Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/NR5q24H1ufzbYF2XouLHFu4YVgE.roa
File: NR5q24H1ufzbYF2XouLHFu4YVgE.roa (raw, json)
Hash identifier: P7YBV+TAXY1ntVvPbNeFWy4DC2dZewmJse8AyIIurOo=
Subject key identifier: 35:1E:6A:DB:81:F5:B9:FC:DB:60:5D:97:A2:E2:C7:16:EE:18:56:01
Certificate issuer: /CN=2dd3ae23cb46ee9c21950efcb60defa094ba5548
Certificate serial: 01942823A3B8F5913412A8DF78F2BC879B63
Authority key identifier: 2D:D3:AE:23:CB:46:EE:9C:21:95:0E:FC:B6:0D:EF:A0:94:BA:55:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdOuI8tG7pwhlQ78tg3voJS6VUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/NR5q24H1ufzbYF2XouLHFu4YVgE.roa
Signing time: Thu 02 Jan 2025 17:50:11 +0000
ROA not before: Thu 02 Jan 2025 17:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204099
IP address blocks: 185.222.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:a3:b8:f5:91:34:12:a8:df:78:f2:bc:87:9b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd3ae23cb46ee9c21950efcb60defa094ba5548
Validity
Not Before: Jan 2 17:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=351e6adb81f5b9fcdb605d97a2e2c716ee185601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e6:91:dd:38:b8:2c:52:32:eb:20:be:51:4c:
e7:a7:74:a2:c3:77:38:b6:39:31:b5:61:15:74:94:
d9:fb:00:41:7c:01:67:c0:25:77:c8:1c:04:d8:8c:
6d:86:33:54:21:08:36:8a:6f:f4:cc:72:3e:6c:6a:
2f:ad:88:ac:da:7a:0a:50:68:71:42:64:f1:01:4e:
f8:68:ae:5a:07:f2:42:59:9f:0a:dd:14:10:99:38:
7f:e7:01:4f:b5:1b:bc:d5:b4:5c:48:ae:66:51:2a:
97:15:6c:92:ef:b9:2c:37:a8:28:12:a8:2c:b4:b5:
61:7a:8f:29:15:c3:07:48:8d:c2:f9:01:f8:36:cf:
54:e3:b2:0d:8b:fb:10:d3:09:75:79:30:40:ad:cf:
bc:ef:05:f6:c2:8c:7b:82:9a:32:b2:b9:a6:f7:56:
52:bf:54:90:85:4e:41:f7:37:3f:24:39:43:ac:bb:
be:36:bb:13:29:89:b2:8b:51:20:ba:4a:89:0b:47:
7e:88:52:cb:3c:f5:0c:fb:2d:61:03:0a:0a:95:5a:
ca:22:d4:34:0b:35:01:1e:63:2e:e1:58:8c:ff:bb:
8a:c8:43:6a:66:ac:49:50:58:ac:47:db:00:01:34:
38:a6:78:05:60:9c:7c:6a:1b:2c:71:e2:5d:10:00:
22:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1E:6A:DB:81:F5:B9:FC:DB:60:5D:97:A2:E2:C7:16:EE:18:56:01
X509v3 Authority Key Identifier:
keyid:2D:D3:AE:23:CB:46:EE:9C:21:95:0E:FC:B6:0D:EF:A0:94:BA:55:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdOuI8tG7pwhlQ78tg3voJS6VUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/NR5q24H1ufzbYF2XouLHFu4YVgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/LdOuI8tG7pwhlQ78tg3voJS6VUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.44.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:8b:90:e8:8e:02:5f:3e:77:35:b7:7f:a1:d6:55:70:ee:85:
