Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/NfrBr0ngEZd3UNi-7AfVAcSPr88.roa
File: NfrBr0ngEZd3UNi-7AfVAcSPr88.roa (raw, json)
Hash identifier: sAx1f5O7E2p2stMUr2oDDnMPggQy5P1P9W72lqyym80=
Subject key identifier: 35:FA:C1:AF:49:E0:11:97:77:50:D8:BE:EC:07:D5:01:C4:8F:AF:CF
Certificate issuer: /CN=94ce9c4c165f1c89cb7e12b2939967dbf33c74c4
Certificate serial: 01856D6F5C0B4D543A84A6777DB615587E75
Authority key identifier: 94:CE:9C:4C:16:5F:1C:89:CB:7E:12:B2:93:99:67:DB:F3:3C:74:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lM6cTBZfHInLfhKyk5ln2_M8dMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/NfrBr0ngEZd3UNi-7AfVAcSPr88.roa
Signing time: Sun 01 Jan 2023 13:04:52 +0000
ROA not before: Sun 01 Jan 2023 13:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61130
IP address blocks: 212.1.200.0/23 maxlen: 23
212.1.204.0/23 maxlen: 23
212.1.200.0/21 maxlen: 21
212.1.202.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:5c:0b:4d:54:3a:84:a6:77:7d:b6:15:58:7e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94ce9c4c165f1c89cb7e12b2939967dbf33c74c4
Validity
Not Before: Jan 1 13:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35fac1af49e011977750d8beec07d501c48fafcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:96:77:fb:80:25:c7:92:19:51:c0:a1:70:89:
69:6a:5e:fa:a6:19:fd:2f:2b:60:91:1e:d2:87:99:
9b:9b:f0:16:ba:b2:8b:ce:43:00:c0:fe:17:b9:62:
6d:2a:39:12:20:8c:64:bb:bf:52:9a:0d:7d:9b:b8:
e3:4a:f7:2b:94:e8:87:8c:59:b8:0f:bf:87:9a:c5:
28:6c:fa:c4:0b:bd:ba:f3:05:ee:eb:c3:18:74:b4:
04:0d:11:0b:6c:e9:f8:65:9a:95:58:27:8b:75:fe:
fd:51:8b:14:70:ac:17:58:10:0d:2c:39:14:45:50:
e8:9f:9f:60:25:fa:95:3e:73:84:6c:01:b4:15:db:
72:33:46:c2:47:ec:11:5f:4a:8e:2d:7c:a7:4f:98:
59:7d:32:7b:2b:2d:a5:0f:3c:e9:9a:b0:8c:8e:81:
23:51:af:8c:17:44:9a:90:1e:da:1b:9f:9c:b4:f3:
d2:0a:33:7a:a4:59:25:9d:22:d2:35:7f:09:3e:c3:
28:ff:42:22:23:ee:bd:6d:82:e3:ca:1b:58:26:0d:
d3:d8:d3:5e:c2:34:38:18:54:ac:b9:00:43:d5:d9:
35:1f:02:96:61:5d:7a:85:4b:3c:88:29:2d:38:5a:
66:bf:50:8d:3e:23:81:5d:3e:5a:34:9f:67:08:c0:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FA:C1:AF:49:E0:11:97:77:50:D8:BE:EC:07:D5:01:C4:8F:AF:CF
X509v3 Authority Key Identifier:
keyid:94:CE:9C:4C:16:5F:1C:89:CB:7E:12:B2:93:99:67:DB:F3:3C:74:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM6cTBZfHInLfhKyk5ln2_M8dMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/NfrBr0ngEZd3UNi-7AfVAcSPr88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/217a7c-4cfd-4174-8dca-77405adaa11f/1/lM6cTBZfHInLfhKyk5ln2_M8dMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.200.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:94:72:9b:7c:7b:f5:68:69:d5:47:c4:8b:af:27:c6:f1:50:
