Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/nuCFwAqyzaBDOFqPTOr9WxwYvF0.roa
File: nuCFwAqyzaBDOFqPTOr9WxwYvF0.roa (raw, json)
Hash identifier: s0EEOYTzU+K4DwXB/HLNvSrguhiOGINJ5MGi2FWEkwk=
Subject key identifier: 9E:E0:85:C0:0A:B2:CD:A0:43:38:5A:8F:4C:EA:FD:5B:1C:18:BC:5D
Certificate issuer: /CN=c8c2c7314593042cf74210f7f03be7106c224f89
Certificate serial: 019423D6A6ACAAD5FFB3A948B0C4967A9856
Authority key identifier: C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/nuCFwAqyzaBDOFqPTOr9WxwYvF0.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209286
IP address blocks: 185.233.219.0/24 maxlen: 25
2a10:4e40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a6:ac:aa:d5:ff:b3:a9:48:b0:c4:96:7a:98:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c2c7314593042cf74210f7f03be7106c224f89
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ee085c00ab2cda043385a8f4ceafd5b1c18bc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:03:2c:ea:1e:d0:d1:a4:46:37:2c:a9:06:ac:
47:9c:13:fb:35:80:1c:dc:85:26:f5:53:6a:b7:56:
ea:e7:c8:da:5d:da:ef:b8:18:a8:90:86:54:63:5a:
2a:53:60:0c:4b:77:05:2b:be:e8:7a:89:ef:95:d9:
67:e9:71:6b:a8:d9:f5:12:b6:5d:ee:91:67:a5:85:
4e:5c:af:a3:2d:0a:8b:f0:8d:bd:93:af:2e:4d:a0:
0c:5a:7b:2e:3a:bc:f9:fe:47:64:63:75:94:79:0c:
95:65:17:43:2c:be:4d:82:fb:19:01:cf:65:46:3c:
b4:57:f5:14:0d:d9:78:b8:7e:c6:ca:98:2b:4c:f8:
35:ef:75:7a:e3:46:c6:1f:6b:c4:b6:29:1f:28:03:
01:74:29:8b:c0:4f:53:2e:55:76:d8:f8:20:c5:fc:
c0:b4:cf:1a:6d:07:66:e0:84:a4:b4:f7:2d:af:92:
b8:b5:93:e9:48:fc:c3:3b:d4:29:58:3a:51:54:1e:
1c:9f:1f:bf:a5:ea:0c:6a:4f:63:3d:8c:f8:2d:04:
a7:6b:0d:82:1b:11:93:ba:05:3d:15:bf:10:16:cd:
04:fe:60:3f:be:de:91:3e:29:3a:fb:ac:c9:90:ce:
fb:40:f6:b5:c8:0f:52:f3:8d:c8:3e:2d:b4:7c:1e:
ba:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E0:85:C0:0A:B2:CD:A0:43:38:5A:8F:4C:EA:FD:5B:1C:18:BC:5D
X509v3 Authority Key Identifier:
keyid:C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/nuCFwAqyzaBDOFqPTOr9WxwYvF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.219.0/24
IPv6:
2a10:4e40::/48
Signature Algorithm: sha256WithRSAEncryption
78:df:ba:42:aa:a0:cf:55:96:ec:18:a4:2e:f0:5c:e8:96:ab:
57:f3:c8:08:10:60:e8:89:d4:74:b0:38:37:0e:9b:87:81:da:
33:27:85:41:24:91:6b:4d:0c:f2:60:92:9a:2b:23:ca:b6:87:
2c:3a:95:9a:af:fd:e8:35:ac:a3:a9:45:8f:d1:80:a0:31:b6:
7a:a3:5b:6e:34:96:d2:33:cb:9b:e1:1f:5d:32:0e:0d:86:de:
a8:bd:d8:09:54:7b:4c:33:eb:a4:f5:dc:66:91:32:ae:92:55:
63:c6:b4:87:5e:34:bd:0f:90:88:b6:31:d9:06:07:77:9d:43:
f6:9b:59:1b:5d:4f:47:62:18:e0:e5:6f:5a:ee:a3:1c:5b:81:
69:d9:0c:2d:9f:26:a8:38:ce:f1:50:59:47:4b:8e:96:3e:ba:
9d:ba:39:d5:a7:fa:25:b5:e2:fd:9c:cb:f5:da:84:b2:34:84:
13:bc:d6:c9:4a:ba:67:f4:d2:60:b1:33:06:c9:b5:31:31:49:
bb:fa:f2:15:b8:83:79:f8:50:4e:1e:b7:15:72:c7:7b:51:9f:
85:59:1b:0b:1d:6e:9b:60:de:38:87:c8:69:70:ff:db:9b:5b:
76:52:94:52:8e:34:bf:05:18:93:4c:df:52:ae:a5:c3:90:52:
7a:f3:61:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1qasqtX/s6lIsMSWephWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzJjNzMxNDU5MzA0MmNmNzQyMTBmN2YwM2JlNzEwNmMy
MjRmODkwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWUwODVjMDBhYjJjZGEwNDMzODVhOGY0Y2VhZmQ1YjFjMThiYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQMs6h7Q0aRGNyypBqxHnBP7NYAc
3IUm9VNqt1bq58jaXdrvuBiokIZUY1oqU2AMS3cFK77oeonvldln6XFrqNn1ErZd
7pFnpYVOXK+jLQqL8I29k68uTaAMWnsuOrz5/kdkY3WUeQyVZRdDLL5NgvsZAc9l
Rjy0V/UUDdl4uH7GypgrTPg173V640bGH2vEtikfKAMBdCmLwE9TLlV22PggxfzA
tM8abQdm4ISktPctr5K4tZPpSPzDO9QpWDpRVB4cnx+/peoMak9jPYz4LQSnaw2C
GxGTugU9Fb8QFs0E/mA/vt6RPik6+6zJkM77QPa1yA9S843IPi20fB66NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ7ghcAKss2gQzhaj0zq/VscGLxdMB8GA1UdIwQY
MBaAFMjCxzFFkwQs90IQ9/A75xBsIk+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjIt
M2E1M2QwZWY4YjVhLzEvbnVDRndBcXl6YUJET0ZxUFRPcjlXeHdZdkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjItM2E1M2QwZWY4YjVh
LzEveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuenbMA8E
AgACMAkDBwAqEE5AAAAwDQYJKoZIhvcNAQELBQADggEBAHjfukKqoM9VluwYpC7w
XOiWq1fzyAgQYOiJ1HSwODcOm4eB2jMnhUEkkWtNDPJgkporI8q2hyw6lZqv/eg1
rKOpRY/RgKAxtnqjW240ltIzy5vhH10yDg2G3qi92AlUe0wz66T13GaRMq6SVWPG
tIdeNL0PkIi2MdkGB3edQ/abWRtdT0diGODlb1ruoxxbgWnZDC2fJqg4zvFQWUdL
jpY+up26OdWn+iW14v2cy/XahLI0hBO81slKumf00mCxMwbJtTExSbv68hW4g3n4
UE4etxVyx3tRn4VZGwsdbptg3jiHyGlw/9ubW3ZSlFKONL8FGJNM31KupcOQUnrz
YTg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:17:49 2025 by rpki-client