54:35:e0:41:0c:ae:8b:52:1c:21:99:39:1c:47:ec:36:15:01:
13:33:1c:04:5f:7f:cb:ed:e6:5e:2e:ea:d6:46:ce:a1:7f:25:
f4:e8:9c:d7:3f:88:62:02:1d:27:28:57:be:f8:e0:e2:06:0d:
f7:0e:d5:c9:85:8c:53:9f:41:fc:03:8d:04:8c:81:97:25:bd:
30:b4:57:ab:3a:09:63:13:1f:13:61:c2:59:5b:0c:9c:3b:74:
d1:fa:69:2f:24:4e:45:fb:c5:91:df:17:c1:7d:7f:96:ed:cf:
2a:a4:98:b8:5e:f6:45:8b:94:0d:f6:bc:b4:82:86:c8:48:66:
7b:3b:7f:27:ab:4e:c1:a4:a1:7d:e9:b0:eb:96:68:09:67:df:
5f:16:c9:4a:3f:78:6a:11:d6:d7:be:53:b0:48:a6:78:19:1c:
51:2b:a7:87:a4:cd:2c:8d:f6:61:b4:4c:32:5d:5f:9f:cd:4c:
2a:cc:74:34:b6:c2:58:17:54:80:c7:02:1b:b1:e6:a3:0e:f3:
c3:fe:9c:03:22:e9:54:84:4f:ee:3f:00:68:d0:4c:cb:c5:64:
c7:27:89:ec:aa:17:16:3a:98:6e:86:7c:b0:6c:c6:2a:7c:25:
81:d6:24:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI6O49ZE0EqjfePK8h5tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDNhZTIzY2I0NmVlOWMyMTk1MGVmY2I2MGRlZmEwOTRi
YTU1NDgwHhcNMjUwMTAyMTc1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFlNmFkYjgxZjViOWZjZGI2MDVkOTdhMmUyYzcxNmVlMTg1NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eaR3Ti4LFIy6yC+UUznp3Siw3c4
tjkxtWEVdJTZ+wBBfAFnwCV3yBwE2IxthjNUIQg2im/0zHI+bGovrYis2noKUGhx
QmTxAU74aK5aB/JCWZ8K3RQQmTh/5wFPtRu81bRcSK5mUSqXFWyS77ksN6goEqgs
tLVheo8pFcMHSI3C+QH4Ns9U47INi/sQ0wl1eTBArc+87wX2wox7gpoysrmm91ZS
v1SQhU5B9zc/JDlDrLu+NrsTKYmyi1EgukqJC0d+iFLLPPUM+y1hAwoKlVrKItQ0
CzUBHmMu4ViM/7uKyENqZqxJUFisR9sAATQ4pngFYJx8ahssceJdEAAifwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUeatuB9bn822Bdl6LixxbuGFYBMB8GA1UdIwQY
MBaAFC3TriPLRu6cIZUO/LYN76CUulVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRPdUk4dEc3cHdobFE3OHRnM3ZvSlM2VlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMTlkNjEtNTYwYS00NGZkLWFhMjUt
NDk2NzFhY2RmNDg2LzEvTlI1cTI0SDF1ZnpiWUYyWG91TEhGdTRZVmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMTlkNjEtNTYwYS00NGZkLWFhMjUtNDk2NzFhY2RmNDg2
LzEvTGRPdUk4dEc3cHdobFE3OHRnM3ZvSlM2VlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud4sMA0G
CSqGSIb3DQEBCwUAA4IBAQA6i5DojgJfPnc1t3+h1lVw7oVUNeBBDK6LUhwhmTkc
R+w2FQETMxwEX3/L7eZeLurWRs6hfyX06JzXP4hiAh0nKFe++ODiBg33DtXJhYxT
n0H8A40EjIGXJb0wtFerOgljEx8TYcJZWwycO3TR+mkvJE5F+8WR3xfBfX+W7c8q
pJi4XvZFi5QN9ry0gobISGZ7O38nq07BpKF96bDrlmgJZ99fFslKP3hqEdbXvlOw
SKZ4GRxRK6eHpM0sjfZhtEwyXV+fzUwqzHQ0tsJYF1SAxwIbseajDvPD/pwDIulU
hE/uPwBo0EzLxWTHJ4nsqhcWOphuhnywbMYqfCWB1iTr
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:20 2025 by rpki-client