Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nTkHZBGZE6brICkG98mI9NGbu4I.roa
File: nTkHZBGZE6brICkG98mI9NGbu4I.roa (raw, json)
Hash identifier: wrpLBeqKoX6u7L+D/3JaVWegwMFVA91b2afKHLLXHLM=
Subject key identifier: 9D:39:07:64:11:99:13:A6:EB:20:29:06:F7:C9:88:F4:D1:9B:BB:82
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CB47D51FA40BA36363F80FA78F70B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nTkHZBGZE6brICkG98mI9NGbu4I.roa
Signing time: Wed 01 Jan 2025 01:48:22 +0000
ROA not before: Wed 01 Jan 2025 01:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199652
IP address blocks: 185.6.4.0/22 maxlen: 24
185.91.228.0/22 maxlen: 24
185.249.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:b4:7d:51:fa:40:ba:36:36:3f:80:fa:78:f7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d390764119913a6eb202906f7c988f4d19bbb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:34:c4:ff:84:54:0d:be:8b:c2:82:71:8e:de:
ac:01:bb:73:d9:1a:84:48:d9:82:51:5e:52:be:07:
38:1e:69:1b:24:ad:f9:3e:5e:97:d9:35:ad:94:72:
79:ed:7d:97:61:ed:41:12:bc:e7:aa:53:87:b8:e8:
b1:2c:f5:9f:12:97:c1:9c:63:06:50:f4:6a:a5:57:
0b:b4:bd:20:51:6d:6d:8a:11:12:f6:06:a4:fb:f3:
e9:71:25:2d:d6:bb:ff:ba:47:37:54:91:7d:13:a3:
71:dc:0e:ea:00:24:2c:ac:db:54:d3:14:35:65:e7:
9b:c1:37:05:f0:b1:29:a0:2b:77:1d:c4:ab:af:26:
b8:74:7e:91:91:09:47:ec:88:ad:2a:31:b8:27:ae:
32:95:51:84:b4:d3:74:b4:57:bc:35:7e:1d:af:e5:
b0:f4:58:10:ce:c3:6f:76:f9:a1:58:fc:82:cd:c1:
f1:22:c6:93:6c:f7:e2:1f:00:5c:21:9c:70:69:56:
c6:3a:bb:ec:2e:0d:11:b9:53:60:e3:6b:15:f2:e3:
81:32:04:c9:14:c6:e6:eb:04:6d:41:11:31:10:a8:
ef:c3:17:e2:26:73:48:8b:84:60:20:33:e7:45:a5:
2d:63:d6:69:e1:0f:a1:aa:71:ab:76:a3:84:2b:54:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:39:07:64:11:99:13:A6:EB:20:29:06:F7:C9:88:F4:D1:9B:BB:82
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nTkHZBGZE6brICkG98mI9NGbu4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.4.0/22
185.91.228.0/22
185.249.24.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:e8:e0:c9:71:b4:5b:90:3b:aa:54:ca:65:e8:3e:d8:b1:2c:
30:7e:1e:e3:53:eb:9f:56:ff:1f:be:f4:27:41:ff:7e:e0:52:
71:c6:e2:50:0e:65:1f:4a:13:b5:81:31:a0:e7:5a:14:dc:d2:
a3:f2:a4:4e:e4:cc:3b:43:f7:4e:0b:ca:0e:36:a4:d4:5a:88:
a2:e6:d4:16:d1:19:91:be:17:52:7f:c6:8a:56:46:7a:a8:61:
b7:fb:15:91:e9:e3:21:1c:aa:69:a8:57:a2:dd:56:4b:75:fc:
3b:b2:f0:97:a9:7f:a5:72:fc:92:cd:d7:ef:db:de:e9:b8:b9:
5f:52:32:3c:51:6d:76:4c:60:76:e0:41:3e:8b:10:e5:e8:3a:
5f:f0:be:ce:5c:b4:f9:b7:11:2e:19:ec:2f:b7:7a:cd:a0:14:
2e:2a:13:ac:20:03:2e:1f:30:1e:00:33:51:be:07:09:0b:cb:
1c:70:26:4e:27:4c:67:b4:ed:01:c3:7a:f7:17:46:4d:d8:ba:
29:c2:12:d5:33:c7:9a:9f:41:d7:85:36:02:cf:62:e5:2c:79:
49:01:c6:22:5b:fb:39:50:0b:53:f4:61:be:f5:5c:99:b6:27:
17:53:a6:93:cc:e5:5e:9f:c0:17:2a:a7:29:e0:56:46:66:7d:
f8:35:6b:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjLR9UfpAujY2P4D6ePcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM5MDc2NDExOTkxM2E2ZWIyMDI5MDZmN2M5ODhmNGQxOWJiYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTTE/4RUDb6LwoJxjt6sAbtz2RqE
SNmCUV5Svgc4HmkbJK35Pl6X2TWtlHJ57X2XYe1BErznqlOHuOixLPWfEpfBnGMG
UPRqpVcLtL0gUW1tihES9gak+/PpcSUt1rv/ukc3VJF9E6Nx3A7qACQsrNtU0xQ1
ZeebwTcF8LEpoCt3HcSrrya4dH6RkQlH7IitKjG4J64ylVGEtNN0tFe8NX4dr+Ww
9FgQzsNvdvmhWPyCzcHxIsaTbPfiHwBcIZxwaVbGOrvsLg0RuVNg42sV8uOBMgTJ
FMbm6wRtQRExEKjvwxfiJnNIi4RgIDPnRaUtY9Zp4Q+hqnGrdqOEK1SRRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ05B2QRmROm6yApBvfJiPTRm7uCMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvblRrSFpCR1pFNmJySUNrRzk4bUk5TkdidTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQYEAwQC
uVvkAwQCufkYMA0GCSqGSIb3DQEBCwUAA4IBAQAr6ODJcbRbkDuqVMpl6D7YsSww
fh7jU+ufVv8fvvQnQf9+4FJxxuJQDmUfShO1gTGg51oU3NKj8qRO5Mw7Q/dOC8oO
NqTUWoii5tQW0RmRvhdSf8aKVkZ6qGG3+xWR6eMhHKppqFei3VZLdfw7svCXqX+l
cvySzdfv297puLlfUjI8UW12TGB24EE+ixDl6Dpf8L7OXLT5txEuGewvt3rNoBQu
KhOsIAMuHzAeADNRvgcJC8sccCZOJ0xntO0Bw3r3F0ZN2LopwhLVM8ean0HXhTYC
z2LlLHlJAcYiW/s5UAtT9GG+9VyZticXU6aTzOVen8AXKqcp4FZGZn34NWvG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net