Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/nULdL8xjB16vfCp-N77OS9ijtts.roa
File: nULdL8xjB16vfCp-N77OS9ijtts.roa (raw, json)
Hash identifier: Q9emnLmKgjXDvnlXHjQW3LysE+69K7L9y44jhFRbDQI=
Subject key identifier: 9D:42:DD:2F:CC:63:07:5E:AF:7C:2A:7E:37:BE:CE:4B:D8:A3:B6:DB
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0194266C2C43DCBBD344F748702E7681DB38
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/nULdL8xjB16vfCp-N77OS9ijtts.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.140.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2c:43:dc:bb:d3:44:f7:48:70:2e:76:81:db:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d42dd2fcc63075eaf7c2a7e37bece4bd8a3b6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:20:b9:a8:4f:52:da:35:4e:ec:37:7a:c8:
45:32:1c:0f:89:0a:96:f9:f4:db:2c:d5:6b:1e:a2:
68:e7:75:07:62:09:92:6c:3e:21:f4:ee:8f:19:3d:
70:27:96:37:c7:1f:2e:74:d4:2c:0e:d9:39:68:83:
0c:d4:47:85:98:99:e8:91:82:d4:bd:00:46:6d:fa:
6a:90:0f:46:0b:c6:48:5f:46:0b:4f:e4:eb:5b:92:
9e:d5:bc:52:43:47:da:9d:8e:0f:da:b4:ce:9a:4b:
2f:2d:e8:53:4d:45:01:59:88:0f:7e:23:da:17:03:
9c:f5:6a:11:51:ef:ed:32:be:0a:c6:95:6a:41:bd:
a1:d3:63:4c:60:4c:0a:81:fa:1f:c8:0a:5e:5b:b9:
30:4d:ea:e5:5f:18:49:af:d5:66:2c:ae:c7:1e:c3:
74:87:e4:4f:11:f8:2f:0b:2f:f9:2c:38:10:24:e7:
32:71:5b:8c:23:a0:03:49:84:2e:4a:5e:57:fc:29:
99:85:90:e2:e3:a3:70:f1:b5:bb:23:7a:12:fd:8a:
91:36:56:3e:ee:cf:02:53:d1:11:db:ac:14:cc:1c:
fc:c2:aa:0a:7c:09:ab:57:c9:f2:85:04:06:75:07:
23:58:b4:2a:a0:35:e5:1f:0e:7f:58:63:4e:ce:11:
d0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:42:DD:2F:CC:63:07:5E:AF:7C:2A:7E:37:BE:CE:4B:D8:A3:B6:DB
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/nULdL8xjB16vfCp-N77OS9ijtts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.211.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f8:72:89:14:06:d1:6f:8c:b5:32:c5:ea:7b:d2:a1:d6:07:
01:da:81:fc:c1:eb:bf:e3:25:52:c7:c1:eb:3b:36:29:fe:c0:
ee:99:19:4d:0a:a9:8f:b7:70:03:35:e6:ca:d1:ad:42:42:27:
86:e5:e9:b6:ff:35:ec:a9:70:dd:aa:a0:20:31:52:70:dc:c7:
4f:8d:8c:0f:2e:dd:71:29:31:05:9a:38:51:8a:7b:15:62:c1:
e5:c9:bf:ae:2e:89:d2:30:c4:0f:13:2b:11:7e:f2:e9:da:18:
b4:d1:26:2d:24:c1:02:f4:4a:da:f9:7c:15:db:07:c8:ac:d9:
ba:9b:e0:b6:27:e5:8b:2d:a0:4d:2f:8c:66:33:4b:b5:d3:27:
1c:46:e0:9a:8a:b7:aa:8b:c6:f8:25:79:a4:29:97:53:40:15:
15:3f:1e:61:9c:3f:4d:ee:2d:96:21:f7:ac:db:54:db:06:02:
14:68:85:e2:9b:0d:38:30:80:11:ca:00:84:19:5e:0d:00:5b:
d8:2a:35:93:35:bf:3c:06:e5:87:c8:4c:ca:bd:4d:3d:6d:18:
7b:16:59:e5:ab:67:98:85:8c:a2:df:de:71:07:9c:fd:89:e3:
b1:00:ab:68:4d:6e:d6:64:48:62:a7:ae:d0:48:ff:98:ab:e4:
30:b3:73:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCxD3LvTRPdIcC52gds4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQyZGQyZmNjNjMwNzVlYWY3YzJhN2UzN2JlY2U0YmQ4YTNiNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZAguahPUto1Tuw3eshFMhwPiQqW
+fTbLNVrHqJo53UHYgmSbD4h9O6PGT1wJ5Y3xx8udNQsDtk5aIMM1EeFmJnokYLU
vQBGbfpqkA9GC8ZIX0YLT+TrW5Ke1bxSQ0fanY4P2rTOmksvLehTTUUBWYgPfiPa
FwOc9WoRUe/tMr4KxpVqQb2h02NMYEwKgfofyApeW7kwTerlXxhJr9VmLK7HHsN0
h+RPEfgvCy/5LDgQJOcycVuMI6ADSYQuSl5X/CmZhZDi46Nw8bW7I3oS/YqRNlY+
7s8CU9ER26wUzBz8wqoKfAmrV8nyhQQGdQcjWLQqoDXlHw5/WGNOzhHQ8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1C3S/MYwder3wqfje+zkvYo7bbMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvblVMZEw4eGpCMTZ2ZkNwLU43N09TOWlqdHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYzTMA0G
CSqGSIb3DQEBCwUAA4IBAQB1+HKJFAbRb4y1MsXqe9Kh1gcB2oH8weu/4yVSx8Hr
OzYp/sDumRlNCqmPt3ADNebK0a1CQieG5em2/zXsqXDdqqAgMVJw3MdPjYwPLt1x
KTEFmjhRinsVYsHlyb+uLonSMMQPEysRfvLp2hi00SYtJMEC9Era+XwV2wfIrNm6
m+C2J+WLLaBNL4xmM0u10yccRuCaireqi8b4JXmkKZdTQBUVPx5hnD9N7i2WIfes
21TbBgIUaIXimw04MIARygCEGV4NAFvYKjWTNb88BuWHyEzKvU09bRh7Flnlq2eY
hYyi395xB5z9ieOxAKtoTW7WZEhip67QSP+Yq+Qws3NB
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:15 2025 by rpki-client