Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Nx6plveuESXQK8zHN0saWCNgZtg.roa
File: Nx6plveuESXQK8zHN0saWCNgZtg.roa (raw, json)
Hash identifier: QL/uKZ/nr+28xsvZGhgIMqZgRaxPkWfGMmZV7z027VM=
Subject key identifier: 37:1E:A9:96:F7:AE:11:25:D0:2B:CC:C7:37:4B:1A:58:23:60:66:D8
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B423FDB6ADEEF9BE7259F092AEC7AF
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Nx6plveuESXQK8zHN0saWCNgZtg.roa
Signing time: Thu 02 Jan 2025 15:48:24 +0000
ROA not before: Thu 02 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 86.38.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:23:fd:b6:ad:ee:f9:be:72:59:f0:92:ae:c7:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=371ea996f7ae1125d02bccc7374b1a58236066d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:c9:8a:d2:03:90:64:da:27:ac:28:70:4c:
62:cf:ab:62:65:9a:bf:18:6b:66:0c:5f:51:b3:fa:
8e:4a:96:d2:3a:92:55:d6:96:0d:6c:18:30:66:fd:
4a:37:61:f1:ec:f8:be:20:36:21:a7:d8:08:ca:ef:
dc:ce:65:17:3d:8d:8a:c6:b9:60:da:ef:27:ff:c9:
4d:d5:1e:16:96:02:53:95:ba:20:d3:b6:f7:99:66:
75:66:e4:82:a0:d3:93:f7:78:87:19:32:92:e3:45:
81:7b:6e:0d:6c:df:d2:35:ee:86:a3:1d:b4:88:7a:
96:45:12:1a:ed:5f:21:aa:57:2a:a2:41:75:af:b0:
21:7f:df:8c:3f:0d:1b:4a:34:44:6c:cd:6a:8b:b2:
33:f3:2b:06:c1:37:3d:a3:63:fb:e4:fb:c2:17:9e:
e3:81:d7:b8:fb:e8:78:7d:a9:3b:f2:36:73:80:d8:
8c:16:58:2c:ac:ee:05:15:aa:bc:11:ec:a4:c1:f7:
b6:57:c6:de:0e:ce:13:47:6f:e1:d2:f9:84:39:04:
ec:21:dc:1a:4e:c0:b5:97:04:8f:d8:d9:a9:0b:73:
1f:e2:c8:f2:58:e4:ac:77:28:5d:cd:8d:f2:67:bc:
20:3e:e2:54:f3:b6:0e:d7:b2:d5:00:b0:00:81:d3:
6a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1E:A9:96:F7:AE:11:25:D0:2B:CC:C7:37:4B:1A:58:23:60:66:D8
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Nx6plveuESXQK8zHN0saWCNgZtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:9c:e3:fc:98:41:86:03:0e:f4:a0:75:c5:c6:cb:6a:31:01:
b8:35:a0:01:9f:c1:5b:54:70:34:17:b9:4a:d4:d9:2b:e1:5f:
67:86:29:9d:80:98:dd:cd:18:fb:a6:36:b7:2d:13:39:d5:3e:
d4:a6:d0:b1:e0:fb:09:7b:53:f3:d4:c4:85:ed:cf:0d:c0:1c:
ec:24:12:a4:40:70:5f:98:20:15:29:8f:8e:6e:bb:a1:e9:c2:
09:b1:07:63:0d:cb:e1:d0:d6:e2:11:b3:a4:1c:b2:cf:e0:6e:
21:6d:5c:12:72:81:9f:ce:3e:d0:2e:cc:1c:e4:98:62:19:57:
83:ab:af:a6:8b:8b:71:e9:aa:7b:34:a3:e4:32:fb:f3:24:90:
84:4b:ab:8c:ac:86:9c:c3:20:cb:6f:07:5d:a0:62:33:68:0c:
82:eb:d8:8f:c2:4c:e6:d6:53:9f:62:42:32:6d:70:22:3a:cd:
45:ba:bc:f5:cb:12:20:3f:f7:12:32:e6:da:01:f6:9a:b3:fa:
e1:e1:ab:4a:41:b7:40:7b:62:46:fa:9b:ab:3e:53:9f:37:e5:
e0:cb:9b:30:62:19:af:6f:5c:cb:01:bd:f6:b0:98:68:7f:7e:
c2:3a:1a:dc:be:77:71:e3:32:46:90:80:e6:2c:12:f9:c0:48:
c7:aa:ca:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntCP9tq3u+b5yWfCSrsevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFlYTk5NmY3YWUxMTI1ZDAyYmNjYzczNzRiMWE1ODIzNjA2NmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD3JitIDkGTaJ6wocExiz6tiZZq/
GGtmDF9Rs/qOSpbSOpJV1pYNbBgwZv1KN2Hx7Pi+IDYhp9gIyu/czmUXPY2Kxrlg
2u8n/8lN1R4WlgJTlbog07b3mWZ1ZuSCoNOT93iHGTKS40WBe24NbN/SNe6Gox20
iHqWRRIa7V8hqlcqokF1r7Ahf9+MPw0bSjREbM1qi7Iz8ysGwTc9o2P75PvCF57j
gde4++h4fak78jZzgNiMFlgsrO4FFaq8Eeykwfe2V8beDs4TR2/h0vmEOQTsIdwa
TsC1lwSP2NmpC3Mf4sjyWOSsdyhdzY3yZ7wgPuJU87YO17LVALAAgdNqSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDceqZb3rhEl0CvMxzdLGlgjYGbYMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvTng2cGx2ZXVFU1hRSzh6SE4wc2FXQ05nWnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAViakMA0G
CSqGSIb3DQEBCwUAA4IBAQCPnOP8mEGGAw70oHXFxstqMQG4NaABn8FbVHA0F7lK
1Nkr4V9nhimdgJjdzRj7pja3LRM51T7UptCx4PsJe1Pz1MSF7c8NwBzsJBKkQHBf
mCAVKY+Obruh6cIJsQdjDcvh0NbiEbOkHLLP4G4hbVwScoGfzj7QLswc5JhiGVeD
q6+mi4tx6ap7NKPkMvvzJJCES6uMrIacwyDLbwddoGIzaAyC69iPwkzm1lOfYkIy
bXAiOs1Furz1yxIgP/cSMubaAfaas/rh4atKQbdAe2JG+purPlOfN+Xgy5swYhmv
b1zLAb32sJhof37COhrcvndx4zJGkIDmLBL5wEjHqsoc
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:28 2025 by rpki-client