Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/Nh13XKeJD5XcL5RGWgBTZOYuqb8.roa
File: Nh13XKeJD5XcL5RGWgBTZOYuqb8.roa (raw, json)
Hash identifier: EK218ECP0Q1NGG0YFe5DuyXnMEj44Ino0IVj4JmIoQA=
Subject key identifier: 36:1D:77:5C:A7:89:0F:95:DC:2F:94:46:5A:00:53:64:E6:2E:A9:BF
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 018748869D93D91E2805D04332B395CEACE4
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/Nh13XKeJD5XcL5RGWgBTZOYuqb8.roa
Signing time: Mon 03 Apr 2023 19:09:54 +0000
ROA not before: Mon 03 Apr 2023 19:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.225.236.0/24 maxlen: 24
45.132.98.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:86:9d:93:d9:1e:28:05:d0:43:32:b3:95:ce:ac:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Apr 3 19:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=361d775ca7890f95dc2f94465a005364e62ea9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:65:7c:90:c1:fe:a6:62:f1:5a:58:bd:04:8b:
eb:81:7b:9e:0a:8e:06:73:3f:e1:be:7f:0c:29:0b:
6e:fb:f6:89:90:8d:7e:ca:d9:91:b4:9e:65:e8:6a:
f2:27:f0:4d:7f:a2:7a:fd:91:a1:f1:12:7a:f1:8f:
28:9f:7a:4c:3b:9e:d3:17:45:dc:91:ba:61:36:0b:
57:ab:a7:9b:72:9f:f3:ba:39:36:f5:dd:a5:c3:2c:
8f:09:67:aa:6c:5e:2f:d6:cf:7a:c3:05:50:38:8f:
20:6c:63:b2:4f:31:65:62:ab:ea:9b:9f:1c:17:9b:
aa:08:dd:02:f3:b0:49:1c:6b:0f:17:62:f3:e8:57:
6c:fa:96:7f:2c:67:76:73:ae:91:5b:03:d8:41:a1:
d0:fb:0b:d8:39:26:f3:51:27:d0:7b:ce:f0:51:f1:
51:a1:08:a2:9e:db:4d:68:5a:42:f7:f6:60:1a:fa:
90:5e:fb:b5:33:ed:49:90:05:35:79:cd:75:af:a4:
ea:82:0e:12:3e:90:6f:9f:b2:44:60:6e:c1:a4:fa:
bb:36:16:7a:ab:c5:91:dc:a3:d4:b8:90:42:3c:57:
9b:96:e9:54:d6:7c:64:90:88:4c:38:13:65:9e:84:
07:11:17:26:4e:00:6b:c5:f1:dc:1f:a4:87:b5:c3:
7b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1D:77:5C:A7:89:0F:95:DC:2F:94:46:5A:00:53:64:E6:2E:A9:BF
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/Nh13XKeJD5XcL5RGWgBTZOYuqb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/23
213.225.236.0/24
Signature Algorithm: sha256WithRSAEncryption
02:82:7c:43:56:4f:f4:e5:0b:b4:a0:d1:34:b7:24:cb:d9:e4:
03:f0:44:d5:e1:90:0f:41:46:09:1a:3c:e1:93:9c:32:2e:e3:
c4:5b:57:3f:7b:8e:a1:9f:fe:b5:14:00:9f:2f:29:01:37:84:
05:d9:6a:bb:0a:4a:22:29:bf:9c:be:33:3a:0c:27:0f:68:d2:
9c:9d:e4:09:b8:bd:91:fd:4d:72:d9:a4:23:a8:b7:ab:e5:ce:
8f:c3:ac:34:81:ec:01:55:dc:36:0c:fc:58:1f:34:bf:5e:f3:
c7:a6:c1:77:30:ec:62:50:06:a0:a1:3f:9c:df:81:6c:db:02:
7c:16:3f:fe:db:c9:fe:cb:16:5c:a4:38:72:e5:e7:fb:9a:bf:
fd:fb:28:c3:39:8b:b6:f4:07:f6:81:fb:7f:50:1d:d5:0b:64:
b1:4f:8e:7a:d4:6e:3c:05:b4:3e:46:01:bd:43:8f:1e:d8:17:
c4:03:87:fc:aa:27:c4:cc:c1:93:f7:ae:cf:70:1c:5e:03:43:
3b:fc:f1:29:76:2c:a5:a7:63:90:48:5e:73:0b:3c:6d:fe:ad:
a6:cc:00:14:20:18:57:f6:82:e5:2b:21:d4:0c:65:a7:15:72:
67:d4:e0:48:c5:b9:0e:6f:c9:a1:50:51:29:ba:20:20:50:ed:
7b:64:06:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdIhp2T2R4oBdBDMrOVzqzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwNDAzMTkwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFkNzc1Y2E3ODkwZjk1ZGMyZjk0NDY1YTAwNTM2NGU2MmVhOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGV8kMH+pmLxWli9BIvrgXueCo4G
cz/hvn8MKQtu+/aJkI1+ytmRtJ5l6GryJ/BNf6J6/ZGh8RJ68Y8on3pMO57TF0Xc
kbphNgtXq6ebcp/zujk29d2lwyyPCWeqbF4v1s96wwVQOI8gbGOyTzFlYqvqm58c
F5uqCN0C87BJHGsPF2Lz6Fds+pZ/LGd2c66RWwPYQaHQ+wvYOSbzUSfQe87wUfFR
oQiinttNaFpC9/ZgGvqQXvu1M+1JkAU1ec11r6Tqgg4SPpBvn7JEYG7BpPq7NhZ6
q8WR3KPUuJBCPFeblulU1nxkkIhMOBNlnoQHERcmTgBrxfHcH6SHtcN7rwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDYdd1yniQ+V3C+URloAU2TmLqm/MB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvTmgxM1hLZUpENVhjTDVSR1dnQlRaT1l1cWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYRiAwQA
1eHsMA0GCSqGSIb3DQEBCwUAA4IBAQACgnxDVk/05Qu0oNE0tyTL2eQD8ETV4ZAP
QUYJGjzhk5wyLuPEW1c/e46hn/61FACfLykBN4QF2Wq7CkoiKb+cvjM6DCcPaNKc
neQJuL2R/U1y2aQjqLer5c6Pw6w0gewBVdw2DPxYHzS/XvPHpsF3MOxiUAagoT+c
34Fs2wJ8Fj/+28n+yxZcpDhy5ef7mr/9+yjDOYu29Af2gft/UB3VC2SxT4561G48
BbQ+RgG9Q48e2BfEA4f8qifEzMGT967PcBxeA0M7/PEpdiylp2OQSF5zCzxt/q2m
zAAUIBhX9oLlKyHUDGWnFXJn1OBIxbkOb8mhUFEpuiAgUO17ZAaI
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:20:18 2025 by rpki-client