Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/1f1ade-e2e6-4d73-96a9-427429fcd74c/1/NOYTh7ZlTxAFEDHg6RZrbrrgktU.roa
File: NOYTh7ZlTxAFEDHg6RZrbrrgktU.roa (raw, json)
Hash identifier: tsOnlXCMm1Zkvk7dgvDTsJOertYGX+iBxLbtlWab/tk=
Subject key identifier: 34:E6:13:87:B6:65:4F:10:05:10:31:E0:E9:16:6B:6E:BA:E0:92:D5
Certificate issuer: /CN=0c39d04ad83aac1de5a98cdf76240a97362c4ac6
Certificate serial: 019424B316DEDBE1BCB9725133951AD2225F
Authority key identifier: 0C:39:D0:4A:D8:3A:AC:1D:E5:A9:8C:DF:76:24:0A:97:36:2C:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DDnQStg6rB3lqYzfdiQKlzYsSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/1f1ade-e2e6-4d73-96a9-427429fcd74c/1/NOYTh7ZlTxAFEDHg6RZrbrrgktU.roa
Signing time: Thu 02 Jan 2025 01:48:23 +0000
ROA not before: Thu 02 Jan 2025 01:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 185.66.8.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:16:de:db:e1:bc:b9:72:51:33:95:1a:d2:22:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c39d04ad83aac1de5a98cdf76240a97362c4ac6
Validity
Not Before: Jan 2 01:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34e61387b6654f10051031e0e9166b6ebae092d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:21:29:e5:65:99:9d:3d:74:2d:91:fa:12:37:
d1:fe:69:80:4d:24:c2:d7:06:a0:ca:63:ec:1c:41:
ce:41:70:17:82:c3:89:14:62:bb:2e:04:f3:75:3a:
37:ea:bf:df:08:d1:81:c3:29:7d:01:79:85:81:67:
56:4d:83:ea:c0:4c:57:86:c1:f4:e7:68:7f:5a:af:
50:f2:30:e4:54:ed:35:a0:8b:91:a7:98:fd:99:b7:
f9:6f:02:50:03:b1:18:02:cd:51:3d:af:7e:2f:12:
ef:ce:dd:b4:93:a1:37:1e:d3:c0:92:0d:73:26:ff:
b5:7a:f3:35:87:54:7d:3e:a6:8c:a0:eb:1d:83:5b:
3c:41:bc:0d:7d:24:46:61:fc:b0:55:64:6a:5f:11:
36:25:02:02:3e:08:a1:43:42:13:b7:8e:d8:19:21:
93:97:9f:02:2a:5c:62:91:53:91:6b:44:e0:94:05:
33:32:f6:51:0b:41:94:59:77:4e:d3:fa:56:1a:86:
67:93:d5:61:87:e7:2d:e9:5d:8e:73:3f:24:2f:f6:
71:a8:2f:71:47:63:d5:24:99:52:52:8a:6a:9d:88:
42:2a:37:db:a1:77:3a:89:94:ef:8f:41:10:07:37:
17:07:7e:cb:d5:5a:7f:df:b0:94:9a:ea:ca:ac:53:
99:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E6:13:87:B6:65:4F:10:05:10:31:E0:E9:16:6B:6E:BA:E0:92:D5
X509v3 Authority Key Identifier:
keyid:0C:39:D0:4A:D8:3A:AC:1D:E5:A9:8C:DF:76:24:0A:97:36:2C:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDnQStg6rB3lqYzfdiQKlzYsSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1f1ade-e2e6-4d73-96a9-427429fcd74c/1/NOYTh7ZlTxAFEDHg6RZrbrrgktU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1f1ade-e2e6-4d73-96a9-427429fcd74c/1/DDnQStg6rB3lqYzfdiQKlzYsSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.8.0/22
