Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/NZEoUIWnkibeWP49aUOJJpxPEBM.roa
File: NZEoUIWnkibeWP49aUOJJpxPEBM.roa (raw, json)
Hash identifier: wJ7PUcPdv7GUDbBwsm0jPuuaiFCAbSa73fm71Kskrh8=
Subject key identifier: 35:91:28:50:85:A7:92:26:DE:58:FE:3D:69:43:89:26:9C:4F:10:13
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 01856D9D149D1432D8CB11E6BE2C0A36A5DE
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/NZEoUIWnkibeWP49aUOJJpxPEBM.roa
Signing time: Sun 01 Jan 2023 13:54:49 +0000
ROA not before: Sun 01 Jan 2023 13:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.118.28.0/22 maxlen: 24
213.225.238.0/24 maxlen: 24
45.146.105.0/24 maxlen: 24
45.146.104.0/24 maxlen: 24
45.146.106.0/24 maxlen: 24
212.2.239.0/24 maxlen: 24
45.80.4.0/22 maxlen: 24
141.98.74.0/23 maxlen: 24
141.98.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:14:9d:14:32:d8:cb:11:e6:be:2c:0a:36:a5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Jan 1 13:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3591285085a79226de58fe3d694389269c4f1013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4b:90:95:2c:64:00:45:ed:c0:b1:d7:e6:05:
5c:83:3e:b5:7e:d5:9e:cc:8a:c2:78:c6:3d:0c:cc:
54:d4:02:0b:71:15:27:66:f0:1c:66:e6:6c:96:5b:
c6:8d:e2:9b:1e:fd:ca:26:ad:0a:ce:54:03:33:84:
52:00:8a:09:9d:1a:5c:32:86:c1:bf:eb:87:51:6b:
dc:90:e9:a2:ce:c9:55:03:fd:19:61:f4:1c:d5:9a:
f2:c4:8c:8a:59:d1:8d:76:d9:b4:61:37:10:e6:42:
79:b5:ef:d8:c0:34:67:5b:eb:88:48:9c:5c:63:a7:
2a:01:9a:6c:cc:0a:d6:42:93:d6:51:3b:b1:ba:1f:
62:f9:48:48:47:58:af:d5:ff:0e:4e:29:49:20:79:
5c:64:da:a2:5b:28:33:3c:e1:f3:23:7c:37:25:33:
ef:12:f7:0f:88:43:54:e2:a7:6d:47:8d:db:7c:fb:
54:28:e3:e1:1d:45:68:f0:ad:5e:1d:46:e7:b3:d7:
09:a2:6c:d2:e8:90:1e:c5:d8:41:3b:f3:93:5d:9d:
32:63:a4:21:e3:a9:b2:98:b6:43:9e:fd:9f:83:b6:
d7:d6:b3:fa:ca:4a:64:ca:af:9a:0a:62:0f:c8:41:
fb:c8:c5:8d:3b:6d:95:45:67:5c:09:27:bf:c9:e7:
8e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:91:28:50:85:A7:92:26:DE:58:FE:3D:69:43:89:26:9C:4F:10:13
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/NZEoUIWnkibeWP49aUOJJpxPEBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.4.0/22
45.146.104.0-45.146.106.255
82.118.28.0/22
141.98.72.0/24
141.98.74.0/23
212.2.239.0/24
213.225.238.0/24
Signature Algorithm: sha256WithRSAEncryption
59:38:69:6d:8e:cc:74:49:7c:b8:65:ea:b0:3e:7e:df:be:9d:
c4:41:68:e6:28:9b:8c:46:57:88:a2:b0:8b:12:2f:43:d3:7b:
21:2c:15:50:d9:68:45:5e:ef:4b:b1:df:30:51:1f:cc:7a:58:
f6:d7:83:fe:56:f4:15:8c:86:58:81:83:25:2f:44:f2:c3:8d:
9f:a0:20:8f:92:7f:9d:d3:b6:00:7a:94:3b:f8:84:42:4e:71:
9d:3a:03:62:44:7c:fd:9c:e4:77:7b:a8:27:74:3a:f8:4a:2a:
ed:ef:ce:45:64:1c:9a:fd:26:13:bb:6a:50:ad:8b:54:26:48:
24:2e:3a:fb:50:37:95:e2:28:08:bb:af:38:a2:d2:e4:0c:30:
69:37:81:d6:0f:6f:b4:1d:1f:d5:95:59:b7:ef:72:9e:9c:21:
a5:4e:f3:a5:df:04:bb:43:42:a5:bd:30:9e:46:29:ce:32:f1:
02:bb:c0:0c:b5:49:c9:8c:a2:0e:4c:6d:24:34:60:c3:04:69:
3f:0b:8c:32:bf:b0:c7:b4:7f:1e:9d:4f:ef:75:80:25:1a:b4:
d3:5d:09:ac:7c:37:ce:2e:8b:29:87:ea:4d:ac:76:21:88:e4:
c7:f4:ab:14:9b:7f:54:02:e8:4f:c3:ac:f6:53:81:78:e9:df:
76:fb:ed:e1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVtnRSdFDLYyxHmviwKNqXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwMTAxMTM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkxMjg1MDg1YTc5MjI2ZGU1OGZlM2Q2OTQzODkyNjljNGYxMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0uQlSxkAEXtwLHX5gVcgz61ftWe
zIrCeMY9DMxU1AILcRUnZvAcZuZsllvGjeKbHv3KJq0KzlQDM4RSAIoJnRpcMobB
v+uHUWvckOmizslVA/0ZYfQc1ZryxIyKWdGNdtm0YTcQ5kJ5te/YwDRnW+uISJxc
Y6cqAZpszArWQpPWUTuxuh9i+UhIR1iv1f8OTilJIHlcZNqiWygzPOHzI3w3JTPv
EvcPiENU4qdtR43bfPtUKOPhHUVo8K1eHUbns9cJomzS6JAexdhBO/OTXZ0yY6Qh
46mymLZDnv2fg7bX1rP6ykpkyq+aCmIPyEH7yMWNO22VRWdcCSe/yeeOpwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDWRKFCFp5Im3lj+PWlDiSacTxATMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvTlpFb1VJV25raWJlV1A0OWFVT0pKcHhQRUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVAEMAwD
BAMtkmgDBAAtkmoDBAJSdhwDBACNYkgDBAGNYkoDBADUAu8DBADV4e4wDQYJKoZI
hvcNAQELBQADggEBAFk4aW2OzHRJfLhl6rA+ft++ncRBaOYom4xGV4iisIsSL0PT
eyEsFVDZaEVe70ux3zBRH8x6WPbXg/5W9BWMhliBgyUvRPLDjZ+gII+Sf53TtgB6
lDv4hEJOcZ06A2JEfP2c5Hd7qCd0OvhKKu3vzkVkHJr9JhO7alCti1QmSCQuOvtQ
N5XiKAi7rzii0uQMMGk3gdYPb7QdH9WVWbfvcp6cIaVO86XfBLtDQqW9MJ5GKc4y
8QK7wAy1ScmMog5MbSQ0YMMEaT8LjDK/sMe0fx6dT+91gCUatNNdCax8N84uiymH
6k2sdiGI5Mf0qxSbf1QC6E/DrPZTgXjp33b77eE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org