Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/nxpV7fJsr1MeV2lxnTN9gOD0reY.roa
File: nxpV7fJsr1MeV2lxnTN9gOD0reY.roa (raw, json)
Hash identifier: ayqzGFQUH/GW7roc5uIrMN9jLE2W42BQnm/Wf27X3P8=
Subject key identifier: 9F:1A:55:ED:F2:6C:AF:53:1E:57:69:71:9D:33:7D:80:E0:F4:AD:E6
Certificate issuer: /CN=a0db124ef35c222167894a5a5e93704a811c34ac
Certificate serial: 170CDC2B
Authority key identifier: A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/nxpV7fJsr1MeV2lxnTN9gOD0reY.roa
Signing time: Sat 01 Jan 2022 03:00:49 +0000
ROA not before: Sat 01 Jan 2022 03:00:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20926
IP address blocks: 79.98.16.0/21 maxlen: 24
84.239.64.0/18 maxlen: 24
80.74.64.0/20 maxlen: 24
185.10.176.0/22 maxlen: 24
141.101.56.0/22 maxlen: 24
2a00:6901::/32 maxlen: 48
2a00:6900::/44 maxlen: 48
2a00:6900:f0::/48 maxlen: 48
2a03:5d40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386718763 (0x170cdc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0db124ef35c222167894a5a5e93704a811c34ac
Validity
Not Before: Jan 1 03:00:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f1a55edf26caf531e5769719d337d80e0f4ade6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:41:63:b1:96:11:18:7a:13:c9:f6:b5:27:ad:
59:63:6f:a6:a1:9a:1d:da:c9:bb:fb:ea:62:52:93:
c3:3f:3c:53:29:31:44:07:da:ee:d5:be:ff:e7:23:
f8:68:d8:bf:45:f2:22:40:37:33:60:4f:be:e5:a7:
d1:17:7c:01:f7:f8:e4:8d:6b:a6:a7:9b:94:8a:37:
d2:33:65:71:98:24:10:04:f5:80:ad:8c:03:be:29:
a8:30:84:12:74:37:fa:07:8c:8b:01:c9:33:bc:6a:
85:30:58:60:c1:47:b3:8b:48:a6:cf:fa:75:5d:4e:
0e:5b:fb:67:4e:83:ed:63:c5:83:1c:aa:b5:73:d3:
46:9e:5e:d4:d3:6f:86:e1:b4:43:19:e4:ee:29:19:
06:35:e4:fe:d2:bb:59:37:ee:d7:7f:bc:1c:c2:d6:
6f:60:05:61:84:81:96:0e:2e:d2:28:7b:f5:96:d0:
e4:b6:c9:62:82:45:09:7d:9c:3f:94:69:4d:90:6c:
bf:06:d5:0b:de:6a:09:3a:7d:5a:05:94:62:2d:2c:
b8:f5:d3:2a:f9:6e:3c:1f:11:50:7f:d8:0a:5b:75:
9f:e7:88:b0:f8:d2:c1:cb:51:d4:ad:6e:79:27:d1:
44:93:5e:3b:fb:41:c7:4f:29:e7:b8:01:b8:91:c8:
86:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1A:55:ED:F2:6C:AF:53:1E:57:69:71:9D:33:7D:80:E0:F4:AD:E6
X509v3 Authority Key Identifier:
keyid:A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/nxpV7fJsr1MeV2lxnTN9gOD0reY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/oNsSTvNcIiFniUpaXpNwSoEcNKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.16.0/21
80.74.64.0/20
84.239.64.0/18
141.101.56.0/22
185.10.176.0/22
IPv6:
2a00:6900::/44
2a00:6900:f0::/48
2a00:6901::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
