Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NFz55rSB_x40_Sn5gmNLWbayQM4.roa
File: NFz55rSB_x40_Sn5gmNLWbayQM4.roa (raw, json)
Hash identifier: 2p75Vwd87G22w7fJShfrsm2KQOlB4Njb9OusFjbzYaw=
Subject key identifier: 34:5C:F9:E6:B4:81:FF:1E:34:FD:29:F9:82:63:4B:59:B6:B2:40:CE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50C3AF22
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NFz55rSB_x40_Sn5gmNLWbayQM4.roa
Signing time: Sat 01 Jan 2022 16:01:39 +0000
ROA not before: Sat 01 Jan 2022 16:01:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9096
IP address blocks: 217.192.86.0/24 maxlen: 24
212.243.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355001634 (0x50c3af22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=345cf9e6b481ff1e34fd29f982634b59b6b240ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f2:8c:17:36:f9:90:ba:2f:f0:e4:2f:f8:21:
87:4d:b6:37:87:73:1b:3c:62:58:84:11:ae:ca:74:
43:f1:69:d3:87:a2:d8:07:ff:79:b2:8e:e8:a9:f4:
c7:30:c2:2a:b9:b7:7d:52:7e:f1:e4:2c:74:8d:32:
f2:a1:0d:e1:ad:37:37:85:03:34:4e:cd:0d:47:75:
f1:b4:a7:00:a2:10:02:0d:89:87:bf:a4:57:72:99:
61:64:ae:76:3f:73:cc:ef:54:3d:96:c8:fa:d4:56:
a9:fb:ad:d3:44:13:9a:8e:c0:00:7d:51:a5:73:92:
30:df:2a:c1:d7:c9:a1:a2:f0:0c:03:25:f9:96:97:
ef:98:e7:90:d3:20:e1:8d:8d:c6:77:d6:12:d4:19:
de:a4:84:9d:e9:5c:59:cf:ad:ef:1a:17:76:70:34:
ab:84:49:08:82:14:f6:1f:e6:55:d1:c4:2f:ae:35:
6e:42:3c:6f:6d:22:2b:24:9a:a8:98:b4:f9:65:b4:
3d:fd:8f:41:42:84:55:9b:2f:e1:2e:b6:1d:72:02:
32:7c:c2:72:7e:d2:25:f7:07:24:d6:6f:4c:c7:d6:
6b:46:6e:5c:03:04:28:9a:23:b5:54:56:d2:45:d3:
bb:0f:5a:b5:10:63:f8:63:14:77:f9:73:d4:d0:30:
e4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5C:F9:E6:B4:81:FF:1E:34:FD:29:F9:82:63:4B:59:B6:B2:40:CE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NFz55rSB_x40_Sn5gmNLWbayQM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.80.0/24
217.192.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:64:39:29:ae:51:83:3d:f3:63:0d:44:b0:cf:11:c8:b6:ea:
73:6b:85:e2:18:56:04:a7:4a:de:d5:f1:ab:d3:24:07:eb:6d:
2e:13:73:22:5a:94:bf:d9:21:16:3f:08:f0:a0:93:82:2c:07:
93:4c:05:45:be:d9:92:3e:78:69:3f:4a:4f:22:d6:31:01:5f:
11:67:eb:1c:88:66:45:10:51:94:f5:a9:ae:0e:74:76:8b:7b:
a7:e8:c3:1e:c6:e3:82:a5:26:32:63:d1:6a:e2:9e:8b:85:f4:
87:a5:62:fc:12:c8:96:54:c3:87:7a:40:e5:47:a0:57:aa:cf:
e7:fc:2d:d6:39:db:95:a1:59:c4:52:82:ee:0f:af:99:69:c6:
03:12:2a:12:f2:fa:f9:6d:fb:bc:ac:e0:b6:33:3a:56:e1:5c:
67:f2:5b:6d:5d:d0:37:e1:d0:cd:a7:32:fe:4d:ad:57:27:18:
82:ab:d4:2f:3e:6f:ba:53:90:d6:f5:c7:25:87:72:17:6a:5b:
38:16:55:65:fa:54:23:3e:4c:47:d2:74:d9:7f:1b:9b:03:4f:
79:a1:3e:2a:18:83:b3:dd:3e:c3:65:3b:62:f3:6e:24:66:dc:
35:81:e7:44:62:80:93:aa:73:fb:7c:b3:96:4a:bf:b5:f8:8e:
98:14:f9:e5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEUMOvIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ1Y2Y5ZTZiNDgx
ZmYxZTM0ZmQyOWY5ODI2MzRiNTliNmIyNDBjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDyjBc2+ZC6L/DkL/ghh022N4dzGzxiWIQRrsp0Q/Fp04ei
2Af/ebKO6Kn0xzDCKrm3fVJ+8eQsdI0y8qEN4a03N4UDNE7NDUd18bSnAKIQAg2J
h7+kV3KZYWSudj9zzO9UPZbI+tRWqfut00QTmo7AAH1RpXOSMN8qwdfJoaLwDAMl
+ZaX75jnkNMg4Y2NxnfWEtQZ3qSEnelcWc+t7xoXdnA0q4RJCIIU9h/mVdHEL641
bkI8b20iKySaqJi0+WW0Pf2PQUKEVZsv4S62HXICMnzCcn7SJfcHJNZvTMfWa0Zu
XAMEKJojtVRW0kXTuw9atRBj+GMUd/lz1NAw5K8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ0XPnmtIH/HjT9KfmCY0tZtrJAzjAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L05GejU1clNCX3g0MF9TbjVnbU5MV2JheVFNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANTzUAMEANnAVjANBgkqhkiG9w0B
AQsFAAOCAQEAGmQ5Ka5Rgz3zYw1EsM8RyLbqc2uF4hhWBKdK3tXxq9MkB+ttLhNz
IlqUv9khFj8I8KCTgiwHk0wFRb7Zkj54aT9KTyLWMQFfEWfrHIhmRRBRlPWprg50
dot7p+jDHsbjgqUmMmPRauKei4X0h6Vi/BLIllTDh3pA5UegV6rP5/wt1jnblaFZ
xFKC7g+vmWnGAxIqEvL6+W37vKzgtjM6VuFcZ/JbbV3QN+HQzacy/k2tVycYgqvU
Lz5vulOQ1vXHJYdyF2pbOBZVZfpUIz5MR9J02X8bmwNPeaE+KhiDs90+w2U7YvNu
JGbcNYHnRGKAk6pz+3yzlkq/tfiOmBT55Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:11 2025 by rpki-client