Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b2471c-bebc-4412-a6a4-2f9cac700fa5/1/ndozZxXsqqvoYlnvn2R8eG6q9WM.roa
File: ndozZxXsqqvoYlnvn2R8eG6q9WM.roa (raw, json)
Hash identifier: J/bxB2F1VD9ABMhf1I4cZo/1cjeHrt4Cto7ZdYkPM28=
Subject key identifier: 9D:DA:33:67:15:EC:AA:AB:E8:62:59:EF:9F:64:7C:78:6E:AA:F5:63
Certificate issuer: /CN=6838db7e699127da4c1c5a5e93f44f302b62863b
Certificate serial: 019423D777082F57BF2282B91032470DC322
Authority key identifier: 68:38:DB:7E:69:91:27:DA:4C:1C:5A:5E:93:F4:4F:30:2B:62:86:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDjbfmmRJ9pMHFpek_RPMCtihjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/b2471c-bebc-4412-a6a4-2f9cac700fa5/1/ndozZxXsqqvoYlnvn2R8eG6q9WM.roa
Signing time: Wed 01 Jan 2025 21:48:30 +0000
ROA not before: Wed 01 Jan 2025 21:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 185.218.164.0/24 maxlen: 24
185.218.165.0/24 maxlen: 24
185.218.166.0/24 maxlen: 24
2a0b:d9c0:164::/48 maxlen: 48
2a0b:d9c0:165::/48 maxlen: 48
2a0b:d9c0:166::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:77:08:2f:57:bf:22:82:b9:10:32:47:0d:c3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6838db7e699127da4c1c5a5e93f44f302b62863b
Validity
Not Before: Jan 1 21:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dda336715ecaaabe86259ef9f647c786eaaf563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:16:f2:21:c5:8d:46:39:11:d0:5b:73:eb:99:
fe:19:3e:c7:42:58:e2:99:87:5a:0a:2d:dc:cd:50:
8c:cb:81:cd:3c:fc:c0:fe:8f:06:15:10:07:32:36:
10:91:85:0f:0f:c1:d0:fd:5d:24:2a:25:3a:1a:f0:
fb:8e:0e:e6:1f:ae:cc:d7:09:b1:23:56:44:dd:9c:
01:32:cf:34:c5:27:2f:d6:af:bd:c9:ee:e9:ec:52:
2a:09:3d:ae:83:d5:13:5b:61:c0:0e:55:58:25:1b:
c8:e9:cf:22:8e:7e:6f:e2:19:b3:45:43:f2:57:53:
c6:77:54:e1:73:1a:df:50:29:4c:a2:f7:c1:18:bd:
08:64:5e:d8:43:03:91:49:8b:03:f2:42:62:d3:fa:
da:70:f6:d0:9f:49:31:6b:97:4a:e7:25:a0:f4:5c:
56:cc:8f:4d:ff:9c:ba:50:f0:b8:c7:d2:88:dc:ae:
70:34:d4:fb:85:77:36:38:d9:a3:c6:f2:1e:93:ce:
8c:34:62:38:03:03:7e:08:ec:06:2c:62:0b:e0:3e:
5a:bf:89:f0:db:1c:c2:60:2e:34:f1:d2:f3:30:33:
3b:71:d0:1c:3b:ed:e4:16:d1:a3:41:07:b5:d7:e6:
22:1b:6f:9b:1c:23:0e:d9:20:eb:4f:50:52:bc:b3:
68:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DA:33:67:15:EC:AA:AB:E8:62:59:EF:9F:64:7C:78:6E:AA:F5:63
X509v3 Authority Key Identifier:
keyid:68:38:DB:7E:69:91:27:DA:4C:1C:5A:5E:93:F4:4F:30:2B:62:86:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDjbfmmRJ9pMHFpek_RPMCtihjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b2471c-bebc-4412-a6a4-2f9cac700fa5/1/ndozZxXsqqvoYlnvn2R8eG6q9WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b2471c-bebc-4412-a6a4-2f9cac700fa5/1/aDjbfmmRJ9pMHFpek_RPMCtihjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.164.0-185.218.166.255