07:c9:f4:8d:00:f6:26:ed:74:8d:ae:8e:d1:8e:0d:09:ad:7d:
4b:ad:f7:4c:e4:5d:dd:0e:ff:46:2a:2e:2a:04:59:6f:46:95:
62:bc:46:56:bd:f5:71:62:c4:b7:8e:2e:63:4e:ed:80:6a:df:
cf:ec:04:dc:4a:aa:ae:8a:d5:0f:c3:7a:98:f0:ff:5c:79:dd:
2c:40:14:15:3e:2a:96:0b:c8:7f:5c:ef:ab:46:2f:d1:bb:58:
e5:c2:b4:97:43:2c:6b:f7:7b:c0:9c:7d:60:19:45:87:9f:a8:
fe:ca:b5:88:a5:52:7d:2e:1d:b5:2b:ad:9b:7d:15:f3:e5:9f:
e0:0c:8b:dd:28:ba:a1:c0:17:8b:e9:7c:cd:3b:d8:a7:cf:0c:
a1:16:1d:15:cc:a5:f6:2d:b2:6c:02:8d:e2:f9:39:d2:60:7a:
e5:28:6c:83:9e:66:e3:e0:6b:3f:20:75:80:28:59:d8:4c:bc:
24:7c:64:c9:60:ea:13:7e:8a:24:c3:f5:e4:6c:52:ca:28:6e:
40:dc:7a:94:64:38:f3:4d:b5:b9:be:a6:bd:37:3b:73:d9:b9:
36:ed:8c:b3:11:1f:ad:20:09:74:3a:5a:9a:6c:9f:a1:ea:7e:
b1:3a:8c:34:cf:ed:f0:3a:a0:4f:aa:cb:b8:ce:f3:b8:8a:78:
38:50:e7:86
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEFwzcKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGRiMTI0ZWYzNWMyMjIxNjc4OTRhNWE1ZTkzNzA0YTgxMWMzNGFjMB4XDTIyMDEw
MTAzMDA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYxYTU1ZWRmMjZj
YWY1MzFlNTc2OTcxOWQzMzdkODBlMGY0YWRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5BY7GWERh6E8n2tSetWWNvpqGaHdrJu/vqYlKTwz88Uykx
RAfa7tW+/+cj+GjYv0XyIkA3M2BPvuWn0Rd8Aff45I1rpqeblIo30jNlcZgkEAT1
gK2MA74pqDCEEnQ3+geMiwHJM7xqhTBYYMFHs4tIps/6dV1ODlv7Z06D7WPFgxyq
tXPTRp5e1NNvhuG0Qxnk7ikZBjXk/tK7WTfu13+8HMLWb2AFYYSBlg4u0ih79ZbQ
5LbJYoJFCX2cP5RpTZBsvwbVC95qCTp9WgWUYi0suPXTKvluPB8RUH/YClt1n+eI
sPjSwctR1K1ueSfRRJNeO/tBx08p57gBuJHIhqkCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSfGlXt8myvUx5XaXGdM32A4PSt5jAfBgNVHSMEGDAWgBSg2xJO81wiIWeJ
Slpek3BKgRw0rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29Oc1NUdk5jSWlGbmlVcGFYcE53U29FY05Ldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMmRlYzkzLTdiMGEtNDYxNC1hMDU5LWY3ZTA5MmNlMjE3MC8x
L254cFY3ZkpzcjFNZVYybHhuVE45Z09EMHJlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MmRlYzkzLTdiMGEtNDYxNC1hMDU5LWY3ZTA5MmNlMjE3MC8xL29Oc1NUdk5jSWlG
bmlVcGFYcE53U29FY05Ldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wJAQCAAEwHgMEA09iEAMEBFBKQAMEBlTvQAMEAo1l
OAMEArkKsDAmBAIAAjAgAwcEKgBpAAAAAwcAKgBpAADwAwUAKgBpAQMFACoDXUAw
DQYJKoZIhvcNAQELBQADggEBAAfJ9I0A9ibtdI2ujtGODQmtfUut90zkXd0O/0Yq
LioEWW9GlWK8Rla99XFixLeOLmNO7YBq38/sBNxKqq6K1Q/Depjw/1x53SxAFBU+
KpYLyH9c76tGL9G7WOXCtJdDLGv3e8CcfWAZRYefqP7KtYilUn0uHbUrrZt9FfPl
n+AMi90ouqHAF4vpfM072KfPDKEWHRXMpfYtsmwCjeL5OdJgeuUobIOeZuPgaz8g
dYAoWdhMvCR8ZMlg6hN+iiTD9eRsUsoobkDcepRkOPNNtbm+pr03O3PZuTbtjLMR
H60gCXQ6Wppsn6HqfrE6jDTP7fA6oE+qy7jO87iKeDhQ54Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:56 2025 by rpki-client