Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/i-NcdzW87JQ4S13PQa8zzViNhxY.roa
File: i-NcdzW87JQ4S13PQa8zzViNhxY.roa (raw, json)
Hash identifier: 5KklHjluhn1HzYRZR4tDfo9d5WYKAm0X95RTT55u4EA=
Subject key identifier: 8B:E3:5C:77:35:BC:EC:94:38:4B:5D:CF:41:AF:33:CD:58:8D:87:16
Certificate issuer: /CN=87b1396fd11c730ef20448129b282856ac504cb7
Certificate serial: 01941FFAA8A56D18EC362BB85392DD8E712A
Authority key identifier: 87:B1:39:6F:D1:1C:73:0E:F2:04:48:12:9B:28:28:56:AC:50:4C:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7E5b9Eccw7yBEgSmygoVqxQTLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/i-NcdzW87JQ4S13PQa8zzViNhxY.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 192.109.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a8:a5:6d:18:ec:36:2b:b8:53:92:dd:8e:71:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87b1396fd11c730ef20448129b282856ac504cb7
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8be35c7735bcec94384b5dcf41af33cd588d8716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:44:8f:05:5b:7a:7e:bb:b2:13:e4:57:9b:
01:fb:94:37:11:e3:aa:42:d6:0a:c8:4b:8c:0b:d7:
38:08:a5:a4:fb:02:58:29:3f:5f:b4:b3:ba:76:ce:
6b:45:94:52:68:c5:30:1f:ce:85:5e:be:6d:e2:c3:
6c:69:2d:54:76:14:e1:d6:70:a1:68:cc:52:2e:9e:
42:17:bc:d4:bb:c4:96:ac:d0:a4:5d:29:9e:39:1f:
4b:f8:9f:f7:3a:1f:07:f2:30:c6:b5:10:3e:4c:74:
6d:29:ad:6b:90:d4:53:82:07:50:9f:f3:06:23:1a:
55:87:f5:ac:b8:06:af:e5:74:a8:6e:da:c1:c6:ca:
62:74:c8:ef:19:21:02:f0:d9:0c:0d:8a:bb:d5:dc:
b3:ed:64:1b:d1:39:8d:c5:d9:22:28:cf:6b:18:41:
57:6d:a0:f3:27:ba:93:30:4a:b8:7e:01:fa:07:b3:
e6:d8:43:c6:dc:e7:47:eb:3c:aa:f1:dd:da:a3:84:
91:0a:f9:07:6f:cf:f2:64:8a:ce:e7:ab:52:7a:67:
10:fe:ec:83:f7:27:74:49:06:d8:1b:ca:5b:3c:ce:
28:2f:f9:83:72:6e:91:82:7d:37:ae:11:19:01:46:
70:50:c8:57:fe:0e:24:e1:d5:f3:4a:85:40:cd:5d:
dd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E3:5C:77:35:BC:EC:94:38:4B:5D:CF:41:AF:33:CD:58:8D:87:16
X509v3 Authority Key Identifier:
keyid:87:B1:39:6F:D1:1C:73:0E:F2:04:48:12:9B:28:28:56:AC:50:4C:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7E5b9Eccw7yBEgSmygoVqxQTLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/i-NcdzW87JQ4S13PQa8zzViNhxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/h7E5b9Eccw7yBEgSmygoVqxQTLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e9:a1:ac:5a:21:38:10:52:bf:38:7a:b8:5f:7e:bb:01:e7:
