Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/ebd67c-009a-45fc-8ff7-2e70ded9d94f/1/nvssmzONG7qjvIwamItOLmkUaA0.roa
File: nvssmzONG7qjvIwamItOLmkUaA0.roa (raw, json)
Hash identifier: EEJiS6J16mRVGMMJil5p1RCJmhdzFd3cSiAFjhbQlYI=
Subject key identifier: 9E:FB:2C:9B:33:8D:1B:BA:A3:BC:8C:1A:98:8B:4E:2E:69:14:68:0D
Certificate issuer: /CN=ba8723651cabcf0009cf281a2a51c5b4e905622f
Certificate serial: 0195CA1F64E0104A5CDBE8E0C3D289DA4F0C
Authority key identifier: BA:87:23:65:1C:AB:CF:00:09:CF:28:1A:2A:51:C5:B4:E9:05:62:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uocjZRyrzwAJzygaKlHFtOkFYi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/ebd67c-009a-45fc-8ff7-2e70ded9d94f/1/nvssmzONG7qjvIwamItOLmkUaA0.roa
Signing time: Mon 24 Mar 2025 21:46:49 +0000
ROA not before: Mon 24 Mar 2025 21:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212997
IP address blocks: 185.18.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ca:1f:64:e0:10:4a:5c:db:e8:e0:c3:d2:89:da:4f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba8723651cabcf0009cf281a2a51c5b4e905622f
Validity
Not Before: Mar 24 21:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9efb2c9b338d1bbaa3bc8c1a988b4e2e6914680d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:91:f6:2d:e1:82:fa:b7:d0:59:61:2d:e7:
63:2e:4e:4a:09:43:e1:a1:9b:4d:8e:e5:f7:78:75:
56:9b:7d:d0:5a:87:85:6d:c4:1b:e0:50:da:3f:19:
22:30:5b:14:02:8c:c8:8e:d6:44:fb:8f:00:b8:e4:
a2:bd:68:02:0e:92:d0:b8:57:96:69:8d:8a:39:66:
c5:fd:20:66:26:d8:64:39:5c:26:f5:46:e1:53:f4:
63:20:4b:c6:25:77:d4:40:d2:64:f8:7e:b1:dc:77:
4f:40:0f:32:bf:ce:8f:40:86:dc:b0:e1:12:18:f2:
68:64:9a:50:8e:83:98:5a:5c:a1:48:05:10:42:77:
77:f9:7c:f8:7d:5f:56:9b:19:bf:ff:ac:dd:13:cf:
c6:89:1e:e5:e0:78:f9:8c:5c:c3:90:8f:07:ec:8f:
25:29:75:75:84:be:ab:a1:22:e7:5c:7d:09:b8:f0:
d8:d5:1f:15:1b:e4:c3:4d:33:dd:7d:b2:57:3c:3a:
ff:36:7f:7b:02:19:08:96:72:4e:79:dd:44:82:4f:
05:bd:eb:eb:93:68:8d:87:de:90:8d:76:4d:5b:e5:
5b:4f:7f:d9:5b:a8:3f:a5:68:ed:fe:ed:67:2d:41:
ca:84:14:e8:b4:40:a1:0c:03:6e:18:58:ce:3d:cb:
e8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FB:2C:9B:33:8D:1B:BA:A3:BC:8C:1A:98:8B:4E:2E:69:14:68:0D
X509v3 Authority Key Identifier:
keyid:BA:87:23:65:1C:AB:CF:00:09:CF:28:1A:2A:51:C5:B4:E9:05:62:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uocjZRyrzwAJzygaKlHFtOkFYi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/ebd67c-009a-45fc-8ff7-2e70ded9d94f/1/nvssmzONG7qjvIwamItOLmkUaA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/ebd67c-009a-45fc-8ff7-2e70ded9d94f/1/uocjZRyrzwAJzygaKlHFtOkFYi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.235.0/24
