Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/nKkoxtAcsP_tHlqE57CDenLXG04.roa
File: nKkoxtAcsP_tHlqE57CDenLXG04.roa (raw, json)
Hash identifier: ZhFG6u5NdQDnITb4OAUdu1m1nUTdZyt00LAJ5rE5RT4=
Subject key identifier: 9C:A9:28:C6:D0:1C:B0:FF:ED:1E:5A:84:E7:B0:83:7A:72:D7:1B:4E
Certificate issuer: /CN=ac8bfa86618abd7fab5953f7b565fcb6e4b46851
Certificate serial: 019421B1FDB8ED2CD7297B25C243CDB3AB8F
Authority key identifier: AC:8B:FA:86:61:8A:BD:7F:AB:59:53:F7:B5:65:FC:B6:E4:B4:68:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIv6hmGKvX-rWVP3tWX8tuS0aFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/nKkoxtAcsP_tHlqE57CDenLXG04.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
185.206.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:b8:ed:2c:d7:29:7b:25:c2:43:cd:b3:ab:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8bfa86618abd7fab5953f7b565fcb6e4b46851
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ca928c6d01cb0ffed1e5a84e7b0837a72d71b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:df:a8:7d:3d:7d:ea:65:df:96:81:7e:60:ea:
a2:74:a8:1b:00:77:ff:10:2a:88:43:f7:e4:5f:2d:
93:44:5c:86:a1:5c:92:30:ce:93:94:21:7f:64:d9:
86:35:bd:6e:d0:72:48:49:fc:c4:b5:4f:94:80:88:
77:51:78:9e:40:71:42:cf:d2:5a:38:09:98:6a:a0:
db:05:01:ab:07:32:0a:bf:cb:0b:dc:f5:ce:9a:ba:
39:b6:f6:c1:0e:a4:fe:76:d2:8c:73:80:03:59:5b:
ad:b8:31:81:e9:81:37:6e:80:0a:82:ea:2e:e0:36:
e2:6e:97:80:d8:a3:b8:5a:35:a3:fd:ec:63:17:96:
24:4a:33:f0:52:1c:39:ae:1e:73:5b:8e:86:d4:e3:
9d:53:fd:e9:83:c6:1c:3c:a8:97:38:b7:17:85:74:
54:7f:e4:0f:b5:4d:93:0a:fa:b6:cf:ab:5f:3b:2c:
e4:33:4c:89:ca:e0:9b:19:57:51:42:e1:9f:71:e8:
df:fe:fc:14:a1:c4:81:a9:d4:d4:b6:71:3d:3d:c2:
01:be:c4:a6:90:d7:18:36:ef:fa:c3:86:aa:e2:7e:
17:8f:f6:64:48:1b:63:02:03:ba:96:f2:73:f7:fe:
dc:65:a8:92:0b:3a:cf:19:f9:c0:a8:ef:38:b0:05:
2b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A9:28:C6:D0:1C:B0:FF:ED:1E:5A:84:E7:B0:83:7A:72:D7:1B:4E
X509v3 Authority Key Identifier:
keyid:AC:8B:FA:86:61:8A:BD:7F:AB:59:53:F7:B5:65:FC:B6:E4:B4:68:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIv6hmGKvX-rWVP3tWX8tuS0aFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/nKkoxtAcsP_tHlqE57CDenLXG04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/rIv6hmGKvX-rWVP3tWX8tuS0aFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.28.0/22
Signature Algorithm: sha256WithRSAEncryption
63:6c:ae:e0:ac:f9:bb:43:11:66:ac:5f:96:0e:13:1d:88:f6:
