Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8ad573-5977-4d76-83eb-bb0319213a29/1/49p4f0dafsUXZtr4zEkfdPg2MR0.roa
File: 49p4f0dafsUXZtr4zEkfdPg2MR0.roa (raw, json)
Hash identifier: Ja9qdubtQvHDpWVThEVb+wOD8jEOhZZePM5clLlMPts=
Subject key identifier: E3:DA:78:7F:47:5A:7E:C5:17:66:DA:F8:CC:49:1F:74:F8:36:31:1D
Certificate issuer: /CN=9dc00e9e3046591f8ba5524480ddf7c6fc4c60e0
Certificate serial: 01941F8C2FC3E411A590270E34A882A3C502
Authority key identifier: 9D:C0:0E:9E:30:46:59:1F:8B:A5:52:44:80:DD:F7:C6:FC:4C:60:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncAOnjBGWR-LpVJEgN33xvxMYOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8ad573-5977-4d76-83eb-bb0319213a29/1/49p4f0dafsUXZtr4zEkfdPg2MR0.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16298
IP address blocks: 185.190.232.0/22 maxlen: 22
217.119.0.0/20 maxlen: 20
2a02:29b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2f:c3:e4:11:a5:90:27:0e:34:a8:82:a3:c5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc00e9e3046591f8ba5524480ddf7c6fc4c60e0
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3da787f475a7ec51766daf8cc491f74f836311d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:42:9c:23:a2:d9:5c:83:fc:59:85:a5:07:d1:
c7:90:70:1b:50:88:66:f8:4d:b8:67:78:45:4d:74:
c3:42:d9:0c:65:64:49:62:5c:2e:74:9c:fb:38:ba:
a1:22:e3:17:b4:b5:f8:f3:16:43:d3:1e:63:fd:6a:
f2:3a:cf:07:2f:c1:67:51:45:fe:0d:37:82:43:77:
56:d3:51:8c:2c:8b:15:93:f0:7a:6d:07:42:5d:c1:
34:b6:6f:8e:d1:69:2d:23:28:cc:11:b0:57:1d:a2:
29:6d:cb:0c:c4:e8:c1:88:8d:ab:3f:ea:da:01:a9:
4f:3a:50:04:7d:7f:bd:6c:de:3e:a0:e5:f9:fa:7c:
67:ee:e0:4c:c6:8b:c4:34:5e:0d:17:30:63:05:b1:
3e:65:90:30:79:ea:a5:e5:92:58:56:d1:2a:17:bd:
59:15:49:b7:8e:ba:3a:14:ba:fc:b7:cc:73:6b:74:
15:7b:0c:df:24:f4:8d:4c:a1:e3:15:52:d9:e8:e0:
6a:3b:cf:ac:a7:76:cf:80:4e:9d:26:48:af:29:cc:
41:47:e3:02:e6:ed:e3:60:7a:1a:e4:f6:a8:19:f1:
a1:91:ad:41:08:97:84:5d:79:ce:54:81:cf:de:6c:
da:ae:c0:a4:a5:87:d3:4e:64:a0:91:85:67:a0:bc:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DA:78:7F:47:5A:7E:C5:17:66:DA:F8:CC:49:1F:74:F8:36:31:1D
X509v3 Authority Key Identifier:
keyid:9D:C0:0E:9E:30:46:59:1F:8B:A5:52:44:80:DD:F7:C6:FC:4C:60:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncAOnjBGWR-LpVJEgN33xvxMYOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8ad573-5977-4d76-83eb-bb0319213a29/1/49p4f0dafsUXZtr4zEkfdPg2MR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8ad573-5977-4d76-83eb-bb0319213a29/1/ncAOnjBGWR-LpVJEgN33xvxMYOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.232.0/22
217.119.0.0/20
