Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/6bbb62-a915-41af-887f-99e65d1cca64/1/nGD9e7qABGhrkkJeBShDJkAxqjM.roa
File: nGD9e7qABGhrkkJeBShDJkAxqjM.roa (raw, json)
Hash identifier: MHDg1dIbJmNhfyWqQGhDOdJDcAqPr6/8XBlVLqvxXsk=
Subject key identifier: 9C:60:FD:7B:BA:80:04:68:6B:92:42:5E:05:28:43:26:40:31:AA:33
Certificate issuer: /CN=33c676946369f548ce6218fe473f3da4d1a5d1a8
Certificate serial: 01856F94C15ED5C8C3F97D1BD66F35CD4CB2
Authority key identifier: 33:C6:76:94:63:69:F5:48:CE:62:18:FE:47:3F:3D:A4:D1:A5:D1:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8Z2lGNp9UjOYhj-Rz89pNGl0ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/6bbb62-a915-41af-887f-99e65d1cca64/1/nGD9e7qABGhrkkJeBShDJkAxqjM.roa
Signing time: Sun 01 Jan 2023 23:04:57 +0000
ROA not before: Sun 01 Jan 2023 23:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211803
IP address blocks: 185.238.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c1:5e:d5:c8:c3:f9:7d:1b:d6:6f:35:cd:4c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c676946369f548ce6218fe473f3da4d1a5d1a8
Validity
Not Before: Jan 1 23:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c60fd7bba8004686b92425e052843264031aa33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:aa:d2:43:21:60:52:18:0c:1d:20:9d:37:
f9:32:a6:3d:50:d5:4c:79:3f:a2:1d:6e:03:bb:c0:
69:a9:02:05:4c:0b:e2:db:ec:9d:f8:f2:b6:bc:6d:
04:f2:7a:62:80:e6:31:d6:09:85:02:17:5c:7b:0a:
52:66:54:9b:6a:b1:35:29:2e:2f:82:da:ee:1c:f3:
2a:63:19:f2:c9:81:a7:85:0e:36:fc:6d:15:38:81:
90:36:b3:25:7f:c5:f0:da:15:5d:0a:47:87:02:78:
61:70:51:18:82:9b:7f:9b:eb:b9:bc:55:f5:4a:04:
5f:ba:0f:3c:93:af:f3:a2:9a:ed:3e:72:46:34:32:
c6:f0:2e:a2:75:35:57:00:05:80:09:7e:f9:c7:b0:
ab:bb:f5:0e:48:74:f4:cb:59:05:4d:ff:db:aa:f1:
33:17:87:fc:64:b9:86:9c:eb:38:fc:a9:f8:5b:2d:
48:2a:49:6c:c2:ae:a4:f6:1b:d3:60:40:93:62:a5:
49:94:6f:68:06:7f:40:f9:d1:ba:49:85:65:2c:c7:
0d:25:55:58:e5:e6:95:97:74:cb:88:80:bf:d4:1d:
3b:14:25:55:b2:70:85:64:a6:4c:49:0e:97:47:f6:
45:b9:e3:96:a8:6a:aa:55:e1:3c:ce:82:8c:60:2a:
35:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:FD:7B:BA:80:04:68:6B:92:42:5E:05:28:43:26:40:31:AA:33
X509v3 Authority Key Identifier:
keyid:33:C6:76:94:63:69:F5:48:CE:62:18:FE:47:3F:3D:A4:D1:A5:D1:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8Z2lGNp9UjOYhj-Rz89pNGl0ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/6bbb62-a915-41af-887f-99e65d1cca64/1/nGD9e7qABGhrkkJeBShDJkAxqjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/6bbb62-a915-41af-887f-99e65d1cca64/1/M8Z2lGNp9UjOYhj-Rz89pNGl0ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.112.0/24
