Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/Nxnoy8PzHcDiGfchb2OaOXYn7vM.roa
File: Nxnoy8PzHcDiGfchb2OaOXYn7vM.roa (raw, json)
Hash identifier: GP0m9RkVuG3t4cb+/VsoB9MTCQ47u1sK6mEKaKsR5h4=
Subject key identifier: 37:19:E8:CB:C3:F3:1D:C0:E2:19:F7:21:6F:63:9A:39:76:27:EE:F3
Certificate issuer: /CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Certificate serial: 01941FFA2B6198A8B4A56295DE90E523112A
Authority key identifier: 9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/Nxnoy8PzHcDiGfchb2OaOXYn7vM.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206678
IP address blocks: 185.181.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2b:61:98:a8:b4:a5:62:95:de:90:e5:23:11:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3719e8cbc3f31dc0e219f7216f639a397627eef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:89:f3:82:19:de:7f:f6:39:bd:86:32:03:79:
84:8e:d1:fc:66:72:98:d5:a5:12:4d:c8:e9:2b:06:
a6:9a:03:53:ba:ab:70:ff:61:86:c4:03:6c:0c:7b:
16:c5:5f:c3:a4:6e:5c:fa:e1:b6:bb:dd:cc:67:59:
cb:6d:0b:8f:96:2f:6b:4f:d3:83:b1:f3:e8:6b:1c:
e2:5d:41:36:65:16:08:53:b3:0c:36:d3:26:ac:be:
23:00:e5:e4:66:fe:47:64:c9:48:4e:3b:f5:d7:0d:
60:f2:be:72:b6:ed:16:1a:2c:91:78:5d:de:58:76:
7a:41:ad:a0:db:4b:52:a4:90:a1:07:02:66:fe:6e:
9b:8c:33:06:5b:a9:91:18:51:b0:7e:f1:cf:cc:6d:
52:5c:c1:ab:f1:33:c4:0b:95:fd:55:59:d2:73:b7:
ba:aa:38:59:23:f1:32:e4:89:38:1d:5d:ea:8a:ab:
d9:55:af:c8:b8:4d:20:51:ec:1f:98:de:72:d4:0a:
9a:57:12:49:0a:ad:f0:89:68:47:e7:51:f2:e0:75:
f4:ac:89:be:34:2b:4c:1d:b2:25:33:65:d2:99:a6:
08:14:28:8b:81:8d:b5:e6:8b:2f:e2:d2:29:86:91:
ee:f5:7b:f8:4c:fc:8b:0f:18:8f:fc:9e:e4:c9:33:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:19:E8:CB:C3:F3:1D:C0:E2:19:F7:21:6F:63:9A:39:76:27:EE:F3
X509v3 Authority Key Identifier:
keyid:9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/Nxnoy8PzHcDiGfchb2OaOXYn7vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.231.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:c9:e8:d3:2e:86:b3:52:ac:df:0f:cd:a2:ab:02:b5:77:cc:
e3:3f:47:80:59:ba:e2:84:fd:23:2f:b0:37:e5:12:32:59:ad:
84:3a:2f:02:dc:e3:ae:90:c5:93:9c:10:a7:23:38:95:25:10:
af:0a:74:0a:33:79:50:92:bf:b3:01:2c:ff:3b:08:a2:d8:78:
05:60:8f:52:ff:54:e5:67:2e:37:b2:8d:2d:1b:2b:58:b9:fe:
e1:0c:9f:f7:29:af:01:92:1c:6a:ea:77:bb:4a:f9:48:3b:ee:
13:04:25:11:cc:a4:80:33:d1:d4:eb:ec:42:c0:f7:4b:d5:fd:
e8:d9:67:7d:3c:c3:42:a8:b9:b5:b0:40:c1:8f:b6:1c:d7:ef:
6c:4b:29:eb:a6:4f:2e:9b:79:88:15:16:0d:b0:9a:b1:38:ec:
0f:2a:0a:ee:76:57:10:de:dc:c5:60:2c:47:3e:63:de:04:2f:
7b:91:3e:bc:76:a3:58:08:53:ea:d2:f2:3a:59:09:39:bd:4b:
ae:43:64:e8:c6:46:ae:a8:25:c8:37:2f:64:91:72:ee:60:17:
89:3b:e5:b4:f1:d2:79:b6:76:b0:c3:37:1e:6d:38:5a:06:c5:
8f:0a:03:0b:69:61:a5:0e:96:27:48:6f:6d:9b:ab:7d:b4:b0:
3f:25:09:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ithmKi0pWKV3pDlIxEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliM2YyOWZmOWVhNzFiM2MzZGMxZjVhZjA1NGI0MTY0N2M5
MWFmOTgwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE5ZThjYmMzZjMxZGMwZTIxOWY3MjE2ZjYzOWEzOTc2MjdlZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwonzghnef/Y5vYYyA3mEjtH8ZnKY
1aUSTcjpKwammgNTuqtw/2GGxANsDHsWxV/DpG5c+uG2u93MZ1nLbQuPli9rT9OD
sfPoaxziXUE2ZRYIU7MMNtMmrL4jAOXkZv5HZMlITjv11w1g8r5ytu0WGiyReF3e
WHZ6Qa2g20tSpJChBwJm/m6bjDMGW6mRGFGwfvHPzG1SXMGr8TPEC5X9VVnSc7e6
qjhZI/Ey5Ik4HV3qiqvZVa/IuE0gUewfmN5y1AqaVxJJCq3wiWhH51Hy4HX0rIm+
NCtMHbIlM2XSmaYIFCiLgY215osv4tIphpHu9Xv4TPyLDxiP/J7kyTNq2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcZ6MvD8x3A4hn3IW9jmjl2J+7zMB8GA1UdIwQY
MBaAFJs/Kf+epxs8PcH1rwVLQWR8ka+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTct
ZjQ2MjI0YjBkMTYxLzEvTnhub3k4UHpIY0RpR2ZjaGIyT2FPWFluN3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTctZjQ2MjI0YjBkMTYx
LzEvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubXnMA0G
CSqGSIb3DQEBCwUAA4IBAQAPyejTLoazUqzfD82iqwK1d8zjP0eAWbrihP0jL7A3
5RIyWa2EOi8C3OOukMWTnBCnIziVJRCvCnQKM3lQkr+zASz/Owii2HgFYI9S/1Tl
Zy43so0tGytYuf7hDJ/3Ka8Bkhxq6ne7SvlIO+4TBCURzKSAM9HU6+xCwPdL1f3o
2Wd9PMNCqLm1sEDBj7Yc1+9sSynrpk8um3mIFRYNsJqxOOwPKgrudlcQ3tzFYCxH
PmPeBC97kT68dqNYCFPq0vI6WQk5vUuuQ2ToxkauqCXINy9kkXLuYBeJO+W08dJ5
tnawwzcebThaBsWPCgMLaWGlDpYnSG9tm6t9tLA/JQmM
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:07:15 2025 by rpki-client