Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/nAc1q3nfY2rahmh9ClFRUbi5r8Q.roa
File: nAc1q3nfY2rahmh9ClFRUbi5r8Q.roa (raw, json)
Hash identifier: QqGmTANPkdGPtd0qcxYu7kXnGVs9toB0HFWCS2h8KYs=
Subject key identifier: 9C:07:35:AB:79:DF:63:6A:DA:86:68:7D:0A:51:51:51:B8:B9:AF:C4
Certificate issuer: /CN=8ee717c2aa961aac4503f1b48464df0233ce3fa9
Certificate serial: 0194258FBFC511FBA81C03FC6A232C01DF3E
Authority key identifier: 8E:E7:17:C2:AA:96:1A:AC:45:03:F1:B4:84:64:DF:02:33:CE:3F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jucXwqqWGqxFA_G0hGTfAjPOP6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/nAc1q3nfY2rahmh9ClFRUbi5r8Q.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198024
IP address blocks: 185.116.32.0/22 maxlen: 22
2a06:7b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bf:c5:11:fb:a8:1c:03:fc:6a:23:2c:01:df:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ee717c2aa961aac4503f1b48464df0233ce3fa9
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c0735ab79df636ada86687d0a515151b8b9afc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:07:2b:eb:78:d1:b9:92:1b:6d:2a:18:28:bc:
7a:b1:c6:49:ad:6e:ac:ba:e3:04:28:d0:9e:6f:a6:
fb:57:eb:ed:4d:9f:94:c1:e0:c6:3e:45:c7:d8:4c:
69:29:fc:e2:eb:a7:06:af:95:7a:e1:a9:a0:67:d5:
43:b9:80:68:b8:a0:10:aa:6f:f8:e3:01:63:2a:b2:
41:50:38:f4:97:13:07:95:8c:0e:0b:7f:e5:fd:b8:
51:fd:01:e0:28:c9:20:6a:de:fc:0e:ce:95:e2:39:
43:b0:06:9b:6c:92:a1:da:26:18:39:bc:6e:ee:3e:
8a:f3:93:03:48:e0:d2:fa:f6:f0:cf:27:17:9b:09:
76:f1:48:bd:0a:1c:04:ec:15:ba:a3:da:5b:13:43:
f3:f8:8b:77:0b:30:b3:92:e4:07:a4:3a:73:5c:05:
19:e2:22:81:23:fc:eb:82:f8:5f:01:4b:f2:89:08:
8f:54:0d:13:a6:e8:03:79:cd:12:56:76:76:c0:f7:
90:75:bf:f4:fe:b6:e6:d4:60:25:00:47:6f:a2:8b:
45:09:21:bf:2e:be:e4:e7:30:56:58:ac:5f:7a:21:
8d:94:8f:20:a1:89:ea:0e:fd:84:12:3f:8f:d1:23:
3c:ca:44:02:92:53:d4:b0:36:f8:a5:69:18:89:ac:
59:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:07:35:AB:79:DF:63:6A:DA:86:68:7D:0A:51:51:51:B8:B9:AF:C4
X509v3 Authority Key Identifier:
keyid:8E:E7:17:C2:AA:96:1A:AC:45:03:F1:B4:84:64:DF:02:33:CE:3F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jucXwqqWGqxFA_G0hGTfAjPOP6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/nAc1q3nfY2rahmh9ClFRUbi5r8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/jucXwqqWGqxFA_G0hGTfAjPOP6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.32.0/22
IPv6:
2a06:7b40::/29
Signature Algorithm: sha256WithRSAEncryption