db:b1:9c:55:d2:85:1b:99:6d:5f:3b:28:99:2f:de:90:3d:86:
61:e9:ed:af:bb:02:83:78:be:86:94:c4:93:51:71:42:09:25:
f2:b7:1a:cc:df:94:61:a4:3d:29:26:9b:20:96:72:7a:b2:7a:
37:9a:d8:3d:31:d0:9d:e7:f4:5d:da:c5:50:1c:10:37:c3:8d:
86:94:e9:56:b9:a8:37:50:e5:23:2a:cc:32:05:e9:3e:aa:54:
0a:5e:7f:f7:f3:e1:95:ee:5d:6f:98:9b:92:2c:16:f1:b1:77:
c2:38:fc:25:52:b1:14:76:cf:13:4d:49:40:c5:0c:c5:72:b9:
6f:93:13:91:f1:c6:ed:32:7c:c8:c4:98:8f:18:f4:ec:38:31:
4e:2c:ad:1d:e2:b7:b5:8e:26:84:f8:9d:49:b4:13:5d:75:80:
7f:2e:a5:6d:46:74:7b:0a:ab:bf:10:e2:fb:07:1a:21:04:8d:
e2:79:5c:a6:b2:91:fa:f9:7d:c0:3f:81:1d:34:12:4a:9d:3c:
91:b3:57:07:23:a2:8f:47:e8:13:8d:4a:b2:65:56:aa:c4:80:
1e:46:20:67:04:fb:37:7a:8e:e0:c2:d2:ff:48:9a:29:dd:68:
0f:ca:ff:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsf247SzXKXslwkPNs6uPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGJmYTg2NjE4YWJkN2ZhYjU5NTNmN2I1NjVmY2I2ZTRi
NDY4NTEwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E5MjhjNmQwMWNiMGZmZWQxZTVhODRlN2IwODM3YTcyZDcxYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39+ofT196mXfloF+YOqidKgbAHf/
ECqIQ/fkXy2TRFyGoVySMM6TlCF/ZNmGNb1u0HJISfzEtU+UgIh3UXieQHFCz9Ja
OAmYaqDbBQGrBzIKv8sL3PXOmro5tvbBDqT+dtKMc4ADWVutuDGB6YE3boAKguou
4DbibpeA2KO4WjWj/exjF5YkSjPwUhw5rh5zW46G1OOdU/3pg8YcPKiXOLcXhXRU
f+QPtU2TCvq2z6tfOyzkM0yJyuCbGVdRQuGfcejf/vwUocSBqdTUtnE9PcIBvsSm
kNcYNu/6w4aq4n4Xj/ZkSBtjAgO6lvJz9/7cZaiSCzrPGfnAqO84sAUr6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJypKMbQHLD/7R5ahOewg3py1xtOMB8GA1UdIwQY
MBaAFKyL+oZhir1/q1lT97Vl/LbktGhRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckl2NmhtR0t2WC1yV1ZQM3RXWDh0dVMwYUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MDQzYjAtYTMwYS00MTQ3LThlZjEt
NDgyNTQ4ZjUyZGE2LzEvbktrb3h0QWNzUF90SGxxRTU3Q0RlbkxYRzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MDQzYjAtYTMwYS00MTQ3LThlZjEtNDgyNTQ4ZjUyZGE2
LzEvckl2NmhtR0t2WC1yV1ZQM3RXWDh0dVMwYUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc4cMA0G
CSqGSIb3DQEBCwUAA4IBAQBjbK7grPm7QxFmrF+WDhMdiPbbsZxV0oUbmW1fOyiZ
L96QPYZh6e2vuwKDeL6GlMSTUXFCCSXytxrM35RhpD0pJpsglnJ6sno3mtg9MdCd
5/Rd2sVQHBA3w42GlOlWuag3UOUjKswyBek+qlQKXn/38+GV7l1vmJuSLBbxsXfC
OPwlUrEUds8TTUlAxQzFcrlvkxOR8cbtMnzIxJiPGPTsODFOLK0d4re1jiaE+J1J
tBNddYB/LqVtRnR7Cqu/EOL7BxohBI3ieVymspH6+X3AP4EdNBJKnTyRs1cHI6KP
R+gTjUqyZVaqxIAeRiBnBPs3eo7gwtL/SJop3WgPyv+8
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:35:03 2025 by rpki-client