmuiq/97UEPvTifPn1ngt0z90yRWkaef9A08iBjg5017vT
xXZrLPmF9PMDZ5xeRkOkUGFO5UkQ2SF6Hod9tR//eSFcgCYToprEDsqZOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDY/4OV2oM4AoZ2hiZsgIyMZYj8UMB8GA1UdIwQY
MBaAFItqI6L9GglWN4o31PziWd8r15SnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJvam92MGFDVlkzaWpmVV9PSlozeXZYbEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mOTFiMmMtYzVmZS00NjI1LWExODAt
OWE0NmVkNWI0MmRiLzEvTmpfZzVYYWd6Z0NobmFHSm15QWpJeGxpUHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mOTFiMmMtYzVmZS00NjI1LWExODAtOWE0NmVkNWI0MmRi
LzEvaTJvam92MGFDVlkzaWpmVV9PSlozeXZYbEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUTIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCLgshgi45jMBf741Rug28Gc3v+DQ1nGvrPqjydJ7C
ovQ9t2qcdTo5C7ae6Fa9w+lb/8h/iTZtHD7X8POHaLIoBsxBtTBIHqhJ8iveSJKV
BM6Plr5aHGwfcPJ0jAGRoXhkTffd7ywbA3RwgBc1ha+9BThVRRu0SqQfZKjdf2w2
KDn8k6n779WqSZbwYX/q2/hM+tPMWv1mP+GudJFeaOB2WsJNEqZgWoNe5TipZ7ZJ
32ShOnQYYVGq7Erzzo8ufS4X6SfLp04gaeEkJPC905pqOj9i1y6rYNLBwgMfJmuS
G2TkPj9xJ7xVKhC60QmC/KhhfUAle0nsElpXL23lZB7T
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:17 2025 by rpki-client