Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nQQqZrIkK7L1nkNhxEZo__vb4gY.roa
File: nQQqZrIkK7L1nkNhxEZo__vb4gY.roa (raw, json)
Hash identifier: snJo3e0h11NKg0PKCK2bRsa9T6xQmv0S15o+R+CGn3w=
Subject key identifier: 9D:04:2A:66:B2:24:2B:B2:F5:9E:43:61:C4:46:68:FF:FB:DB:E2:06
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 019424B392F0829A85598900B411C0B17D5D
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nQQqZrIkK7L1nkNhxEZo__vb4gY.roa
Signing time: Thu 02 Jan 2025 01:48:55 +0000
ROA not before: Thu 02 Jan 2025 01:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207083
IP address blocks: 193.142.146.0/24 maxlen: 24
2a0f:ca80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:92:f0:82:9a:85:59:89:00:b4:11:c0:b1:7d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 01:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d042a66b2242bb2f59e4361c44668fffbdbe206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:46:fd:01:87:80:80:74:5b:aa:1b:da:39:8d:
37:a3:a3:91:dd:bd:8e:72:c4:80:1f:9c:3d:77:76:
1c:34:6a:e1:9a:ab:d7:6e:f8:65:c7:00:24:cc:98:
03:aa:b5:8b:17:61:05:ab:6e:c5:ad:ac:34:0c:47:
d2:f0:30:05:a4:d9:62:df:00:7e:b3:d8:3c:86:87:
26:37:9f:3f:b0:d2:8b:2c:fb:33:ff:ee:89:17:df:
3c:fb:81:86:44:8f:f6:96:3f:08:42:d5:c1:a9:0e:
58:0d:2f:31:f7:54:94:91:fc:5f:f6:74:2c:90:a4:
8b:8b:11:c3:fe:97:67:f8:22:57:81:a4:ed:9f:d7:
c9:2c:6f:36:fa:e9:59:da:fe:e7:8a:6c:df:56:60:
81:6c:71:fc:89:18:50:36:57:21:91:a3:41:4d:1a:
52:56:d2:a3:4e:f7:33:e9:2e:5d:64:1f:26:bd:b6:
27:de:4e:84:01:32:bd:3d:48:9e:15:1b:96:44:b4:
80:24:d1:95:44:bd:ef:18:ea:a3:81:05:d0:0a:34:
6c:1e:7c:5f:5b:bc:ee:8a:84:f4:f2:b3:65:c0:e7:
05:2b:e7:71:0c:1a:f4:1a:1b:15:48:32:15:15:77:
ae:f9:10:51:dc:28:85:aa:72:28:12:87:45:8a:c2:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:04:2A:66:B2:24:2B:B2:F5:9E:43:61:C4:46:68:FF:FB:DB:E2:06
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nQQqZrIkK7L1nkNhxEZo__vb4gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.146.0/24
IPv6:
2a0f:ca80::/48
Signature Algorithm: sha256WithRSAEncryption
4d:07:7e:a3:c6:a6:10:e1:ec:05:98:7d:5a:3d:77:0b:85:09:
66:78:cb:e0:95:f4:ef:ae:91:72:48:cd:b2:7a:2c:a9:6a:f8:
00:00:bc:6c:f7:02:22:18:dc:5e:f0:f3:12:82:90:5b:f5:96:
00:7c:df:ad:6d:fc:8b:35:23:0d:ce:b9:ed:3e:a5:4d:3c:0b:
0d:bc:bc:00:37:66:6c:e4:07:d8:7b:0b:71:bc:2c:0e:b5:73:
0e:b0:e8:6c:cb:1f:25:77:f3:0e:98:cb:44:be:57:bd:1b:41:
20:81:3b:e8:3e:92:41:e3:3a:f8:54:a9:79:15:0f:4c:b5:de:
16:34:80:67:1f:40:ba:e5:2d:3f:f2:1c:0f:4e:87:92:13:8f:
98:13:19:12:88:f1:6e:f5:d8:5d:21:22:8e:52:f5:68:84:b0:
ac:1b:49:23:a1:e0:03:17:4b:a0:36:1b:e5:65:2d:e5:98:3e:
b3:79:86:1b:c8:9c:70:3c:c1:a0:0a:eb:15:de:83:ff:3e:ed:
2f:97:8e:33:19:36:d4:cb:1e:ab:c6:1b:2e:d1:7b:5e:67:ff:
46:86:e5:80:5d:87:51:92:01:52:aa:19:fc:5d:c4:c7:4b:c0:
9e:2b:80:e7:2a:29:b8:5d:df:52:49:39:d4:8f:7e:25:bc:ca:
0f:1a:78:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks5LwgpqFWYkAtBHAsX1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjUwMTAyMDE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA0MmE2NmIyMjQyYmIyZjU5ZTQzNjFjNDQ2NjhmZmZiZGJlMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0b9AYeAgHRbqhvaOY03o6OR3b2O
csSAH5w9d3YcNGrhmqvXbvhlxwAkzJgDqrWLF2EFq27Fraw0DEfS8DAFpNli3wB+
s9g8hocmN58/sNKLLPsz/+6JF988+4GGRI/2lj8IQtXBqQ5YDS8x91SUkfxf9nQs
kKSLixHD/pdn+CJXgaTtn9fJLG82+ulZ2v7nimzfVmCBbHH8iRhQNlchkaNBTRpS
VtKjTvcz6S5dZB8mvbYn3k6EATK9PUieFRuWRLSAJNGVRL3vGOqjgQXQCjRsHnxf
W7zuioT08rNlwOcFK+dxDBr0GhsVSDIVFXeu+RBR3CiFqnIoEodFisJq8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0EKmayJCuy9Z5DYcRGaP/72+IGMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvblFRcVpySWtLN0wxbmtOaHhFWm9fX3ZiNGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwY6SMA8E
AgACMAkDBwAqD8qAAAAwDQYJKoZIhvcNAQELBQADggEBAE0HfqPGphDh7AWYfVo9
dwuFCWZ4y+CV9O+ukXJIzbJ6LKlq+AAAvGz3AiIY3F7w8xKCkFv1lgB8361t/Is1
Iw3Oue0+pU08Cw28vAA3ZmzkB9h7C3G8LA61cw6w6GzLHyV38w6Yy0S+V70bQSCB
O+g+kkHjOvhUqXkVD0y13hY0gGcfQLrlLT/yHA9Oh5ITj5gTGRKI8W712F0hIo5S
9WiEsKwbSSOh4AMXS6A2G+VlLeWYPrN5hhvInHA8waAK6xXeg/8+7S+XjjMZNtTL
HqvGGy7Re15n/0aG5YBdh1GSAVKqGfxdxMdLwJ4rgOcqKbhd31JJOdSPfiW8yg8a
eLg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:23:19 2025 by rpki-client