Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/mQTwlxrMVeib6W7__4VllTW-6C8.roa
File: mQTwlxrMVeib6W7__4VllTW-6C8.roa (raw, json)
Hash identifier: Ous0wtpwiez89Z5w9/QarT0NcGVwIRO+IhvC6Ze0CEc=
Subject key identifier: 99:04:F0:97:1A:CC:55:E8:9B:E9:6E:FF:FF:85:65:95:35:BE:E8:2F
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 01941FFA365A837329B7C035876DE811FCE8
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/mQTwlxrMVeib6W7__4VllTW-6C8.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209181
IP address blocks: 185.89.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:36:5a:83:73:29:b7:c0:35:87:6d:e8:11:fc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9904f0971acc55e89be96effff85659535bee82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f0:28:b9:9c:e1:db:a5:93:9c:a2:bc:5b:bf:
c4:86:2a:7f:45:c9:de:e1:39:e9:27:ca:62:d5:6a:
88:f8:c4:63:72:cd:27:98:84:88:2f:58:e8:c7:f6:
57:cc:ea:f2:11:7b:6e:a3:56:13:e1:ee:36:fc:1e:
99:7f:ec:96:82:c6:50:9d:36:03:8a:6a:42:23:a4:
11:6d:04:32:1b:68:a1:77:68:61:b5:eb:c1:01:d3:
fb:39:4c:2f:6e:8f:3d:b2:31:e3:a9:51:6c:ea:6d:
f6:cf:29:d4:52:ac:fb:da:65:fb:c7:b2:cb:fb:ce:
4d:5c:71:91:ce:55:42:0c:42:1e:50:2b:4d:bf:49:
65:6b:df:47:cf:5a:26:30:7d:fc:de:8b:b1:17:2f:
fc:d9:87:61:72:f0:de:3e:08:16:c6:d2:50:c3:17:
c9:bb:49:74:c2:f0:f6:dc:83:12:ef:11:85:88:9f:
9c:6e:88:58:cc:6b:e4:60:d8:39:5b:cc:4d:e8:8f:
11:33:8b:83:73:12:52:61:cd:b5:ad:1b:90:de:ef:
a9:c5:46:22:7e:94:74:a0:6a:6c:60:48:ed:7a:17:
2f:1d:79:38:ee:6a:7e:08:2a:67:e0:72:63:eb:1f:
0d:32:9b:40:2b:1d:4d:2d:af:69:14:a3:c0:c8:11:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:04:F0:97:1A:CC:55:E8:9B:E9:6E:FF:FF:85:65:95:35:BE:E8:2F
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/mQTwlxrMVeib6W7__4VllTW-6C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.248.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:7c:65:39:f4:c3:85:9b:b1:cc:0b:d3:95:7e:06:37:10:02:
f2:54:42:90:0b:01:a6:77:49:df:13:bd:94:eb:15:fb:b3:85:
e4:70:77:a2:55:e6:36:1e:93:ae:48:37:5e:53:61:7f:13:99:
06:7c:8b:a3:26:5f:1c:6b:33:e1:38:95:da:70:d0:e7:c2:ab:
92:c0:74:fb:cf:1d:56:1c:1e:6d:3e:a0:cf:c5:1c:d5:de:28:
8e:f4:00:c8:97:82:0a:5d:b5:47:3d:27:60:08:5d:00:b0:47:
ee:52:0b:f5:6a:53:a4:52:f0:5d:ea:e3:7f:7e:39:6a:26:90:
2e:a0:a3:5c:31:67:54:75:4e:04:11:b6:9c:e6:cb:be:a8:c7:
7e:48:7b:c8:8d:05:c1:ae:50:35:11:37:f3:d6:9a:c9:43:c8:
23:8b:ea:27:bb:03:a8:52:68:11:65:08:28:cc:b9:7d:db:f6:
26:43:42:9f:6e:74:ce:7a:89:e7:25:69:a1:80:50:39:95:81:
7e:8d:84:84:f7:0e:77:70:d9:75:1b:27:56:27:b1:9b:20:23:
fd:e9:80:26:2e:8f:81:58:83:cd:51:ae:62:48:c2:cc:a8:2d:
49:ad:93:ba:6c:5b:41:c7:54:a9:e7:0e:5c:49:f2:79:bd:33:
3b:aa:a0:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jZag3Mpt8A1h23oEfzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA0ZjA5NzFhY2M1NWU4OWJlOTZlZmZmZjg1NjU5NTM1YmVlODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvAouZzh26WTnKK8W7/Ehip/Rcne
4TnpJ8pi1WqI+MRjcs0nmISIL1jox/ZXzOryEXtuo1YT4e42/B6Zf+yWgsZQnTYD
impCI6QRbQQyG2ihd2hhtevBAdP7OUwvbo89sjHjqVFs6m32zynUUqz72mX7x7LL
+85NXHGRzlVCDEIeUCtNv0lla99Hz1omMH383ouxFy/82YdhcvDePggWxtJQwxfJ
u0l0wvD23IMS7xGFiJ+cbohYzGvkYNg5W8xN6I8RM4uDcxJSYc21rRuQ3u+pxUYi
fpR0oGpsYEjtehcvHXk47mp+CCpn4HJj6x8NMptAKx1NLa9pFKPAyBHlIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkE8JcazFXom+lu//+FZZU1vugvMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvbVFUd2x4ck1WZWliNlc3X180VmxsVFctNkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVn4MA0G
CSqGSIb3DQEBCwUAA4IBAQAvfGU59MOFm7HMC9OVfgY3EALyVEKQCwGmd0nfE72U
6xX7s4XkcHeiVeY2HpOuSDdeU2F/E5kGfIujJl8cazPhOJXacNDnwquSwHT7zx1W
HB5tPqDPxRzV3iiO9ADIl4IKXbVHPSdgCF0AsEfuUgv1alOkUvBd6uN/fjlqJpAu
oKNcMWdUdU4EEbac5su+qMd+SHvIjQXBrlA1ETfz1prJQ8gji+onuwOoUmgRZQgo
zLl92/YmQ0KfbnTOeonnJWmhgFA5lYF+jYSE9w53cNl1GydWJ7GbICP96YAmLo+B
WIPNUa5iSMLMqC1JrZO6bFtBx1Sp5w5cSfJ5vTM7qqCN
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:26:26 2025 by rpki-client