Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/nkLmWF2X04pEKbldwQ-XhzCzFtI.roa
File: nkLmWF2X04pEKbldwQ-XhzCzFtI.roa (raw, json)
Hash identifier: drZ+SVUdJNv3IZqPJ450+x2T4QY0zqQN6P9TNIS4M4U=
Subject key identifier: 9E:42:E6:58:5D:97:D3:8A:44:29:B9:5D:C1:0F:97:87:30:B3:16:D2
Certificate issuer: /CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Certificate serial: 019420681DBFBF9ABB12132708F6E64CA454
Authority key identifier: B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/nkLmWF2X04pEKbldwQ-XhzCzFtI.roa
Signing time: Wed 01 Jan 2025 05:48:01 +0000
ROA not before: Wed 01 Jan 2025 05:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49234
IP address blocks: 193.17.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1d:bf:bf:9a:bb:12:13:27:08:f6:e6:4c:a4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8232d19dd81d45c25923aeb4d9a9685879aefa6
Validity
Not Before: Jan 1 05:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e42e6585d97d38a4429b95dc10f978730b316d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:2b:5b:bc:dd:38:90:07:0a:cb:ea:5f:cc:92:
b1:59:e9:a0:c1:79:63:5d:d6:e2:bf:2d:02:fb:fc:
6a:32:25:f8:29:89:93:dd:0c:93:5a:de:7c:c9:9c:
40:32:65:90:c9:3f:67:6f:c0:aa:cb:f3:40:e3:9d:
56:21:84:44:9a:77:d1:62:02:b2:71:68:14:2e:bf:
46:0c:27:52:97:48:19:e6:e9:60:43:6b:a3:a4:6e:
59:b7:9d:ab:5b:d1:70:cc:95:e8:d3:1f:0d:6b:91:
18:a8:a2:a0:66:fc:83:d2:37:c4:d7:a0:5e:bb:07:
c7:81:fb:b9:a5:93:a9:62:29:b6:65:1c:90:fc:5e:
00:a2:05:33:24:94:0d:4b:92:97:fd:5c:e0:5b:c0:
84:63:0b:8d:0f:8b:f8:0e:08:78:72:c0:b7:ad:0d:
79:5c:a2:57:90:43:15:73:cb:e8:b3:12:3b:ff:79:
52:29:d7:f9:86:a0:58:e1:09:d1:5b:94:30:31:b7:
ff:af:aa:8d:dc:b0:2d:93:49:6b:0c:a4:d5:01:2b:
90:9b:e1:ea:80:0a:04:5f:21:85:c9:b4:32:0d:37:
b7:42:3e:8d:2b:33:c2:6c:bf:22:38:1e:10:9b:72:
07:55:ec:b4:d4:5e:40:d0:e5:b4:1e:2d:38:54:e7:
c6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:42:E6:58:5D:97:D3:8A:44:29:B9:5D:C1:0F:97:87:30:B3:16:D2
X509v3 Authority Key Identifier:
keyid:B8:23:2D:19:DD:81:D4:5C:25:92:3A:EB:4D:9A:96:85:87:9A:EF:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCMtGd2B1FwlkjrrTZqWhYea76Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/nkLmWF2X04pEKbldwQ-XhzCzFtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3fa718-90c5-426c-b85f-1df09e701434/1/uCMtGd2B1FwlkjrrTZqWhYea76Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.240.0/21
Signature Algorithm: sha256WithRSAEncryption
12:fa:d3:33:d6:75:52:1a:07:46:59:e2:fa:37:6d:8f:8e:ad:
63:f2:d4:ba:fd:9c:33:cf:0d:75:91:71:53:bb:c8:0e:30:52:
d3:c3:3d:fc:5b:aa:41:16:45:b4:dd:8a:d9:8d:89:56:41:15:
94:0b:a8:3d:c6:36:98:0d:a2:45:2d:a1:13:ac:15:3e:d4:55:
d0:61:57:15:cc:e4:d3:c3:a8:a0:b0:f6:ad:3e:d6:31:db:8c:
35:ea:0a:e4:7a:a8:95:84:c0:d6:e5:8f:28:7b:97:70:84:0e:
b7:78:2f:84:98:2d:2a:cc:86:af:de:9c:28:09:45:de:81:c3:
89:fd:1e:90:43:55:b7:c4:ec:7e:7a:3d:65:df:a3:4d:ef:4e:
be:74:58:b8:f7:36:e7:c6:8d:ca:2c:64:2c:87:5f:2f:ac:70:
3a:4d:65:13:f4:e9:9c:dc:42:08:92:6b:89:0c:7f:e0:b1:ea:
0e:bf:1c:5b:85:5f:0e:db:66:03:22:f3:77:8b:54:8d:cb:25:
b2:5a:a4:89:73:e5:d7:b3:53:25:28:be:48:8b:ab:3a:eb:9a:
aa:2f:ed:62:a1:b0:02:68:63:53:32:55:3f:08:6f:a4:ed:74:
74:c6:81:b6:fc:fa:6d:17:8c:fe:1c:d0:13:d8:8e:84:be:13:
d5:8d:23:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaB2/v5q7EhMnCPbmTKRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MjMyZDE5ZGQ4MWQ0NWMyNTkyM2FlYjRkOWE5Njg1ODc5
YWVmYTYwHhcNMjUwMTAxMDU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQyZTY1ODVkOTdkMzhhNDQyOWI5NWRjMTBmOTc4NzMwYjMxNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8CtbvN04kAcKy+pfzJKxWemgwXlj
Xdbivy0C+/xqMiX4KYmT3QyTWt58yZxAMmWQyT9nb8Cqy/NA451WIYREmnfRYgKy
cWgULr9GDCdSl0gZ5ulgQ2ujpG5Zt52rW9FwzJXo0x8Na5EYqKKgZvyD0jfE16Be
uwfHgfu5pZOpYim2ZRyQ/F4AogUzJJQNS5KX/VzgW8CEYwuND4v4Dgh4csC3rQ15
XKJXkEMVc8vosxI7/3lSKdf5hqBY4QnRW5QwMbf/r6qN3LAtk0lrDKTVASuQm+Hq
gAoEXyGFybQyDTe3Qj6NKzPCbL8iOB4Qm3IHVey01F5A0OW0Hi04VOfGfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5C5lhdl9OKRCm5XcEPl4cwsxbSMB8GA1UdIwQY
MBaAFLgjLRndgdRcJZI6602aloWHmu+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYt
MWRmMDllNzAxNDM0LzEvbmtMbVdGMlgwNHBFS2JsZHdRLVhoekN6RnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zZmE3MTgtOTBjNS00MjZjLWI4NWYtMWRmMDllNzAxNDM0
LzEvdUNNdEdkMkIxRndsa2pyclRacVdoWWVhNzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAS+tMz1nVSGgdGWeL6N22Pjq1j8tS6/Zwzzw11kXFT
u8gOMFLTwz38W6pBFkW03YrZjYlWQRWUC6g9xjaYDaJFLaETrBU+1FXQYVcVzOTT
w6igsPatPtYx24w16grkeqiVhMDW5Y8oe5dwhA63eC+EmC0qzIav3pwoCUXegcOJ
/R6QQ1W3xOx+ej1l36NN706+dFi49zbnxo3KLGQsh18vrHA6TWUT9Omc3EIIkmuJ
DH/gseoOvxxbhV8O22YDIvN3i1SNyyWyWqSJc+XXs1MlKL5Ii6s665qqL+1iobAC
aGNTMlU/CG+k7XR0xoG2/PptF4z+HNAT2I6EvhPVjSO6
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:31:23 2025 by rpki-client