Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/482984-d9e4-4d33-a8ec-f4bab719e070/1/nuidpU4aDNDfpkpE3RPeG40f1q4.roa
File: nuidpU4aDNDfpkpE3RPeG40f1q4.roa (raw, json)
Hash identifier: KG4XUtkHgFpia+tczkzg4tQ7m8oF5y68xoUIqm5c/jc=
Subject key identifier: 9E:E8:9D:A5:4E:1A:0C:D0:DF:A6:4A:44:DD:13:DE:1B:8D:1F:D6:AE
Certificate issuer: /CN=93785b3a9e33c52b58b9ec95a37723f0008bf946
Certificate serial: 019420D5D310FB2D807E5C9BCFB919C32FB1
Authority key identifier: 93:78:5B:3A:9E:33:C5:2B:58:B9:EC:95:A3:77:23:F0:00:8B:F9:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k3hbOp4zxStYueyVo3cj8ACL-UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/482984-d9e4-4d33-a8ec-f4bab719e070/1/nuidpU4aDNDfpkpE3RPeG40f1q4.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59620
IP address blocks: 185.165.96.0/24 maxlen: 24
185.165.97.0/24 maxlen: 24
185.165.98.0/24 maxlen: 24
185.165.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d3:10:fb:2d:80:7e:5c:9b:cf:b9:19:c3:2f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93785b3a9e33c52b58b9ec95a37723f0008bf946
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ee89da54e1a0cd0dfa64a44dd13de1b8d1fd6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9a:46:84:c2:9c:7c:d9:87:d8:05:f4:d2:35:
ea:9e:14:af:bd:99:ff:33:4a:17:ea:ba:36:27:b2:
41:16:a1:23:f1:ad:9a:60:af:e9:08:ce:b2:59:62:
6f:7e:cc:95:62:3a:c7:e1:2b:c1:94:8e:b5:ab:b1:
c2:68:e7:29:27:57:ae:aa:b0:da:e6:30:52:1c:ed:
84:8c:23:ac:7e:04:c7:27:96:99:5e:39:4f:36:f8:
bc:0d:da:9b:8f:8a:86:ed:55:12:14:42:75:e7:e8:
b5:f0:fa:54:f8:b1:fb:41:63:99:13:a9:1c:00:16:
57:a6:3a:74:63:84:2a:d0:7d:53:e2:d1:c6:ad:ad:
8f:02:f1:22:15:51:0d:8e:dd:08:e6:6a:e5:cf:66:
a7:ff:76:08:ae:50:36:3b:8e:ff:50:12:f6:45:7f:
cf:4b:5f:1c:37:6b:71:05:af:66:25:0e:92:1c:b0:
45:6f:7f:0a:6d:73:dd:26:a0:9a:b9:d9:ee:3c:91:
c6:7c:9a:fb:eb:38:1b:ae:68:87:3a:04:ec:5f:2a:
66:6c:31:4d:ae:a9:9c:27:e4:a1:d6:de:3b:38:cf:
a6:e7:0d:b2:d9:b4:6b:1d:d7:b4:36:d0:f1:6a:69:
bc:e0:33:f1:73:93:b9:82:a2:16:6a:a5:bf:d8:42:
93:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E8:9D:A5:4E:1A:0C:D0:DF:A6:4A:44:DD:13:DE:1B:8D:1F:D6:AE
X509v3 Authority Key Identifier:
keyid:93:78:5B:3A:9E:33:C5:2B:58:B9:EC:95:A3:77:23:F0:00:8B:F9:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k3hbOp4zxStYueyVo3cj8ACL-UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/482984-d9e4-4d33-a8ec-f4bab719e070/1/nuidpU4aDNDfpkpE3RPeG40f1q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/482984-d9e4-4d33-a8ec-f4bab719e070/1/k3hbOp4zxStYueyVo3cj8ACL-UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.96.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:05:1f:0d:85:ec:5a:ec:3a:bd:e6:fc:d2:33:f8:66:8a:ef:
