Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa
File: N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa (raw, json)
Hash identifier: JXk8TsLqv4eNpEsTxzdAoUG6ec7BUvgM4Lyhjc+WI9U=
Subject key identifier: 37:53:06:DE:9B:54:8B:A9:51:92:00:90:80:2E:2C:8D:0C:1B:4B:91
Certificate issuer: /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial: 019426D94B0D6E3F6962F51426BB7D6BAA3D
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa
Signing time: Thu 02 Jan 2025 11:49:22 +0000
ROA not before: Thu 02 Jan 2025 11:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212335
IP address blocks: 185.193.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4b:0d:6e:3f:69:62:f5:14:26:bb:7d:6b:aa:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Validity
Not Before: Jan 2 11:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=375306de9b548ba951920090802e2c8d0c1b4b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:86:be:54:67:23:97:35:6f:7c:fe:e3:75:15:
4f:8a:21:d0:d5:cf:60:02:4b:59:bc:2d:66:8d:1c:
b2:bf:8b:0a:03:66:03:1b:22:e2:56:63:e3:df:c3:
9d:c9:e5:16:8a:84:32:f1:59:03:a1:0d:b1:1a:b6:
85:84:e2:86:0f:e3:0c:46:50:0a:27:e4:1c:f2:e7:
bd:b4:d2:a0:93:2b:b1:83:2c:86:a4:07:4d:df:c5:
4a:dc:1e:b9:6c:32:7a:54:4a:6c:9f:7c:10:7e:e7:
ad:fd:eb:1d:d9:b3:d9:0a:28:e9:27:59:33:86:96:
ca:a4:45:e6:ba:6c:82:fa:f1:ec:06:85:92:2e:8d:
b1:7d:85:86:2d:e5:9c:93:f6:94:f3:75:3b:b8:36:
8b:68:b9:46:74:9c:70:b2:90:f0:fa:90:98:d4:96:
0f:29:7b:bf:92:80:84:97:29:d0:c3:23:26:d2:06:
25:7a:a8:16:50:65:0e:0d:45:05:54:e5:49:84:e3:
30:60:2c:b5:26:66:5a:cb:6f:fe:2b:db:96:44:fe:
df:62:df:0c:97:0a:ad:cf:ee:02:4b:10:27:40:68:
c0:9b:cb:62:50:57:f0:67:37:f9:c5:e4:9f:12:a4:
c3:39:fd:28:5c:d4:3a:d4:8a:75:9e:c2:b4:95:09:
6f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:53:06:DE:9B:54:8B:A9:51:92:00:90:80:2E:2C:8D:0C:1B:4B:91
X509v3 Authority Key Identifier:
keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.164.0/24
Signature Algorithm: sha256WithRSAEncryption
53:92:62:10:9c:4d:c9:a5:a8:57:6e:54:f6:68:c7:d7:e1:ff:
c2:46:d4:a4:4f:d7:5b:75:29:d0:3e:8a:2d:a9:a0:7d:95:5d:
bd:19:d9:80:e2:63:c6:fc:bd:43:47:e9:f6:6b:84:14:6b:35:
67:4b:eb:85:85:58:69:89:9d:08:7d:77:e0:ba:4b:a4:3b:bf:
73:05:dc:09:b2:b4:34:ad:85:ce:d6:45:72:7b:13:c0:98:97:
b5:de:16:c8:43:72:93:6d:6b:fd:6b:0c:99:ff:ed:69:32:97:
8f:1f:e4:cc:a1:f4:0e:9d:41:86:68:b5:2a:20:65:46:04:5f:
f6:f7:d4:7f:1f:2c:1d:cc:2b:68:32:eb:44:d3:31:0b:73:d8:
a1:f3:6f:86:a7:ca:c7:bb:9b:34:23:b1:cb:b2:3c:da:2c:b1:
a7:41:14:89:3b:e4:1f:44:10:0e:08:5d:e6:1e:09:41:46:45:
1e:20:a2:e1:8a:38:16:94:1e:44:f3:91:66:84:02:e3:af:fb:
71:60:83:26:4e:bb:33:7c:66:f9:ec:ab:62:c6:c2:b4:bc:6d:
40:fb:e0:00:23:61:25:ce:b8:7d:7f:8f:88:24:db:41:1f:34:
8c:e4:d9:56:e5:c6:30:5d:0a:43:cc:d3:18:3f:a4:10:93:65:
94:cb:fd:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2UsNbj9pYvUUJrt9a6o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjUwMTAyMTE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUzMDZkZTliNTQ4YmE5NTE5MjAwOTA4MDJlMmM4ZDBjMWI0YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04a+VGcjlzVvfP7jdRVPiiHQ1c9g
AktZvC1mjRyyv4sKA2YDGyLiVmPj38OdyeUWioQy8VkDoQ2xGraFhOKGD+MMRlAK
J+Qc8ue9tNKgkyuxgyyGpAdN38VK3B65bDJ6VEpsn3wQfuet/esd2bPZCijpJ1kz
hpbKpEXmumyC+vHsBoWSLo2xfYWGLeWck/aU83U7uDaLaLlGdJxwspDw+pCY1JYP
KXu/koCElynQwyMm0gYleqgWUGUODUUFVOVJhOMwYCy1JmZay2/+K9uWRP7fYt8M
lwqtz+4CSxAnQGjAm8tiUFfwZzf5xeSfEqTDOf0oXNQ61Ip1nsK0lQlvjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdTBt6bVIupUZIAkIAuLI0MG0uRMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEvTjFNRzNwdFVpNmxSa2dDUWdDNHNqUXdiUzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucGkMA0G
CSqGSIb3DQEBCwUAA4IBAQBTkmIQnE3JpahXblT2aMfX4f/CRtSkT9dbdSnQPoot
qaB9lV29GdmA4mPG/L1DR+n2a4QUazVnS+uFhVhpiZ0IfXfgukukO79zBdwJsrQ0
rYXO1kVyexPAmJe13hbIQ3KTbWv9awyZ/+1pMpePH+TMofQOnUGGaLUqIGVGBF/2
99R/HywdzCtoMutE0zELc9ih82+Gp8rHu5s0I7HLsjzaLLGnQRSJO+QfRBAOCF3m
HglBRkUeIKLhijgWlB5E85FmhALjr/txYIMmTrszfGb57KtixsK0vG1A++AAI2El
zrh9f4+IJNtBHzSM5NlW5cYwXQpDzNMYP6QQk2WUy/0t
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:07:38 2025 by rpki-client