Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/NLQArFSOQLDpcVGzf58DJdkdlUU.roa
File: NLQArFSOQLDpcVGzf58DJdkdlUU.roa (raw, json)
Hash identifier: /TmgVjTIxyABlObSGd3XMWr6X/DH1iQc1TLSe/DAie4=
Subject key identifier: 34:B4:00:AC:54:8E:40:B0:E9:71:51:B3:7F:9F:03:25:D9:1D:95:45
Certificate issuer: /CN=680121b199b291de7763d8c1caa7b3cdc3561810
Certificate serial: 0190BCF9DA710B5C4FD574A45F0FA21A3357
Authority key identifier: 68:01:21:B1:99:B2:91:DE:77:63:D8:C1:CA:A7:B3:CD:C3:56:18:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAEhsZmykd53Y9jByqezzcNWGBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/NLQArFSOQLDpcVGzf58DJdkdlUU.roa
Signing time: Tue 16 Jul 2024 19:16:49 +0000
ROA not before: Tue 16 Jul 2024 19:16:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 185.128.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:f9:da:71:0b:5c:4f:d5:74:a4:5f:0f:a2:1a:33:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=680121b199b291de7763d8c1caa7b3cdc3561810
Validity
Not Before: Jul 16 19:16:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b400ac548e40b0e97151b37f9f0325d91d9545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ef:70:54:92:2d:f5:c2:a7:94:57:40:f0:64:
4f:b6:a1:38:e4:e8:d3:ff:80:74:fd:0c:3b:95:0a:
0b:b3:a8:3a:cb:ec:98:87:f0:f6:6d:8a:45:b0:0d:
8b:87:34:b3:31:6c:6e:8c:ed:32:48:d6:7f:3d:c1:
4b:f9:87:d8:9d:82:47:8d:ea:a5:ed:a1:5e:0e:35:
e2:96:d3:12:0c:80:41:73:49:52:20:3f:38:08:ff:
d9:02:d5:e0:5c:fb:0d:90:e5:fd:cd:2d:cc:a2:c4:
8b:10:42:67:14:4b:ad:ee:cd:2a:7d:ac:87:57:d9:
5a:30:58:90:45:1f:7b:23:13:f4:70:03:fe:d1:b5:
79:3d:d4:e5:f6:fa:85:f6:f8:c1:13:56:56:f8:7a:
f1:68:7f:6a:d0:ff:44:75:6d:d3:f4:3c:68:60:f1:
60:82:00:02:e3:40:c5:92:f6:ac:03:02:72:05:87:
64:c9:f2:bd:d4:05:db:ea:84:d4:70:cf:57:a2:19:
93:4d:e3:b0:e3:d6:ce:b0:66:04:a9:25:6a:06:63:
96:bf:31:f6:40:4f:ad:b2:d4:83:c2:32:6b:0b:c2:
4c:9d:4e:8a:10:ef:a9:9a:fe:36:1d:f3:b8:44:8b:
9e:67:e3:45:58:74:ef:54:16:64:5d:f7:29:c5:1d:
9a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B4:00:AC:54:8E:40:B0:E9:71:51:B3:7F:9F:03:25:D9:1D:95:45
X509v3 Authority Key Identifier:
keyid:68:01:21:B1:99:B2:91:DE:77:63:D8:C1:CA:A7:B3:CD:C3:56:18:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAEhsZmykd53Y9jByqezzcNWGBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/NLQArFSOQLDpcVGzf58DJdkdlUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/aAEhsZmykd53Y9jByqezzcNWGBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.226.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:81:67:19:03:88:a2:04:0f:76:3e:8f:07:b4:58:82:e8:86:
