Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/nF_pFEUAL2eznLlq66bDUYV81n0.roa
File: nF_pFEUAL2eznLlq66bDUYV81n0.roa (raw, json)
Hash identifier: kkJ3N73ZOxQUlQop6wpAOdnE2o7Q14I6zpSGsz3qNCI=
Subject key identifier: 9C:5F:E9:14:45:00:2F:67:B3:9C:B9:6A:EB:A6:C3:51:85:7C:D6:7D
Certificate issuer: /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial: 01941FFA0CA9CEFCA15E70178A5B6054C692
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/nF_pFEUAL2eznLlq66bDUYV81n0.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.43.192.0/24 maxlen: 24
185.43.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0c:a9:ce:fc:a1:5e:70:17:8a:5b:60:54:c6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c5fe91445002f67b39cb96aeba6c351857cd67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:70:c9:53:cd:5d:4b:2e:75:7d:19:34:c5:
a0:f2:43:e4:ae:0e:af:56:a5:46:91:5b:55:06:04:
7f:88:18:b2:cd:50:7e:c8:c7:fd:85:10:69:95:c3:
b6:86:14:7d:f6:0f:16:71:f4:9c:ee:0b:d6:a3:00:
4b:26:23:06:e6:6f:80:db:81:3f:8c:44:6d:a7:8b:
3d:74:40:6f:98:40:a9:13:12:62:b1:66:a4:7f:b0:
e0:81:d3:55:3d:7d:26:44:7c:84:be:87:84:f5:a5:
6b:2e:f6:84:ee:43:f3:c8:77:db:86:d3:51:28:c4:
d8:6b:a5:07:fd:51:69:d7:7c:6e:95:3b:75:b5:4f:
d1:31:65:86:73:f7:c6:c5:0d:1f:fc:75:e8:8f:50:
d5:39:48:cc:3a:66:54:cb:a2:05:ee:2b:6c:dd:01:
13:b4:d8:21:fa:8a:3b:38:f6:02:b0:f0:8e:f9:1b:
dd:90:7b:5f:6d:09:ad:dc:2a:d7:d2:59:c8:80:cf:
57:ff:f6:cc:16:36:41:5f:e8:bc:0f:7b:a9:e9:ac:
85:75:f9:ad:fd:79:88:28:3c:62:02:9b:ce:9b:61:
f5:71:c6:a2:4e:f4:68:cd:4e:ad:23:3a:9e:53:39:
a3:31:b6:08:ee:16:42:e3:2e:fa:81:5c:94:00:2f:
92:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5F:E9:14:45:00:2F:67:B3:9C:B9:6A:EB:A6:C3:51:85:7C:D6:7D
X509v3 Authority Key Identifier:
keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/nF_pFEUAL2eznLlq66bDUYV81n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.192.0/23
Signature Algorithm: sha256WithRSAEncryption
21:d4:cf:2b:32:e3:df:6f:20:60:5b:f7:64:2b:f0:50:b0:d1:
02:7b:1d:03:0f:ec:b0:36:fd:c6:8f:52:79:fe:6f:7a:d5:f8:
3a:87:84:e6:8a:e4:a6:ba:40:81:da:36:20:d0:41:d2:14:b2:
47:92:30:09:ec:87:c6:1d:a8:36:5d:ba:c9:0f:1e:76:d5:a1:
e5:2f:63:75:64:65:52:fa:d6:19:48:93:83:4b:d9:b0:38:1b:
55:b0:35:2d:46:06:00:3e:2f:16:1a:58:b6:04:11:7a:da:53:
03:a3:b2:18:e2:e8:0d:94:96:01:7d:0a:7f:a6:66:b4:5f:4e:
3d:74:ef:bb:c7:6f:82:1a:24:c7:30:b1:48:72:e3:2b:73:d2:
7c:35:9d:62:b3:9f:a5:bd:7a:ab:a2:5a:74:a8:ac:ab:a6:94:
c1:38:f7:ae:5d:93:9c:d6:31:79:b2:08:2a:c7:2a:95:68:cd:
52:90:30:6b:af:3b:43:00:ad:6c:71:9d:29:da:7a:42:5f:22:
5a:40:b2:4a:ea:a1:87:93:07:03:9b:07:7a:3a:cf:fe:50:dd:
af:21:f3:0c:12:18:d3:76:bb:c1:a2:bd:5b:b3:68:98:9b:3a:
3b:2b:42:7e:f7:ee:2a:42:c6:b5:18:7a:58:b6:00:22:e0:9a:
85:51:c3:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gypzvyhXnAXiltgVMaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVmZTkxNDQ1MDAyZjY3YjM5Y2I5NmFlYmE2YzM1MTg1N2NkNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmtwyVPNXUsudX0ZNMWg8kPkrg6v
VqVGkVtVBgR/iBiyzVB+yMf9hRBplcO2hhR99g8WcfSc7gvWowBLJiMG5m+A24E/
jERtp4s9dEBvmECpExJisWakf7DggdNVPX0mRHyEvoeE9aVrLvaE7kPzyHfbhtNR
KMTYa6UH/VFp13xulTt1tU/RMWWGc/fGxQ0f/HXoj1DVOUjMOmZUy6IF7its3QET
tNgh+oo7OPYCsPCO+RvdkHtfbQmt3CrX0lnIgM9X//bMFjZBX+i8D3up6ayFdfmt
/XmIKDxiApvOm2H1ccaiTvRozU6tIzqeUzmjMbYI7hZC4y76gVyUAC+SJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxf6RRFAC9ns5y5auumw1GFfNZ9MB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvbkZfcEZFVUFMMmV6bkxscTY2YkRVWVY4MW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSvAMA0G
CSqGSIb3DQEBCwUAA4IBAQAh1M8rMuPfbyBgW/dkK/BQsNECex0DD+ywNv3Gj1J5
/m961fg6h4TmiuSmukCB2jYg0EHSFLJHkjAJ7IfGHag2XbrJDx521aHlL2N1ZGVS
+tYZSJODS9mwOBtVsDUtRgYAPi8WGli2BBF62lMDo7IY4ugNlJYBfQp/pma0X049
dO+7x2+CGiTHMLFIcuMrc9J8NZ1is5+lvXqrolp0qKyrppTBOPeuXZOc1jF5sggq
xyqVaM1SkDBrrztDAK1scZ0p2npCXyJaQLJK6qGHkwcDmwd6Os/+UN2vIfMMEhjT
drvBor1bs2iYmzo7K0J+9+4qQsa1GHpYtgAi4JqFUcMU
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:49:49 2025 by rpki-client