a2:10:fe:51:9b:b6:d3:6c:36:e0:8f:1b:26:b0:63:9e:38:72:
2b:4d:87:f1:e0:c9:ef:31:4b:46:9f:ce:ff:df:8a:c0:20:81:
5a:5a:fb:da:80:a6:68:7d:bb:f1:34:25:6d:66:e1:3a:d8:12:
e4:10:c0:17:23:77:a3:fd:c2:c1:f6:39:80:5d:26:2f:f1:f4:
10:4d:6f:85:b2:69:6d:a7:2b:df:eb:ad:ef:df:b9:63:63:c3:
60:73:fb:43:d0:b2:ae:bd:ea:5d:43:06:71:bb:79:fd:79:cf:
b8:43:b7:43:b4:53:85:69:2d:d5:01:7c:ce:7c:8d:ba:9e:0d:
ea:d9:69:df:43:33:c2:37:14:c1:42:db:30:b6:1c:61:10:b8:
60:98:c4:eb:2e:34:48:3d:23:99:0e:5a:0f:f8:41:2c:7c:82:
00:64:94:a0:e9:ab:07:92:96:35:36:fc:9c:5b:e2:dd:16:ce:
b7:d1:90:d1:6c:4c:5a:d0:f3:2d:bb:30:7b:5a:0f:e7:99:41:
df:54:20:6f:c9:4f:bc:bf:ad:b1:cf:7e:22:17:2e:f5:e1:62:
42:93:a6:ab:d7:31:ef:ea:6f:12:c5:5b:fa:59:60:1a:61:27:
26:2b:6b:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qilbRjsNiu4U5LdjnEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YjEzOTZmZDExYzczMGVmMjA0NDgxMjliMjgyODU2YWM1
MDRjYjcwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmUzNWM3NzM1YmNlYzk0Mzg0YjVkY2Y0MWFmMzNjZDU4OGQ4NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf9EjwVben67shPkV5sB+5Q3EeOq
QtYKyEuMC9c4CKWk+wJYKT9ftLO6ds5rRZRSaMUwH86FXr5t4sNsaS1UdhTh1nCh
aMxSLp5CF7zUu8SWrNCkXSmeOR9L+J/3Oh8H8jDGtRA+THRtKa1rkNRTggdQn/MG
IxpVh/WsuAav5XSobtrBxspidMjvGSEC8NkMDYq71dyz7WQb0TmNxdkiKM9rGEFX
baDzJ7qTMEq4fgH6B7Pm2EPG3OdH6zyq8d3ao4SRCvkHb8/yZIrO56tSemcQ/uyD
9yd0SQbYG8pbPM4oL/mDcm6Rgn03rhEZAUZwUMhX/g4k4dXzSoVAzV3dfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvjXHc1vOyUOEtdz0GvM81YjYcWMB8GA1UdIwQY
MBaAFIexOW/RHHMO8gRIEpsoKFasUEy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDdFNWI5RWNjdzd5QkVnU215Z29WcXhRVExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOGJjOTAtMWQ1My00ZDQ3LWJiZGIt
ZjRlN2M5Y2M0M2ZmLzEvaS1OY2R6Vzg3SlE0UzEzUFFhOHp6VmlOaHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOGJjOTAtMWQ1My00ZDQ3LWJiZGItZjRlN2M5Y2M0M2Zm
LzEvaDdFNWI5RWNjdzd5QkVnU215Z29WcXhRVExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3OMA0G
CSqGSIb3DQEBCwUAA4IBAQBC6aGsWiE4EFK/OHq4X367AeeiEP5Rm7bTbDbgjxsm
sGOeOHIrTYfx4MnvMUtGn87/34rAIIFaWvvagKZofbvxNCVtZuE62BLkEMAXI3ej
/cLB9jmAXSYv8fQQTW+Fsmltpyvf663v37ljY8Ngc/tD0LKuvepdQwZxu3n9ec+4
Q7dDtFOFaS3VAXzOfI26ng3q2WnfQzPCNxTBQtswthxhELhgmMTrLjRIPSOZDloP
+EEsfIIAZJSg6asHkpY1NvycW+LdFs630ZDRbExa0PMtuzB7Wg/nmUHfVCBvyU+8
v62xz34iFy714WJCk6ar1zHv6m8SxVv6WWAaYScmK2vp
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:14:14 2025 by rpki-client