Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/nmXKG7O5Y4Y-3VQd-oJvUHMEIEY.roa
File: nmXKG7O5Y4Y-3VQd-oJvUHMEIEY.roa (raw, json)
Hash identifier: qsL3cjqC+DzRSqTDxZdudYHZ+K/KlZvY/xyn2uR0PZU=
Subject key identifier: 9E:65:CA:1B:B3:B9:63:86:3E:DD:54:1D:FA:82:6F:50:73:04:20:46
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FF359A9D9452E1A9958EA5FC6A2CE
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/nmXKG7O5Y4Y-3VQd-oJvUHMEIEY.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 193.168.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f3:59:a9:d9:45:2e:1a:99:58:ea:5f:c6:a2:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e65ca1bb3b963863edd541dfa826f5073042046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:af:fe:0d:e0:c4:7f:85:d4:e9:3e:b8:34:
6b:66:df:a6:15:14:45:bd:3e:ac:51:18:44:b0:de:
77:c5:1e:9a:cf:46:35:a3:a5:df:31:17:d9:d9:79:
93:20:7b:58:2c:e8:0f:03:44:9d:72:27:d6:0e:e7:
00:c7:cc:ee:95:3f:4c:ae:50:32:03:26:f2:86:40:
38:96:5c:fb:bf:91:2d:27:bd:3a:fa:20:f8:51:65:
ee:b0:de:c0:dc:95:b8:89:d3:d7:47:69:45:f8:69:
a0:ab:9a:0a:e6:50:4b:a1:90:b9:42:36:0d:9d:6f:
fc:6f:a7:54:7c:a3:1e:96:ab:ef:a9:8f:86:44:c2:
f7:aa:0c:a9:0a:b0:82:1c:2a:4a:e7:26:27:58:68:
55:8e:31:e0:23:4b:f7:a3:8f:10:f8:f2:bb:31:31:
07:4f:44:7e:5c:1e:87:aa:86:c4:12:07:71:cf:59:
3b:09:98:ef:8e:6e:22:15:f0:7a:29:fa:20:12:50:
36:d9:b6:1e:08:ed:ca:d4:51:5a:4c:83:50:da:34:
f7:c0:c4:af:19:a0:cb:09:cc:2c:7a:f6:dc:24:fd:
02:b5:f5:be:e0:75:6d:71:87:0c:4f:63:bd:db:96:
00:5b:22:bf:d1:8d:cf:27:33:3e:73:7e:83:cd:13:
a0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:65:CA:1B:B3:B9:63:86:3E:DD:54:1D:FA:82:6F:50:73:04:20:46
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/nmXKG7O5Y4Y-3VQd-oJvUHMEIEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:21:bc:99:2f:29:9d:7f:4b:98:ca:bb:3f:b5:b5:ce:a5:1d:
39:8f:cf:95:0e:36:be:f8:93:27:7f:04:66:e2:37:99:79:db:
0e:49:a8:f5:cb:b4:20:77:28:9d:cf:bc:67:55:1a:9a:d9:80:
91:bb:c4:2d:40:f3:c8:20:b6:a7:88:f7:31:86:92:ca:1a:9d:
cc:c1:e5:4a:88:76:dd:54:d6:f5:ca:de:47:68:cc:69:7c:6a:
14:24:b8:8b:b6:26:90:83:3a:f7:c9:96:07:f0:32:a9:1a:93:
e9:2d:3e:39:93:67:72:74:39:07:a5:05:90:f1:ad:11:db:04:
fb:bc:ae:e3:fc:c7:be:58:23:2a:e4:58:4d:bf:bc:6d:87:54:
8b:19:47:67:17:53:8d:8a:4d:5f:d5:47:88:2f:01:81:d2:7e:
60:7c:2a:db:94:0a:11:ea:3d:cb:fa:d4:0c:b4:f2:a8:d1:35:
0e:04:6c:cd:2f:77:4a:ae:4b:1a:d5:24:e4:ca:c3:2f:29:60:
f2:6a:6c:64:55:59:6a:cd:f1:e2:87:ce:68:85:d0:4a:0f:98:
97:47:a7:f2:ed:fb:70:28:8f:48:e1:de:53:f8:40:26:4f:d1:
e1:0c:17:d2:38:ba:10:1a:1f:02:76:e9:d9:57:b7:cf:13:0b:
51:5e:29:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/NZqdlFLhqZWOpfxqLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY1Y2ExYmIzYjk2Mzg2M2VkZDU0MWRmYTgyNmY1MDczMDQyMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVKv/g3gxH+F1Ok+uDRrZt+mFRRF
vT6sURhEsN53xR6az0Y1o6XfMRfZ2XmTIHtYLOgPA0SdcifWDucAx8zulT9MrlAy
AybyhkA4llz7v5EtJ706+iD4UWXusN7A3JW4idPXR2lF+Gmgq5oK5lBLoZC5QjYN
nW/8b6dUfKMelqvvqY+GRML3qgypCrCCHCpK5yYnWGhVjjHgI0v3o48Q+PK7MTEH
T0R+XB6HqobEEgdxz1k7CZjvjm4iFfB6KfogElA22bYeCO3K1FFaTINQ2jT3wMSv
GaDLCcwsevbcJP0CtfW+4HVtcYcMT2O925YAWyK/0Y3PJzM+c36DzROgvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5lyhuzuWOGPt1UHfqCb1BzBCBGMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvbm1YS0c3TzVZNFktM1ZRZC1vSnZVSE1FSUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwajIMA0G
CSqGSIb3DQEBCwUAA4IBAQA7IbyZLymdf0uYyrs/tbXOpR05j8+VDja++JMnfwRm
4jeZedsOSaj1y7Qgdyidz7xnVRqa2YCRu8QtQPPIILaniPcxhpLKGp3MweVKiHbd
VNb1yt5HaMxpfGoUJLiLtiaQgzr3yZYH8DKpGpPpLT45k2dydDkHpQWQ8a0R2wT7
vK7j/Me+WCMq5FhNv7xth1SLGUdnF1ONik1f1UeILwGB0n5gfCrblAoR6j3L+tQM
tPKo0TUOBGzNL3dKrksa1STkysMvKWDyamxkVVlqzfHih85ohdBKD5iXR6fy7ftw
KI9I4d5T+EAmT9HhDBfSOLoQGh8CdunZV7fPEwtRXikp
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:44:52 2025 by rpki-client