Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/NKBdNnKPToLI47Hnl3n9Lr0qpVE.roa
File: NKBdNnKPToLI47Hnl3n9Lr0qpVE.roa (raw, json)
Hash identifier: TjUhViH8+so4224KmGJym6LJscd3XEc8YHqommmYBXc=
Subject key identifier: 34:A0:5D:36:72:8F:4E:82:C8:E3:B1:E7:97:79:FD:2E:BD:2A:A5:51
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA4583E43535B6662DB7DF780ACAA3
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/NKBdNnKPToLI47Hnl3n9Lr0qpVE.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14969
IP address blocks: 83.126.61.0/24 maxlen: 24
84.207.206.0/24 maxlen: 24
84.207.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:45:83:e4:35:35:b6:66:2d:b7:df:78:0a:ca:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34a05d36728f4e82c8e3b1e79779fd2ebd2aa551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2c:b0:43:32:cf:92:2b:ba:1f:f9:fb:fc:96:
e6:12:0c:bb:d3:b7:7b:e7:3e:d9:d4:67:3f:c7:75:
c1:2b:39:a4:4e:90:8a:7d:59:65:d6:56:52:5d:aa:
5c:6b:a5:ff:8b:88:fe:f0:50:d0:40:c2:8a:ca:37:
c4:fb:73:15:0c:93:e1:8b:65:73:5d:57:8c:f9:5e:
77:2c:e9:71:a7:93:38:cd:e5:08:ea:10:7f:c1:b1:
05:50:ef:50:c2:64:5e:0b:b2:17:42:9b:82:ec:01:
f8:18:ea:4a:9a:91:60:f3:bf:44:8b:ca:29:2d:ea:
71:df:46:3f:a6:40:ea:bc:0e:77:07:1e:ed:eb:69:
e2:78:a4:1f:d9:85:29:e3:8e:6f:3c:77:a4:89:16:
7c:30:9d:2c:6b:dc:2a:51:f4:62:17:4b:b5:01:57:
7e:67:25:03:ef:46:8f:9b:e8:8d:00:5e:ca:25:b5:
38:f9:47:03:33:6e:30:b5:dc:4e:fe:ac:d9:d4:87:
03:8d:27:db:7e:62:6e:96:5b:01:0f:4f:aa:07:fe:
1a:59:30:8b:60:d9:d9:59:58:1d:71:36:5e:bf:73:
b4:46:9f:36:a9:79:d8:cc:a6:ac:54:fa:f5:f7:ba:
8c:04:ce:5c:23:66:4e:d3:36:e9:fa:a4:79:d8:87:
4f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A0:5D:36:72:8F:4E:82:C8:E3:B1:E7:97:79:FD:2E:BD:2A:A5:51
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/NKBdNnKPToLI47Hnl3n9Lr0qpVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.126.61.0/24
84.207.206.0/24
84.207.234.0/24
Signature Algorithm: sha256WithRSAEncryption
91:f5:f8:89:af:cf:bb:6b:94:3b:3a:2b:02:a9:b4:3d:e5:ed:
24:04:ae:2a:2b:33:ba:02:dc:5c:64:37:a9:95:a3:e3:36:50:
99:5b:2f:20:fb:ea:a6:4b:eb:dd:69:56:65:d3:b1:ee:30:f8:
51:fe:2d:dc:d6:9f:d3:bb:a2:fa:9f:e5:e5:33:74:76:6b:46:
5a:8d:f8:e7:53:58:c2:04:11:b3:98:dd:aa:7c:0d:57:4f:d5:
33:26:16:64:49:16:70:a8:1b:4a:4e:10:c7:ca:aa:e8:63:d2:
aa:45:8b:67:ad:69:08:43:e6:2d:47:d4:26:b2:84:83:f2:51:
e7:3a:b3:51:64:9c:61:63:db:73:62:64:bb:cb:73:6f:fe:8d:
23:ec:42:29:85:66:38:8a:09:db:71:6e:be:3a:6a:ed:2b:7f:
17:38:9a:ce:0a:e7:64:1f:ae:30:63:18:b1:9f:71:f9:80:c0:
83:ce:b7:d7:ca:a4:75:1c:16:fe:fc:a7:e9:ce:7f:da:fb:07:
7c:a3:20:a0:e6:bd:85:98:10:c7:91:d6:e4:d9:71:52:37:02:
eb:a9:59:28:89:ff:bb:ce:e4:d3:a7:fb:69:b8:e9:fc:a4:3b:
44:d4:e1:80:24:81:60:83:ee:90:48:ad:d0:a5:c9:21:44:c6:
83:5b:f9:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+kWD5DU1tmYtt994CsqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGEwNWQzNjcyOGY0ZTgyYzhlM2IxZTc5Nzc5ZmQyZWJkMmFhNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SywQzLPkiu6H/n7/JbmEgy707d7
5z7Z1Gc/x3XBKzmkTpCKfVll1lZSXapca6X/i4j+8FDQQMKKyjfE+3MVDJPhi2Vz
XVeM+V53LOlxp5M4zeUI6hB/wbEFUO9QwmReC7IXQpuC7AH4GOpKmpFg879Ei8op
Lepx30Y/pkDqvA53Bx7t62nieKQf2YUp445vPHekiRZ8MJ0sa9wqUfRiF0u1AVd+
ZyUD70aPm+iNAF7KJbU4+UcDM24wtdxO/qzZ1IcDjSfbfmJullsBD0+qB/4aWTCL
YNnZWVgdcTZev3O0Rp82qXnYzKasVPr197qMBM5cI2ZO0zbp+qR52IdP1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDSgXTZyj06CyOOx55d5/S69KqVRMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvTktCZE5uS1BUb0xJNDdIbmwzbjlMcjBxcFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU349AwQA
VM/OAwQAVM/qMA0GCSqGSIb3DQEBCwUAA4IBAQCR9fiJr8+7a5Q7OisCqbQ95e0k
BK4qKzO6AtxcZDeplaPjNlCZWy8g++qmS+vdaVZl07HuMPhR/i3c1p/Tu6L6n+Xl
M3R2a0ZajfjnU1jCBBGzmN2qfA1XT9UzJhZkSRZwqBtKThDHyqroY9KqRYtnrWkI
Q+YtR9QmsoSD8lHnOrNRZJxhY9tzYmS7y3Nv/o0j7EIphWY4ignbcW6+OmrtK38X
OJrOCudkH64wYxixn3H5gMCDzrfXyqR1HBb+/Kfpzn/a+wd8oyCg5r2FmBDHkdbk
2XFSNwLrqVkoif+7zuTTp/tpuOn8pDtE1OGAJIFgg+6QSK3QpckhRMaDW/kM
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:00:17 2025 by rpki-client