Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/nxm2z-N8DzZSbo0806BLGjh1MGI.roa
File: nxm2z-N8DzZSbo0806BLGjh1MGI.roa (raw, json)
Hash identifier: LBhQJnrLYwLBMi2jNJHPP6NuErBJyyIWsF2qumnunWA=
Subject key identifier: 9F:19:B6:CF:E3:7C:0F:36:52:6E:8D:3C:D3:A0:4B:1A:38:75:30:62
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5C2E97ED35413BBB328FA985D0BB
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/nxm2z-N8DzZSbo0806BLGjh1MGI.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41682
IP address blocks: 2a02:2698:8000::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5c:2e:97:ed:35:41:3b:bb:32:8f:a9:85:d0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f19b6cfe37c0f36526e8d3cd3a04b1a38753062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:14:7d:2e:7a:60:e2:f9:f5:61:28:e9:c3:5b:
50:23:fc:df:3a:19:6c:f3:7e:84:f3:0d:9a:fd:7a:
93:be:1a:c7:52:bd:6d:60:06:8f:1c:47:cd:d6:2c:
e8:eb:7d:55:82:ae:96:e4:af:33:09:07:e9:e5:72:
53:9a:4d:f8:b4:36:1a:ee:57:50:0c:eb:d2:ab:03:
ab:d5:04:6d:4f:a1:9c:5c:c6:9f:5d:42:fa:1f:f0:
a9:b4:9b:b1:3d:8b:bd:c6:66:3f:e5:e2:6a:7e:4f:
fa:56:fb:f1:84:07:ec:b4:9e:10:57:ca:10:ce:03:
45:2e:75:28:c4:e0:9d:5d:09:c5:b8:37:ff:83:91:
4f:b4:16:87:93:03:06:dd:85:af:d7:a6:13:8d:a2:
e1:14:c8:91:a9:f8:55:8e:5b:e0:21:4b:33:4a:c9:
e3:92:aa:2b:9e:58:34:1b:bf:9d:d4:11:d6:70:dd:
f7:13:8c:1b:64:39:3a:71:db:ea:a0:60:21:1f:a0:
6b:00:1f:30:4b:1c:bc:e5:4d:e6:bd:3f:59:28:90:
d1:24:e6:26:81:46:1e:75:58:ed:dd:28:bf:b6:14:
35:ca:aa:e3:88:a5:ea:ed:74:83:11:6c:0e:7f:5e:
b7:02:c2:9c:f6:4d:37:86:74:93:56:b7:da:cc:65:
bd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:19:B6:CF:E3:7C:0F:36:52:6E:8D:3C:D3:A0:4B:1A:38:75:30:62
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/nxm2z-N8DzZSbo0806BLGjh1MGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8000::/38
Signature Algorithm: sha256WithRSAEncryption
2e:e9:9a:b7:a1:54:e0:bc:93:39:df:d6:56:34:f6:a9:fd:2d:
67:23:6f:46:73:8b:f8:eb:0f:9d:f5:7e:71:4a:3e:fc:49:00:
46:50:a6:6b:a7:62:8c:0e:76:47:ff:a1:8d:c3:97:b3:e9:0f:
b2:bb:9f:e6:31:85:5c:67:df:cb:47:99:7e:65:16:29:2a:7b:
ad:d4:4b:2f:99:37:40:0b:ef:ff:e4:e0:fe:12:04:9e:4f:79:
1f:f7:b8:67:b6:3b:c0:e3:ed:5e:1b:27:f1:28:54:8a:69:0a:
62:71:b8:7c:d1:05:8c:54:e0:63:89:89:80:e4:c3:86:07:bb:
15:2f:39:e8:ab:c0:55:59:87:c6:e8:f2:9e:a8:86:fe:df:a9:
67:5f:e0:87:fd:5a:51:84:a3:06:68:53:57:d4:60:53:f3:cc:
aa:b3:c2:9a:98:b0:ec:2e:46:86:84:cc:81:3f:3d:78:11:9b:
2a:75:6f:35:fc:1a:ad:df:5e:b6:cf:8b:41:ec:09:b8:ad:c4:
c7:2a:18:42:1a:41:58:1d:c6:bd:cc:47:5f:85:df:8c:62:c6:
86:78:8f:74:ff:c7:ea:19:e8:66:c3:e7:79:09:c1:78:05:4f:
a0:cc:61:2c:7a:db:05:6b:0f:48:6f:a3:fd:97:24:20:95:92:
39:00:bb:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjFwul+01QTu7Mo+phdC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE5YjZjZmUzN2MwZjM2NTI2ZThkM2NkM2EwNGIxYTM4NzUzMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBR9Lnpg4vn1YSjpw1tQI/zfOhls
836E8w2a/XqTvhrHUr1tYAaPHEfN1izo631Vgq6W5K8zCQfp5XJTmk34tDYa7ldQ
DOvSqwOr1QRtT6GcXMafXUL6H/CptJuxPYu9xmY/5eJqfk/6VvvxhAfstJ4QV8oQ
zgNFLnUoxOCdXQnFuDf/g5FPtBaHkwMG3YWv16YTjaLhFMiRqfhVjlvgIUszSsnj
kqornlg0G7+d1BHWcN33E4wbZDk6cdvqoGAhH6BrAB8wSxy85U3mvT9ZKJDRJOYm
gUYedVjt3Si/thQ1yqrjiKXq7XSDEWwOf163AsKc9k03hnSTVrfazGW9MwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ8Zts/jfA82Um6NPNOgSxo4dTBiMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvbnhtMnotTjhEelpTYm8wODA2QkxHamgxTUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIAw
DQYJKoZIhvcNAQELBQADggEBAC7pmrehVOC8kznf1lY09qn9LWcjb0Zzi/jrD531
fnFKPvxJAEZQpmunYowOdkf/oY3Dl7PpD7K7n+YxhVxn38tHmX5lFikqe63USy+Z
N0AL7//k4P4SBJ5PeR/3uGe2O8Dj7V4bJ/EoVIppCmJxuHzRBYxU4GOJiYDkw4YH
uxUvOeirwFVZh8bo8p6ohv7fqWdf4If9WlGEowZoU1fUYFPzzKqzwpqYsOwuRoaE
zIE/PXgRmyp1bzX8Gq3fXrbPi0HsCbitxMcqGEIaQVgdxr3MR1+F34xixoZ4j3T/
x+oZ6GbD53kJwXgFT6DMYSx62wVrD0hvo/2XJCCVkjkAu0M=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:24 2025 by rpki-client