Signature Algorithm: sha256WithRSAEncryption
29:03:6c:58:3e:b4:17:91:4e:de:bf:24:0e:dd:1c:60:e9:ed:
51:a6:56:99:c5:03:83:17:fb:a7:e9:91:82:da:cc:5a:41:81:
dd:b3:0c:77:1d:c9:a1:e7:e9:a0:30:60:14:ef:b1:10:ea:c1:
2a:d7:b1:ed:65:0e:96:4f:a8:9c:28:5e:15:de:b5:a1:99:f9:
39:e5:8f:cb:32:94:f8:7f:77:df:9d:60:b1:ba:3b:cd:97:10:
f7:84:e7:0f:94:ee:8b:ed:9e:3a:e4:aa:77:c3:96:ed:29:bc:
07:79:a5:d0:a1:31:a2:4f:eb:b6:fc:13:45:9f:a1:dc:6a:c7:
03:59:46:c5:43:75:24:8f:8f:2f:fb:5e:d9:72:34:6e:6f:72:
ff:8b:7f:18:2f:af:2e:32:35:fb:c0:49:7d:79:fb:9c:68:da:
95:e9:5d:c2:8e:d3:58:92:da:c8:6a:ac:89:7e:33:f5:d4:a4:
0a:b8:8e:20:01:99:16:52:60:1c:1d:b8:d1:18:6a:b0:c6:77:
8d:8f:80:dd:31:90:ee:92:9f:19:5d:85:f7:9e:eb:91:cf:c1:
bb:da:da:18:a2:19:37:bc:7e:37:63:3b:0b:1d:d4:e4:ae:7b:
a9:b8:c5:5a:25:a4:b8:4a:d0:f1:8e:ed:4a:2c:74:5c:fb:db:
45:5b:0e:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlMFe1cjD+X0b1m81zUyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzY3Njk0NjM2OWY1NDhjZTYyMThmZTQ3M2YzZGE0ZDFh
NWQxYTgwHhcNMjMwMTAxMjMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYwZmQ3YmJhODAwNDY4NmI5MjQyNWUwNTI4NDMyNjQwMzFhYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntWq0kMhYFIYDB0gnTf5MqY9UNVM
eT+iHW4Du8BpqQIFTAvi2+yd+PK2vG0E8npigOYx1gmFAhdcewpSZlSbarE1KS4v
gtruHPMqYxnyyYGnhQ42/G0VOIGQNrMlf8Xw2hVdCkeHAnhhcFEYgpt/m+u5vFX1
SgRfug88k6/zoprtPnJGNDLG8C6idTVXAAWACX75x7Cru/UOSHT0y1kFTf/bqvEz
F4f8ZLmGnOs4/Kn4Wy1IKklswq6k9hvTYECTYqVJlG9oBn9A+dG6SYVlLMcNJVVY
5eaVl3TLiIC/1B07FCVVsnCFZKZMSQ6XR/ZFueOWqGqqVeE8zoKMYCo1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxg/Xu6gARoa5JCXgUoQyZAMaozMB8GA1UdIwQY
MBaAFDPGdpRjafVIzmIY/kc/PaTRpdGoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThaMmxHTnA5VWpPWWhqLVJ6ODlwTkdsMGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS82YmJiNjItYTkxNS00MWFmLTg4N2Yt
OTllNjVkMWNjYTY0LzEvbkdEOWU3cUFCR2hya2tKZUJTaERKa0F4cWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS82YmJiNjItYTkxNS00MWFmLTg4N2YtOTllNjVkMWNjYTY0
LzEvTThaMmxHTnA5VWpPWWhqLVJ6ODlwTkdsMGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue5wMA0G
CSqGSIb3DQEBCwUAA4IBAQApA2xYPrQXkU7evyQO3Rxg6e1RplaZxQODF/un6ZGC
2sxaQYHdswx3Hcmh5+mgMGAU77EQ6sEq17HtZQ6WT6icKF4V3rWhmfk55Y/LMpT4
f3ffnWCxujvNlxD3hOcPlO6L7Z465Kp3w5btKbwHeaXQoTGiT+u2/BNFn6HcascD
WUbFQ3Ukj48v+17ZcjRub3L/i38YL68uMjX7wEl9efucaNqV6V3CjtNYktrIaqyJ
fjP11KQKuI4gAZkWUmAcHbjRGGqwxneNj4DdMZDukp8ZXYX3nuuRz8G72toYohk3
vH43YzsLHdTkrnupuMVaJaS4StDxju1KLHRc+9tFWw4Z
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:23 2025 by rpki-client