ca:b6:48:3a:89:f6:46:78:81:1d:0f:f7:49:bf:04:17:5f:b6:
2b:b0:c4:9e:e3:d4:ed:2a:0b:3a:99:df:78:a9:c4:5b:81:c6:
6b:a0:2d:8e:1e:6b:25:1f:ac:c1:d4:c4:48:3e:7d:a7:33:ca:
76:c8:e9:08:37:87:83:59:91:2c:71:77:ec:88:dc:ca:93:97:
06:13:09:e9:cd:74:79:86:b8:00:c1:3c:b5:35:7a:57:b7:35:
67:df:71:45:3d:79:5c:32:06:a0:1d:32:f8:83:94:35:8c:63:
fd:fb:4b:32:e8:ec:60:37:3e:82:96:5e:4a:a4:91:32:60:e6:
c2:2a:48:0c:92:44:c1:9d:c1:6c:e0:5d:0b:68:b6:64:18:e3:
6f:24:c7:b4:97:61:b2:38:30:b7:67:03:75:27:10:59:35:33:
68:ef:6f:d8:80:58:c2:60:2a:e0:17:9b:93:64:27:5b:03:bd:
1e:70:7f:06:ae:c5:8d:dd:f0:69:09:6f:0e:67:a0:5e:6d:53:
1a:b7:a3:15:1a:d2:32:57:8b:70:5c:05:5b:fc:d9:fb:e6:50:
89:2f:f6:3d:8f:df:59:a4:7a:da:0c:2f:7b:e3:85:5f:83:9b:
f2:51:d8:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC8+dpxC1xP1XSkXw+iGjNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDEyMWIxOTliMjkxZGU3NzYzZDhjMWNhYTdiM2NkYzM1
NjE4MTAwHhcNMjQwNzE2MTkxNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI0MDBhYzU0OGU0MGIwZTk3MTUxYjM3ZjlmMDMyNWQ5MWQ5NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne9wVJIt9cKnlFdA8GRPtqE45OjT
/4B0/Qw7lQoLs6g6y+yYh/D2bYpFsA2LhzSzMWxujO0ySNZ/PcFL+YfYnYJHjeql
7aFeDjXiltMSDIBBc0lSID84CP/ZAtXgXPsNkOX9zS3MosSLEEJnFEut7s0qfayH
V9laMFiQRR97IxP0cAP+0bV5PdTl9vqF9vjBE1ZW+HrxaH9q0P9EdW3T9DxoYPFg
ggAC40DFkvasAwJyBYdkyfK91AXb6oTUcM9XohmTTeOw49bOsGYEqSVqBmOWvzH2
QE+tstSDwjJrC8JMnU6KEO+pmv42HfO4RIueZ+NFWHTvVBZkXfcpxR2aDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDS0AKxUjkCw6XFRs3+fAyXZHZVFMB8GA1UdIwQY
MBaAFGgBIbGZspHed2PYwcqns83DVhgQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFFaHNabXlrZDUzWTlqQnlxZXp6Y05XR0JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8yZGNlZTctYjBjNS00MWM4LWEzNmMt
YmFkZDFjZDJkY2VjLzEvTkxRQXJGU09RTERwY1ZHemY1OERKZGtkbFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8yZGNlZTctYjBjNS00MWM4LWEzNmMtYmFkZDFjZDJkY2Vj
LzEvYUFFaHNabXlrZDUzWTlqQnlxZXp6Y05XR0JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDiMA0G
CSqGSIb3DQEBCwUAA4IBAQBtgWcZA4iiBA92Po8HtFiC6IbKtkg6ifZGeIEdD/dJ
vwQXX7YrsMSe49TtKgs6md94qcRbgcZroC2OHmslH6zB1MRIPn2nM8p2yOkIN4eD
WZEscXfsiNzKk5cGEwnpzXR5hrgAwTy1NXpXtzVn33FFPXlcMgagHTL4g5Q1jGP9
+0sy6OxgNz6Cll5KpJEyYObCKkgMkkTBncFs4F0LaLZkGONvJMe0l2GyODC3ZwN1
JxBZNTNo72/YgFjCYCrgF5uTZCdbA70ecH8GrsWN3fBpCW8OZ6BebVMat6MVGtIy
V4twXAVb/Nn75lCJL/Y9j99ZpHraDC9744Vfg5vyUdhj
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:33:53 2025 by rpki-client