IPv6:
2a02:29b0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:b1:94:27:99:99:53:c1:00:60:48:1f:28:a3:0e:b7:83:d1:
bf:cc:68:94:fe:d5:62:ea:ee:c1:dc:11:59:9e:a8:57:c7:ec:
01:40:b7:4d:c0:61:d6:6c:7a:4a:02:dc:de:8a:1d:d4:66:ae:
e4:80:2c:73:1c:ee:9a:2f:b2:4c:98:71:fc:b5:0b:72:fb:36:
8e:df:25:d2:25:af:32:67:a4:e6:57:8e:05:dd:49:49:4c:92:
2a:8d:a1:f7:fb:31:f7:5a:88:dd:eb:8f:1f:21:66:a6:98:5b:
01:96:32:4b:2f:48:3b:e5:1a:a9:0a:7b:6d:3a:ba:44:da:41:
ec:69:c5:4f:5c:38:66:4f:00:d5:cf:90:ea:3d:f6:00:1a:ae:
3c:d3:df:db:6a:93:09:3a:ca:fd:03:4f:1b:61:5b:3a:2d:b7:
2d:4c:6e:67:e4:2c:2f:8d:65:fd:25:a6:1d:46:ef:d5:8f:a3:
14:d4:8c:96:43:2c:38:90:0b:9b:86:fd:f2:da:99:40:a8:4d:
b7:c5:e0:cf:ba:f3:f2:82:ec:0c:30:e2:f7:48:b5:28:c7:f1:
ee:8b:1a:a8:24:92:41:cb:03:eb:fc:a0:5f:81:47:0b:f4:2a:
96:1e:9a:f8:26:a8:e3:d4:a1:65:d4:8f:31:c3:f3:0e:8f:f6:
22:b9:5b:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjC/D5BGlkCcONKiCo8UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzAwZTllMzA0NjU5MWY4YmE1NTI0NDgwZGRmN2M2ZmM0
YzYwZTAwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RhNzg3ZjQ3NWE3ZWM1MTc2NmRhZjhjYzQ5MWY3NGY4MzYzMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0KcI6LZXIP8WYWlB9HHkHAbUIhm
+E24Z3hFTXTDQtkMZWRJYlwudJz7OLqhIuMXtLX48xZD0x5j/WryOs8HL8FnUUX+
DTeCQ3dW01GMLIsVk/B6bQdCXcE0tm+O0WktIyjMEbBXHaIpbcsMxOjBiI2rP+ra
AalPOlAEfX+9bN4+oOX5+nxn7uBMxovENF4NFzBjBbE+ZZAweeql5ZJYVtEqF71Z
FUm3jro6FLr8t8xza3QVewzfJPSNTKHjFVLZ6OBqO8+sp3bPgE6dJkivKcxBR+MC
5u3jYHoa5PaoGfGhka1BCJeEXXnOVIHP3mzarsCkpYfTTmSgkYVnoLx0CQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOPaeH9HWn7FF2ba+MxJH3T4NjEdMB8GA1UdIwQY
MBaAFJ3ADp4wRlkfi6VSRIDd98b8TGDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNBT25qQkdXUi1McFZKRWdOMzN4dnhNWU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84YWQ1NzMtNTk3Ny00ZDc2LTgzZWIt
YmIwMzE5MjEzYTI5LzEvNDlwNGYwZGFmc1VYWnRyNHpFa2ZkUGcyTVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84YWQ1NzMtNTk3Ny00ZDc2LTgzZWItYmIwMzE5MjEzYTI5
LzEvbmNBT25qQkdXUi1McFZKRWdOMzN4dnhNWU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCub7oAwQE
2XcAMA0EAgACMAcDBQAqAimwMA0GCSqGSIb3DQEBCwUAA4IBAQBvsZQnmZlTwQBg
SB8oow63g9G/zGiU/tVi6u7B3BFZnqhXx+wBQLdNwGHWbHpKAtzeih3UZq7kgCxz
HO6aL7JMmHH8tQty+zaO3yXSJa8yZ6TmV44F3UlJTJIqjaH3+zH3Wojd648fIWam
mFsBljJLL0g75RqpCnttOrpE2kHsacVPXDhmTwDVz5DqPfYAGq4809/bapMJOsr9
A08bYVs6LbctTG5n5CwvjWX9JaYdRu/Vj6MU1IyWQyw4kAubhv3y2plAqE23xeDP
uvPyguwMMOL3SLUox/HuixqoJJJBywPr/KBfgUcL9CqWHpr4Jqjj1KFl1I8xw/MO
j/YiuVtX
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:56:08 2025 by rpki-client