Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/nQS504JwOxjiWHwncxw2UXqZAyw.roa
File: nQS504JwOxjiWHwncxw2UXqZAyw.roa (raw, json)
Hash identifier: 3N4RSXWIhF3ipth4gfwK0f71CjoGPMdi4/hqfhot2X4=
Subject key identifier: 9D:04:B9:D3:82:70:3B:18:E2:58:7C:27:73:1C:36:51:7A:99:03:2C
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 019425FC2FE7C9A8DC19D6EE4BD305F52969
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/nQS504JwOxjiWHwncxw2UXqZAyw.roa
Signing time: Thu 02 Jan 2025 07:47:51 +0000
ROA not before: Thu 02 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5608
IP address blocks: 193.16.32.0/22 maxlen: 22
2a00:9b40:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:2f:e7:c9:a8:dc:19:d6:ee:4b:d3:05:f5:29:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Jan 2 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d04b9d382703b18e2587c27731c36517a99032c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:1b:29:9c:1d:8c:66:b6:9b:de:f5:59:4d:
95:ea:66:eb:a3:60:bb:87:27:a8:69:ed:9b:0b:44:
40:5e:29:ed:5f:ab:36:19:89:cd:15:48:1f:dd:a4:
ad:be:57:9d:ed:f4:79:20:18:8b:34:81:6b:27:11:
2f:41:11:7f:8a:d0:5a:dd:bd:07:ca:8c:e6:6e:94:
06:e1:bb:34:88:21:0f:c4:51:a2:f9:9f:64:8f:c5:
59:16:d8:c5:12:7a:f2:34:83:3b:2f:cf:0c:b4:ea:
2c:51:97:83:87:d8:72:f6:05:ce:02:e1:1e:6b:d0:
f0:91:d8:63:5e:00:6e:b7:78:b3:50:d9:00:2d:a3:
50:5b:66:c6:fc:d5:62:75:23:5d:47:d0:48:58:76:
00:b2:c9:c9:c5:ba:c8:b0:e0:8f:7f:88:8c:a6:13:
99:d2:51:20:33:d4:01:4b:cb:aa:45:ab:ce:cf:ef:
e3:88:0c:70:83:2c:4f:e2:51:a9:e4:61:b2:51:50:
11:53:5b:b3:f5:74:d9:d1:a1:39:45:7d:96:2e:e4:
65:7e:6c:76:8c:f1:b4:4d:37:21:6a:de:27:e2:a2:
b8:7e:70:f5:8d:24:da:f9:9b:f0:5f:a7:ac:01:f7:
66:a8:67:c9:1e:87:1b:ef:44:81:ac:f4:3f:02:b5:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:04:B9:D3:82:70:3B:18:E2:58:7C:27:73:1C:36:51:7A:99:03:2C
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/nQS504JwOxjiWHwncxw2UXqZAyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.32.0/22
IPv6:
2a00:9b40:200::/40
Signature Algorithm: sha256WithRSAEncryption
68:49:11:ec:69:a9:d6:9c:e6:cc:65:81:16:75:60:ff:11:e6:
ff:b9:e9:c8:2a:a6:f4:53:30:4b:e9:28:27:76:87:66:c5:86:
7c:a3:63:66:9d:2b:5f:62:20:da:87:83:f9:59:37:b8:f0:09:
b9:b6:70:48:cd:64:1b:be:e2:ec:cb:32:e7:b1:1b:92:86:0c:
54:f8:6c:9d:12:72:9b:d5:81:d9:f4:94:96:2d:a1:f1:5d:2c:
86:ee:7f:49:d9:f0:b8:66:1a:d9:3c:a8:ca:20:31:89:bd:19:
43:9f:1e:3c:55:df:32:d2:6a:c0:87:3c:e5:04:68:78:67:43:
9a:8a:ab:02:8d:a1:10:9a:0f:47:72:70:73:be:d0:1d:ea:6a:
2b:f5:84:02:bb:0d:89:1c:d3:10:09:ca:f4:10:ee:ec:5a:b1:
dc:60:5f:f6:87:d5:7e:7d:8a:83:c6:97:ae:a3:ab:25:86:d6:
81:96:ad:d5:e8:a4:30:02:5d:1b:8d:50:7d:7d:99:51:07:b3:
6a:e0:ac:de:29:5d:d8:f8:02:07:a1:26:82:16:fe:0f:a4:1f:
3e:5f:11:9a:3b:c9:40:02:80:d5:bc:8f:50:5a:ab:22:07:26:
26:0a:59:bb:0f:08:8b:ab:7a:ec:f6:23:2f:95:1d:ea:53:44:
b3:c7:9c:7c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQl/C/nyajcGdbuS9MF9SlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjUwMTAyMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA0YjlkMzgyNzAzYjE4ZTI1ODdjMjc3MzFjMzY1MTdhOTkwMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr04bKZwdjGa2m971WU2V6mbro2C7
hyeoae2bC0RAXintX6s2GYnNFUgf3aStvled7fR5IBiLNIFrJxEvQRF/itBa3b0H
yozmbpQG4bs0iCEPxFGi+Z9kj8VZFtjFEnryNIM7L88MtOosUZeDh9hy9gXOAuEe
a9DwkdhjXgBut3izUNkALaNQW2bG/NVidSNdR9BIWHYAssnJxbrIsOCPf4iMphOZ
0lEgM9QBS8uqRavOz+/jiAxwgyxP4lGp5GGyUVARU1uz9XTZ0aE5RX2WLuRlfmx2
jPG0TTchat4n4qK4fnD1jSTa+ZvwX6esAfdmqGfJHocb70SBrPQ/ArUDxQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJ0EudOCcDsY4lh8J3McNlF6mQMsMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvblFTNTA0SndPeGppV0h3bmN4dzJVWHFaQXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCwRAgMA4E
AgACMAgDBgAqAJtAAjANBgkqhkiG9w0BAQsFAAOCAQEAaEkR7Gmp1pzmzGWBFnVg
/xHm/7npyCqm9FMwS+koJ3aHZsWGfKNjZp0rX2Ig2oeD+Vk3uPAJubZwSM1kG77i
7Msy57EbkoYMVPhsnRJym9WB2fSUli2h8V0shu5/SdnwuGYa2TyoyiAxib0ZQ58e
PFXfMtJqwIc85QRoeGdDmoqrAo2hEJoPR3Jwc77QHepqK/WEArsNiRzTEAnK9BDu
7Fqx3GBf9ofVfn2Kg8aXrqOrJYbWgZat1eikMAJdG41QfX2ZUQezauCs3ild2PgC
B6Emghb+D6QfPl8RmjvJQAKA1byPUFqrIgcmJgpZuw8Ii6t67PYjL5Ud6lNEs8ec
fA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:59:18 2025 by rpki-client