Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/nKxYgxU46C1nM-kLwKHXoqpeCuk.roa
File: nKxYgxU46C1nM-kLwKHXoqpeCuk.roa (raw, json)
Hash identifier: acmNPfWY5Vqfewon1zfQxYgK/f0iZyi1LFngzxJT1rE=
Subject key identifier: 9C:AC:58:83:15:38:E8:2D:67:33:E9:0B:C0:A1:D7:A2:AA:5E:0A:E9
Certificate issuer: /CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Certificate serial: 01942369DCB7C80EFD3E58C572016EB16511
Authority key identifier: 3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/nKxYgxU46C1nM-kLwKHXoqpeCuk.roa
Signing time: Wed 01 Jan 2025 19:48:47 +0000
ROA not before: Wed 01 Jan 2025 19:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 192.124.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:dc:b7:c8:0e:fd:3e:58:c5:72:01:6e:b1:65:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Validity
Not Before: Jan 1 19:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cac58831538e82d6733e90bc0a1d7a2aa5e0ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bb:f0:47:bb:26:43:46:eb:43:5e:23:f9:21:
98:f4:ac:09:b3:05:f7:72:ef:ce:56:43:04:ae:8d:
42:d4:dd:3c:9a:3d:92:66:fc:a4:da:9b:c3:98:39:
fe:19:07:9b:ca:3e:eb:41:53:f7:27:13:7e:31:53:
36:ef:32:4c:35:a0:2b:2e:a0:50:57:be:11:5f:82:
c4:29:43:44:6d:8e:82:79:2a:40:0e:28:23:b4:e5:
f8:05:09:45:d3:4e:89:83:ee:0c:b8:61:db:70:c5:
4d:de:cf:94:29:a6:45:59:8c:8b:1e:43:06:b6:45:
8e:f3:c2:b4:8f:e3:e6:80:e8:ea:82:d3:0a:5a:c8:
37:69:ef:a5:ba:b5:b9:58:82:95:16:22:95:b7:20:
83:14:64:f4:4b:04:d5:9a:4e:4f:c1:f0:19:d1:28:
6a:3a:85:2e:cb:81:f2:7b:53:5c:ae:2a:be:f3:1f:
8b:98:ab:06:8c:67:ff:59:9a:cc:41:f0:eb:02:d4:
28:76:b2:b0:e8:ea:2a:9d:8b:95:08:18:03:1f:b5:
d0:b0:ed:0d:7d:24:b1:67:8e:5f:25:ca:03:50:bf:
37:06:60:f4:b4:89:1b:f2:41:45:71:31:b0:6a:97:
e6:ba:e9:65:58:49:8c:34:99:64:a5:54:1d:1d:4d:
dc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AC:58:83:15:38:E8:2D:67:33:E9:0B:C0:A1:D7:A2:AA:5E:0A:E9
X509v3 Authority Key Identifier:
keyid:3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/nKxYgxU46C1nM-kLwKHXoqpeCuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.112.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b9:26:64:6d:01:eb:5e:cc:89:e2:6f:38:93:f6:71:e4:e0:
b2:5b:70:ad:e8:9a:94:a8:b3:84:df:c6:0d:81:2e:98:b3:bd:
e4:f5:f9:df:df:76:8c:94:bb:e8:bd:71:03:76:bd:75:b6:53:
62:ec:55:3b:38:17:43:39:9e:83:23:11:d5:2f:66:74:ab:78:
8b:46:b8:44:ce:ea:5e:7f:23:42:04:a3:8d:78:95:51:8f:6d:
8d:2b:1d:8c:61:66:77:e0:39:41:ef:90:97:f1:3e:e6:66:46:
7d:04:14:16:e9:f4:31:a3:89:da:aa:01:15:83:ab:0f:a1:06:
3e:56:ed:76:8c:2b:97:5b:f4:f2:17:93:82:fa:e5:0d:8b:e2:
0f:f4:f7:e6:29:8f:35:75:bd:16:fe:7e:41:82:e3:c5:12:1b:
11:66:32:c8:ba:68:ce:bb:f2:4d:b6:66:7d:e0:97:ca:09:22:
80:d6:f4:c5:ef:c6:bc:99:f8:02:ed:b3:29:72:78:4f:3c:d2:
12:a9:87:0d:20:fc:fc:02:09:68:ec:7f:5b:62:ae:7d:82:53:
f9:a3:50:48:23:d7:47:01:c9:af:0e:ba:88:5c:6b:a5:25:56:
ef:1d:5d:5d:21:b9:c6:80:db:a1:2c:b4:2e:8d:61:47:e6:0b:
d4:69:ce:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjady3yA79PljFcgFusWURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTQ0Y2EwZTJiZTE4ZTlmZDc0ZTI4MTMyNGEzMGIwZWEy
ZDFkNTIwHhcNMjUwMTAxMTk0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FjNTg4MzE1MzhlODJkNjczM2U5MGJjMGExZDdhMmFhNWUwYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17vwR7smQ0brQ14j+SGY9KwJswX3
cu/OVkMEro1C1N08mj2SZvyk2pvDmDn+GQebyj7rQVP3JxN+MVM27zJMNaArLqBQ
V74RX4LEKUNEbY6CeSpADigjtOX4BQlF006Jg+4MuGHbcMVN3s+UKaZFWYyLHkMG
tkWO88K0j+PmgOjqgtMKWsg3ae+lurW5WIKVFiKVtyCDFGT0SwTVmk5PwfAZ0Shq
OoUuy4Hye1Ncriq+8x+LmKsGjGf/WZrMQfDrAtQodrKw6OoqnYuVCBgDH7XQsO0N
fSSxZ45fJcoDUL83BmD0tIkb8kFFcTGwapfmuullWEmMNJlkpVQdHU3clQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJysWIMVOOgtZzPpC8Ch16KqXgrpMB8GA1UdIwQY
MBaAFDtUTKDivhjp/XTigTJKMLDqLR1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEt
ODc2YTlkNzYyOWY2LzEvbkt4WWd4VTQ2QzFuTS1rTHdLSFhvcXBlQ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEtODc2YTlkNzYyOWY2
LzEvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHxwMA0G
CSqGSIb3DQEBCwUAA4IBAQAYuSZkbQHrXsyJ4m84k/Zx5OCyW3Ct6JqUqLOE38YN
gS6Ys73k9fnf33aMlLvovXEDdr11tlNi7FU7OBdDOZ6DIxHVL2Z0q3iLRrhEzupe
fyNCBKONeJVRj22NKx2MYWZ34DlB75CX8T7mZkZ9BBQW6fQxo4naqgEVg6sPoQY+
Vu12jCuXW/TyF5OC+uUNi+IP9PfmKY81db0W/n5BguPFEhsRZjLIumjOu/JNtmZ9
4JfKCSKA1vTF78a8mfgC7bMpcnhPPNISqYcNIPz8Aglo7H9bYq59glP5o1BII9dH
AcmvDrqIXGulJVbvHV1dIbnGgNuhLLQujWFH5gvUac5Q
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:47:56 2025 by rpki-client