16:13:23:35:68:71:eb:fe:d4:b4:82:ce:a5:d4:5d:dc:d1:8a:
e0:12:03:25:16:bb:07:ef:fb:35:18:54:f1:39:15:11:da:3b:
29:16:cd:b1:f4:3d:7e:52:5d:d7:ee:f3:93:b4:4d:7c:10:24:
a2:78:5b:82:ea:6d:df:11:1b:c6:09:0c:6c:4f:58:05:25:f0:
7b:fd:df:dc:ac:06:ec:bd:5e:49:61:b3:49:23:c3:8e:13:a2:
60:d4:8d:53:10:9e:35:63:c8:7b:a9:39:83:26:cb:2b:d9:88:
9a:39:f3:b3:76:83:cf:9d:c5:6d:6f:bf:1b:91:b5:98:df:cc:
58:a2:fe:f2:26:b9:1c:98:cc:14:50:9d:6a:76:70:db:1f:84:
09:4d:79:5b:fc:ac:18:90:4d:fe:68:9c:18:95:18:4c:7c:82:
74:65:83:f2:36:7d:96:50:31:a9:cc:6c:2d:1f:fd:93:e4:5f:
c7:c7:19:45:57:6d:60:85:04:b8:c8:51:27:45:e4:4b:05:35:
6b:81:df:71:4b:e5:c5:3d:1f:bd:e9:9d:e8:b5:d8:9f:b4:d2:
ff:bf:99:2c:89:60:24:ba:18:34:2d:6d:dd:94:e9:22:c5:a4:
b8:f8:30:1b:99:96:d9:94:77:44:0e:a5:ea:20:13:43:ea:fe:
d6:56:08:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7/FEfuoHAP8aiMsAd8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZTcxN2MyYWE5NjFhYWM0NTAzZjFiNDg0NjRkZjAyMzNj
ZTNmYTkwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA3MzVhYjc5ZGY2MzZhZGE4NjY4N2QwYTUxNTE1MWI4YjlhZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQcr63jRuZIbbSoYKLx6scZJrW6s
uuMEKNCeb6b7V+vtTZ+UweDGPkXH2ExpKfzi66cGr5V64amgZ9VDuYBouKAQqm/4
4wFjKrJBUDj0lxMHlYwOC3/l/bhR/QHgKMkgat78Ds6V4jlDsAabbJKh2iYYObxu
7j6K85MDSODS+vbwzycXmwl28Ui9ChwE7BW6o9pbE0Pz+It3CzCzkuQHpDpzXAUZ
4iKBI/zrgvhfAUvyiQiPVA0TpugDec0SVnZ2wPeQdb/0/rbm1GAlAEdvootFCSG/
Lr7k5zBWWKxfeiGNlI8goYnqDv2EEj+P0SM8ykQCklPUsDb4pWkYiaxZZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwHNat532Nq2oZofQpRUVG4ua/EMB8GA1UdIwQY
MBaAFI7nF8KqlhqsRQPxtIRk3wIzzj+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanVjWHdxcVdHcXhGQV9HMGhHVGZBalBPUDZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xMzBkNzctYzRkYi00ODVhLWJjYmYt
MzI5Y2I1MTZkOTM3LzEvbkFjMXEzbmZZMnJhaG1oOUNsRlJVYmk1cjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xMzBkNzctYzRkYi00ODVhLWJjYmYtMzI5Y2I1MTZkOTM3
LzEvanVjWHdxcVdHcXhGQV9HMGhHVGZBalBPUDZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXQgMA0E
AgACMAcDBQMqBntAMA0GCSqGSIb3DQEBCwUAA4IBAQAWEyM1aHHr/tS0gs6l1F3c
0YrgEgMlFrsH7/s1GFTxORUR2jspFs2x9D1+Ul3X7vOTtE18ECSieFuC6m3fERvG
CQxsT1gFJfB7/d/crAbsvV5JYbNJI8OOE6Jg1I1TEJ41Y8h7qTmDJssr2YiaOfOz
doPPncVtb78bkbWY38xYov7yJrkcmMwUUJ1qdnDbH4QJTXlb/KwYkE3+aJwYlRhM
fIJ0ZYPyNn2WUDGpzGwtH/2T5F/HxxlFV21ghQS4yFEnReRLBTVrgd9xS+XFPR+9
6Z3otdiftNL/v5ksiWAkuhg0LW3dlOkixaS4+DAbmZbZlHdEDqXqIBND6v7WVgjB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:32 2025 by rpki-client