IPv6:
2a0b:d9c0:164::-2a0b:d9c0:166:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:2d:34:6d:eb:9f:d0:6a:73:f9:30:68:24:af:02:8d:ce:e2:
d4:7f:77:09:57:7c:31:a2:be:00:22:bc:24:44:72:42:a7:5e:
d5:ab:97:a2:d2:1d:8f:03:f7:d0:68:d3:3e:10:bb:62:d7:ac:
b2:ce:10:18:22:86:bd:4c:40:a3:b4:d6:dd:81:69:c9:6c:3f:
c7:e7:db:6e:1b:20:58:98:2a:75:34:f7:5c:42:e8:93:3f:46:
b4:37:06:ee:7b:80:46:2a:d7:f2:0b:f5:58:24:bd:0c:47:38:
cd:57:d9:f7:e2:fd:d4:0d:68:8e:6b:e6:5e:d0:a9:a0:37:5b:
3a:f7:c3:03:e7:57:b9:4e:54:3e:9a:c6:10:bf:df:4c:8f:94:
a1:11:a2:e0:a4:4f:19:28:c1:b0:36:88:fb:2b:8e:1e:bf:6b:
82:3a:b1:04:f9:2d:02:a9:43:17:88:ef:6c:74:70:7f:4d:5b:
04:3b:4f:af:0e:4c:79:12:5f:02:f2:82:b7:43:23:77:7c:01:
a8:0f:3f:01:29:5b:ff:e8:93:5d:ac:f1:56:cc:2d:1a:98:12:
1e:48:a9:76:89:1a:05:8e:57:c2:73:2b:71:6b:de:e6:50:37:
88:51:a2:cc:ea:ac:b5:7c:70:a0:d0:8d:cf:94:11:87:8b:0e:
24:24:e3:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQj13cIL1e/IoK5EDJHDcMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzhkYjdlNjk5MTI3ZGE0YzFjNWE1ZTkzZjQ0ZjMwMmI2
Mjg2M2IwHhcNMjUwMTAxMjE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRhMzM2NzE1ZWNhYWFiZTg2MjU5ZWY5ZjY0N2M3ODZlYWFmNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hbyIcWNRjkR0Ftz65n+GT7HQlji
mYdaCi3czVCMy4HNPPzA/o8GFRAHMjYQkYUPD8HQ/V0kKiU6GvD7jg7mH67M1wmx
I1ZE3ZwBMs80xScv1q+9ye7p7FIqCT2ug9UTW2HADlVYJRvI6c8ijn5v4hmzRUPy
V1PGd1ThcxrfUClMovfBGL0IZF7YQwORSYsD8kJi0/racPbQn0kxa5dK5yWg9FxW
zI9N/5y6UPC4x9KI3K5wNNT7hXc2ONmjxvIek86MNGI4AwN+COwGLGIL4D5av4nw
2xzCYC408dLzMDM7cdAcO+3kFtGjQQe11+YiG2+bHCMO2SDrT1BSvLNoAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ3aM2cV7Kqr6GJZ759kfHhuqvVjMB8GA1UdIwQY
MBaAFGg4235pkSfaTBxaXpP0TzArYoY7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURqYmZtbVJKOXBNSEZwZWtfUlBNQ3RpaGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iMjQ3MWMtYmViYy00NDEyLWE2YTQt
MmY5Y2FjNzAwZmE1LzEvbmRvelp4WHNxcXZvWWxudm4yUjhlRzZxOVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iMjQ3MWMtYmViYy00NDEyLWE2YTQtMmY5Y2FjNzAwZmE1
LzEvYURqYmZtbVJKOXBNSEZwZWtfUlBNQ3RpaGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAK52qQD
BAC52qYwGgQCAAIwFDASAwcCKgvZwAFkAwcAKgvZwAFmMA0GCSqGSIb3DQEBCwUA
A4IBAQB4LTRt65/QanP5MGgkrwKNzuLUf3cJV3wxor4AIrwkRHJCp17Vq5ei0h2P
A/fQaNM+ELti16yyzhAYIoa9TECjtNbdgWnJbD/H59tuGyBYmCp1NPdcQuiTP0a0
Nwbue4BGKtfyC/VYJL0MRzjNV9n34v3UDWiOa+Ze0KmgN1s698MD51e5TlQ+msYQ
v99Mj5ShEaLgpE8ZKMGwNoj7K44ev2uCOrEE+S0CqUMXiO9sdHB/TVsEO0+vDkx5
El8C8oK3QyN3fAGoDz8BKVv/6JNdrPFWzC0amBIeSKl2iRoFjlfCcytxa97mUDeI
UaLM6qy1fHCg0I3PlBGHiw4kJOO2
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:59:44 2025 by rpki-client