Signature Algorithm: sha256WithRSAEncryption
38:d2:5c:90:dd:db:15:37:c2:83:f4:65:8b:f8:11:74:33:92:
6f:54:9f:80:bc:ac:b0:67:0d:86:87:4f:9a:54:3e:10:ba:fd:
66:ad:a4:3a:9e:b8:88:6d:ba:1b:c8:37:27:ea:f8:35:68:9d:
7a:6c:b2:01:26:48:1e:36:7a:b6:6e:ff:e3:16:06:d9:89:0b:
38:8c:68:f5:5a:3d:ac:77:e9:0a:b3:77:c5:8f:d2:48:96:aa:
36:7f:6c:99:3b:e9:91:e0:2a:80:21:15:22:a8:24:ff:e7:1b:
0f:61:e2:c4:17:bb:3c:20:f0:fe:b9:d4:32:43:36:c9:81:54:
c1:25:fa:a6:28:30:c0:61:6f:5b:b8:4d:c3:05:c0:ee:98:a7:
5a:ec:07:f1:7e:f4:3b:c6:f3:04:3f:56:a6:9e:c6:eb:b4:2e:
db:03:79:10:0a:26:65:a9:9c:e0:bc:13:94:74:2a:f6:13:59:
bf:ba:ac:b3:40:78:e0:5d:2e:d6:e6:b8:07:27:18:df:50:52:
0c:52:73:18:c7:3d:63:69:c4:1b:3c:c9:be:ad:2d:a1:fd:03:
5d:93:05:23:5c:70:c3:54:90:74:7f:0b:9c:47:83:b0:7e:41:
e8:cb:d6:79:b4:11:99:4d:8e:3b:36:29:67:ef:63:6c:fe:2c:
7e:23:dd:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksxbe2+G8uXJRM5Ua0iJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzlkMDRhZDgzYWFjMWRlNWE5OGNkZjc2MjQwYTk3MzYy
YzRhYzYwHhcNMjUwMTAyMDE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU2MTM4N2I2NjU0ZjEwMDUxMDMxZTBlOTE2NmI2ZWJhZTA5MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SEp5WWZnT10LZH6EjfR/mmATSTC
1wagymPsHEHOQXAXgsOJFGK7LgTzdTo36r/fCNGBwyl9AXmFgWdWTYPqwExXhsH0
52h/Wq9Q8jDkVO01oIuRp5j9mbf5bwJQA7EYAs1RPa9+LxLvzt20k6E3HtPAkg1z
Jv+1evM1h1R9PqaMoOsdg1s8QbwNfSRGYfywVWRqXxE2JQICPgihQ0ITt47YGSGT
l58CKlxikVORa0TglAUzMvZRC0GUWXdO0/pWGoZnk9Vhh+ct6V2Ocz8kL/ZxqC9x
R2PVJJlSUopqnYhCKjfboXc6iZTvj0EQBzcXB37L1Vp/37CUmurKrFOZ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTmE4e2ZU8QBRAx4OkWa2664JLVMB8GA1UdIwQY
MBaAFAw50ErYOqwd5amM33YkCpc2LErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERuUVN0ZzZyQjNscVl6ZmRpUUtsellzU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8xZjFhZGUtZTJlNi00ZDczLTk2YTkt
NDI3NDI5ZmNkNzRjLzEvTk9ZVGg3WmxUeEFGRURIZzZSWnJicnJna3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8xZjFhZGUtZTJlNi00ZDczLTk2YTktNDI3NDI5ZmNkNzRj
LzEvRERuUVN0ZzZyQjNscVl6ZmRpUUtsellzU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUIIMA0G
CSqGSIb3DQEBCwUAA4IBAQA40lyQ3dsVN8KD9GWL+BF0M5JvVJ+AvKywZw2Gh0+a
VD4Quv1mraQ6nriIbbobyDcn6vg1aJ16bLIBJkgeNnq2bv/jFgbZiQs4jGj1Wj2s
d+kKs3fFj9JIlqo2f2yZO+mR4CqAIRUiqCT/5xsPYeLEF7s8IPD+udQyQzbJgVTB
JfqmKDDAYW9buE3DBcDumKda7AfxfvQ7xvMEP1amnsbrtC7bA3kQCiZlqZzgvBOU
dCr2E1m/uqyzQHjgXS7W5rgHJxjfUFIMUnMYxz1jacQbPMm+rS2h/QNdkwUjXHDD
VJB0fwucR4OwfkHoy9Z5tBGZTY47Niln72Ns/ix+I93K
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:51 2025 by rpki-client