5e:87:04:48:d3:c1:d7:75:1c:27:96:40:da:84:ed:fa:29:02:
b2:9e:a1:33:98:7a:e3:ad:03:27:57:04:c2:04:0e:17:3f:4c:
69:56:eb:98:c3:8d:fd:dc:86:90:a6:cd:38:4c:f2:ed:18:3e:
19:d5:85:1f:de:74:ed:89:c7:bb:02:b2:55:ba:0b:11:68:b1:
bb:aa:2b:cc:71:9e:9f:11:cf:30:46:24:b4:d9:0e:03:8c:1f:
0d:eb:d6:0c:e3:e6:ab:74:8e:58:3e:eb:e6:c8:14:2e:fa:26:
3b:da:0d:a4:db:3a:8e:1e:c5:f4:bb:a2:a5:c7:a7:0a:07:a8:
d2:dc:0f:42:e2:00:af:22:14:9f:ba:d3:56:ab:0a:a1:8d:30:
73:1b:81:d3:ec:05:a7:b4:23:1b:16:cf:a4:db:ed:11:d0:3c:
e2:dd:f6:ac:31:7a:b1:8b:3e:0f:47:33:36:9e:00:c6:d0:ee:
c9:d1:13:33:d3:83:38:98:28:8a:c9:12:ee:a6:45:17:2f:4d:
8c:1f:0b:69:e8:c4:b2:42:9f:8f:9a:14:2d:60:be:65:ca:3e:
e2:b1:db:f5:e1:c6:ae:97:f0:98:ac:ec:9b:7f:aa:c7:19:f4:
08:1b:53:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dMQ+y2Aflybz7kZwy+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNzg1YjNhOWUzM2M1MmI1OGI5ZWM5NWEzNzcyM2YwMDA4
YmY5NDYwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU4OWRhNTRlMWEwY2QwZGZhNjRhNDRkZDEzZGUxYjhkMWZkNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ppGhMKcfNmH2AX00jXqnhSvvZn/
M0oX6ro2J7JBFqEj8a2aYK/pCM6yWWJvfsyVYjrH4SvBlI61q7HCaOcpJ1euqrDa
5jBSHO2EjCOsfgTHJ5aZXjlPNvi8Ddqbj4qG7VUSFEJ15+i18PpU+LH7QWOZE6kc
ABZXpjp0Y4Qq0H1T4tHGra2PAvEiFVENjt0I5mrlz2an/3YIrlA2O47/UBL2RX/P
S18cN2txBa9mJQ6SHLBFb38KbXPdJqCaudnuPJHGfJr76zgbrmiHOgTsXypmbDFN
rqmcJ+Sh1t47OM+m5w2y2bRrHde0NtDxamm84DPxc5O5gqIWaqW/2EKT/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7onaVOGgzQ36ZKRN0T3huNH9auMB8GA1UdIwQY
MBaAFJN4WzqeM8UrWLnslaN3I/AAi/lGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazNoYk9wNHp4U3RZdWV5Vm8zY2o4QUNMLVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ODI5ODQtZDllNC00ZDMzLWE4ZWMt
ZjRiYWI3MTllMDcwLzEvbnVpZHBVNGFETkRmcGtwRTNSUGVHNDBmMXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ODI5ODQtZDllNC00ZDMzLWE4ZWMtZjRiYWI3MTllMDcw
LzEvazNoYk9wNHp4U3RZdWV5Vm8zY2o4QUNMLVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaVgMA0G
CSqGSIb3DQEBCwUAA4IBAQBvBR8Nhexa7Dq95vzSM/hmiu9ehwRI08HXdRwnlkDa
hO36KQKynqEzmHrjrQMnVwTCBA4XP0xpVuuYw4393IaQps04TPLtGD4Z1YUf3nTt
ice7ArJVugsRaLG7qivMcZ6fEc8wRiS02Q4DjB8N69YM4+ardI5YPuvmyBQu+iY7
2g2k2zqOHsX0u6Klx6cKB6jS3A9C4gCvIhSfutNWqwqhjTBzG4HT7AWntCMbFs+k
2+0R0Dzi3fasMXqxiz4PRzM2ngDG0O7J0RMz04M4mCiKyRLupkUXL02MHwtp6MSy
Qp+PmhQtYL5lyj7isdv14caul/CYrOybf6rHGfQIG1Mn
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:54:35 2025 by rpki-client