93:63:b2:52:c3:7b:4b:d1:f7:c1:4a:2c:0c:72:4d:76:6a:31:
b7:7e:61:26:f3:6c:2f:06:04:0b:f7:bf:f3:0a:e4:55:9d:41:
b6:6e:07:52:f3:21:5b:ba:83:79:50:80:cd:a0:2d:25:da:fa:
a0:4a:03:6d:b9:9a:3c:d1:54:28:5c:48:20:a1:41:1b:e3:bb:
db:b5:32:f9:d6:04:85:e7:a0:9f:7d:e3:7d:67:fd:03:74:cb:
08:ce:f1:0c:1b:03:ee:63:d4:33:e9:58:46:df:47:21:d3:f5:
08:05:6c:32:95:57:cd:dd:8f:62:f1:6f:dc:a2:7d:c6:35:63:
d5:f7:6f:29:69:9e:09:58:1c:4e:45:e8:2a:41:9f:00:c0:e2:
02:86:e5:0b:7f:ef:23:e8:e2:97:0b:02:5b:ca:bf:65:af:78:
b8:07:e4:9a:5b:0f:1b:c4:d8:1c:10:f3:ed:5f:28:d3:9c:e1:
36:af:d2:b8:1a:31:42:16:ba:2f:4a:01:5b:d2:ec:c3:7b:74:
1f:2a:16:b9:e2:77:90:ad:d4:4c:4d:30:ca:94:5c:a7:09:ad:
f5:eb:af:3a:11:08:94:a3:35:7a:29:fa:8b:28:29:cb:33:af:
8f:2f:21:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb1wLTVQ6hKZ3fbYVWH51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U5YzRjMTY1ZjFjODljYjdlMTJiMjkzOTk2N2RiZjMz
Yzc0YzQwHhcNMjMwMTAxMTMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZhYzFhZjQ5ZTAxMTk3Nzc1MGQ4YmVlYzA3ZDUwMWM0OGZhZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5Z3+4Alx5IZUcChcIlpal76phn9
LytgkR7Sh5mbm/AWurKLzkMAwP4XuWJtKjkSIIxku79Smg19m7jjSvcrlOiHjFm4
D7+HmsUobPrEC7268wXu68MYdLQEDRELbOn4ZZqVWCeLdf79UYsUcKwXWBANLDkU
RVDon59gJfqVPnOEbAG0FdtyM0bCR+wRX0qOLXynT5hZfTJ7Ky2lDzzpmrCMjoEj
Ua+MF0SakB7aG5+ctPPSCjN6pFklnSLSNX8JPsMo/0IiI+69bYLjyhtYJg3T2NNe
wjQ4GFSsuQBD1dk1HwKWYV16hUs8iCktOFpmv1CNPiOBXT5aNJ9nCMAW6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX6wa9J4BGXd1DYvuwH1QHEj6/PMB8GA1UdIwQY
MBaAFJTOnEwWXxyJy34SspOZZ9vzPHTEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE02Y1RCWmZISW5MZmhLeWs1bG4yX004ZE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yMTdhN2MtNGNmZC00MTc0LThkY2Et
Nzc0MDVhZGFhMTFmLzEvTmZyQnIwbmdFWmQzVU5pLTdBZlZBY1NQcjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yMTdhN2MtNGNmZC00MTc0LThkY2EtNzc0MDVhZGFhMTFm
LzEvbE02Y1RCWmZISW5MZmhLeWs1bG4yX004ZE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1AHIMA0G
CSqGSIb3DQEBCwUAA4IBAQBOlHKbfHv1aGnVR8SLryfG8VCTY7JSw3tL0ffBSiwM
ck12ajG3fmEm82wvBgQL97/zCuRVnUG2bgdS8yFbuoN5UIDNoC0l2vqgSgNtuZo8
0VQoXEggoUEb47vbtTL51gSF56CffeN9Z/0DdMsIzvEMGwPuY9Qz6VhG30ch0/UI
BWwylVfN3Y9i8W/con3GNWPV928paZ4JWBxORegqQZ8AwOIChuULf+8j6OKXCwJb
yr9lr3i4B+SaWw8bxNgcEPPtXyjTnOE2r9K4GjFCFrovSgFb0uzDe3QfKha54neQ
rdRMTTDKlFynCa316686EQiUozV6KfqLKCnLM6+PLyGm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:43 2024 by rpki-client on console-ams.rpki-client.org