Signature Algorithm: sha256WithRSAEncryption
72:6c:60:9f:33:06:a2:91:7a:95:81:29:66:b4:74:88:5b:d0:
ee:76:1e:ab:00:97:dc:f2:5f:5d:74:54:50:09:90:94:5e:16:
51:e1:92:bb:e4:0b:5b:75:33:5c:d2:2c:33:c6:4b:19:cb:6d:
63:0a:98:af:2c:78:62:19:d3:e7:95:79:49:ce:b4:a5:a6:e6:
b2:93:3c:e8:9f:78:97:e1:28:51:56:13:93:02:9a:be:4d:a3:
05:94:af:23:79:f7:d2:fa:ed:57:5d:65:7e:b6:e7:fd:26:a3:
f0:93:a3:c1:91:96:75:a6:8d:8b:f6:c6:d7:00:26:aa:e9:14:
da:37:5e:58:ad:90:b8:47:3d:5c:83:52:d2:cc:0a:82:32:3c:
0c:87:40:ff:05:f2:29:61:ee:5b:9a:5b:0f:0c:d3:66:c7:9a:
d8:39:47:1b:84:ac:76:46:7e:43:2a:0a:6f:46:87:c3:82:97:
d6:ef:78:19:73:85:61:49:97:c5:c1:5a:49:3a:3b:ac:74:20:
8d:5b:bf:b3:78:a2:d9:4d:ff:85:e8:34:8e:74:93:03:ff:bd:
2d:26:c8:66:16:1d:bf:93:de:6a:3c:ba:ab:13:49:69:b7:b2:
cf:f6:5e:07:fd:16:e4:00:fa:9f:ee:20:10:4c:56:3b:63:d1:
78:a3:19:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXKH2TgEEpc2+jgw9KJ2k8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhODcyMzY1MWNhYmNmMDAwOWNmMjgxYTJhNTFjNWI0ZTkw
NTYyMmYwHhcNMjUwMzI0MjE0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZiMmM5YjMzOGQxYmJhYTNiYzhjMWE5ODhiNGUyZTY5MTQ2ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/WR9i3hgvq30FlhLedjLk5KCUPh
oZtNjuX3eHVWm33QWoeFbcQb4FDaPxkiMFsUAozIjtZE+48AuOSivWgCDpLQuFeW
aY2KOWbF/SBmJthkOVwm9UbhU/RjIEvGJXfUQNJk+H6x3HdPQA8yv86PQIbcsOES
GPJoZJpQjoOYWlyhSAUQQnd3+Xz4fV9Wmxm//6zdE8/GiR7l4Hj5jFzDkI8H7I8l
KXV1hL6roSLnXH0JuPDY1R8VG+TDTTPdfbJXPDr/Nn97AhkIlnJOed1Egk8Fvevr
k2iNh96QjXZNW+VbT3/ZW6g/pWjt/u1nLUHKhBTotEChDANuGFjOPcvoKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ77LJszjRu6o7yMGpiLTi5pFGgNMB8GA1UdIwQY
MBaAFLqHI2Ucq88ACc8oGipRxbTpBWIvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW9jalpSeXJ6d0FKenlnYUtsSEZ0T2tGWWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lYmQ2N2MtMDA5YS00NWZjLThmZjct
MmU3MGRlZDlkOTRmLzEvbnZzc216T05HN3Fqdkl3YW1JdE9MbWtVYUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lYmQ2N2MtMDA5YS00NWZjLThmZjctMmU3MGRlZDlkOTRm
LzEvdW9jalpSeXJ6d0FKenlnYUtsSEZ0T2tGWWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRLrMA0G
CSqGSIb3DQEBCwUAA4IBAQBybGCfMwaikXqVgSlmtHSIW9Dudh6rAJfc8l9ddFRQ
CZCUXhZR4ZK75AtbdTNc0iwzxksZy21jCpivLHhiGdPnlXlJzrSlpuaykzzon3iX
4ShRVhOTApq+TaMFlK8jeffS+u1XXWV+tuf9JqPwk6PBkZZ1po2L9sbXACaq6RTa
N15YrZC4Rz1cg1LSzAqCMjwMh0D/BfIpYe5bmlsPDNNmx5rYOUcbhKx2Rn5DKgpv
RofDgpfW73gZc4VhSZfFwVpJOjusdCCNW7+zeKLZTf+F6DSOdJMD/70tJshmFh2/
k95qPLqrE0lpt7LP9l4H/RbkAPqf7iAQTFY7Y9F4oxk+
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:23:13 2025 by rpki-client