Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/NRkt9ETHfL3n6dKxJLbN7eOP-Zs.roa
File: NRkt9ETHfL3n6dKxJLbN7eOP-Zs.roa (raw, json)
Hash identifier: HKCXVLfGPWG10cFSn4b+/TZp8Dq8A1JVEBzmQERD1zY=
Subject key identifier: 35:19:2D:F4:44:C7:7C:BD:E7:E9:D2:B1:24:B6:CD:ED:E3:8F:F9:9B
Certificate issuer: /CN=af44e855a654ec155a6868907a6b8fc17416d6a4
Certificate serial: 0BCE01F8
Authority key identifier: AF:44:E8:55:A6:54:EC:15:5A:68:68:90:7A:6B:8F:C1:74:16:D6:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0ToVaZU7BVaaGiQemuPwXQW1qQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/NRkt9ETHfL3n6dKxJLbN7eOP-Zs.roa
Signing time: Sat 01 Jan 2022 01:56:26 +0000
ROA not before: Sat 01 Jan 2022 01:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13273
IP address blocks: 195.54.62.0/23 maxlen: 24
91.216.209.0/24 maxlen: 24
213.162.32.0/20 maxlen: 24
213.91.0.0/18 maxlen: 24
185.21.152.0/22 maxlen: 24
213.162.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198050296 (0xbce01f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af44e855a654ec155a6868907a6b8fc17416d6a4
Validity
Not Before: Jan 1 01:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35192df444c77cbde7e9d2b124b6cdede38ff99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:90:f4:80:40:fb:5a:ca:80:ab:50:1e:3c:57:
09:8a:9c:68:e6:d8:e4:1b:d8:29:b8:b1:5b:20:d4:
c4:ec:a7:91:dc:af:6a:22:b1:58:6c:08:12:09:4b:
27:fb:73:1c:30:f9:60:37:7b:ec:f3:de:a3:11:8b:
23:48:e1:4e:9b:2c:ba:3e:bb:c6:66:68:73:67:f4:
b2:60:c4:2e:86:41:59:0a:d6:d2:37:9f:7b:93:35:
73:1c:b8:89:17:47:94:57:a0:21:c2:c7:e6:3e:e1:
2a:11:6c:c1:37:88:53:74:11:d4:ff:3b:c3:0d:4e:
d1:dc:2d:77:c4:7d:36:66:31:c0:e0:97:8d:a3:ba:
48:17:b5:91:85:04:aa:f6:5e:73:3b:df:ed:54:6c:
ca:ca:ca:29:01:f2:88:b9:7a:d8:4c:4c:b4:6c:21:
af:a8:ec:8a:40:de:d6:81:e3:a6:ff:91:54:01:50:
fd:3a:01:cf:8e:5d:f8:39:61:3f:bb:44:50:26:e2:
3a:61:3c:54:95:23:bd:5e:eb:0e:99:e0:c6:47:e1:
a9:f2:c1:e6:01:76:89:42:1d:87:cc:c2:0a:f0:e5:
9c:0b:e4:a5:e4:a8:12:2d:86:82:f3:bf:06:0d:6d:
46:4f:bb:72:09:5d:4d:74:e6:fa:20:47:da:a9:ee:
f6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:19:2D:F4:44:C7:7C:BD:E7:E9:D2:B1:24:B6:CD:ED:E3:8F:F9:9B
X509v3 Authority Key Identifier:
keyid:AF:44:E8:55:A6:54:EC:15:5A:68:68:90:7A:6B:8F:C1:74:16:D6:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0ToVaZU7BVaaGiQemuPwXQW1qQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/NRkt9ETHfL3n6dKxJLbN7eOP-Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/r0ToVaZU7BVaaGiQemuPwXQW1qQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/20
213.162.62.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:9c:82:01:31:e9:bd:74:c6:35:32:32:00:e2:0c:5a:2a:d8:
ef:79:a0:17:e0:aa:3c:96:0b:de:20:08:b5:9e:aa:8b:f5:dd:
37:9d:6c:f1:63:28:1f:f1:55:bb:d2:a2:8c:09:d0:d3:3d:94:
3c:17:c9:b8:8b:f3:46:7e:1a:de:6b:97:46:65:3c:e0:d5:81:
e6:3c:c0:8a:88:39:ed:cf:a7:af:07:e1:60:35:2e:00:ad:ab:
4f:76:cf:7f:77:0a:a3:da:73:65:de:1c:8e:af:9d:35:79:12:
17:61:2c:26:af:4e:9f:cb:a7:f7:60:a0:7d:51:c4:77:cb:92:
0e:7b:44:89:b4:69:47:f8:49:5f:a7:40:4a:1f:75:44:2b:68:
9e:72:97:92:1d:a4:9f:d3:cb:b2:63:93:6c:b8:87:bc:25:7c:
0f:42:f8:59:ef:81:8e:09:17:eb:b1:8d:35:9f:45:a4:13:81:
14:40:c0:48:38:77:2f:bf:fe:ae:0c:85:b4:02:66:ef:ee:7f:
c2:14:f3:21:a8:2e:7f:e6:17:4f:7d:80:7d:62:17:d3:1d:5a:
10:ef:3b:92:7d:a8:e5:e0:57:fa:da:5f:cd:c4:ff:7b:5e:66:
c9:12:13:9c:fe:ff:d6:63:2d:e2:39:36:c3:58:80:86:b6:8b:
3e:19:cf:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEC84B+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjQ0ZTg1NWE2NTRlYzE1NWE2ODY4OTA3YTZiOGZjMTc0MTZkNmE0MB4XDTIyMDEw
MTAxNTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUxOTJkZjQ0NGM3
N2NiZGU3ZTlkMmIxMjRiNmNkZWRlMzhmZjk5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaQ9IBA+1rKgKtQHjxXCYqcaObY5BvYKbixWyDUxOynkdyv
aiKxWGwIEglLJ/tzHDD5YDd77PPeoxGLI0jhTpssuj67xmZoc2f0smDELoZBWQrW
0jefe5M1cxy4iRdHlFegIcLH5j7hKhFswTeIU3QR1P87ww1O0dwtd8R9NmYxwOCX
jaO6SBe1kYUEqvZeczvf7VRsysrKKQHyiLl62ExMtGwhr6jsikDe1oHjpv+RVAFQ
/ToBz45d+DlhP7tEUCbiOmE8VJUjvV7rDpngxkfhqfLB5gF2iUIdh8zCCvDlnAvk
peSoEi2GgvO/Bg1tRk+7cgldTXTm+iBH2qnu9rsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ1GS30RMd8vefp0rEkts3t44/5mzAfBgNVHSMEGDAWgBSvROhVplTsFVpo
aJB6a4/BdBbWpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IwVG9WYVpVN0JWYWFHaVFlbXVQd1hRVzFxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvZDk4ZjVkLWEyNzYtNDI1YS05NjNmLWVjNWUyMzY2MGZiYy8x
L05Sa3Q5RVRIZkwzbjZkS3hKTGJON2VPUC1acy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ZDk4ZjVkLWEyNzYtNDI1YS05NjNmLWVjNWUyMzY2MGZiYy8xL3IwVG9WYVpVN0JW
YWFHaVFlbXVQd1hRVzFxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFvY0QMEArkVmAMEAcM2PgMEBtVb
AAMEBNWiIAMEANWiPjANBgkqhkiG9w0BAQsFAAOCAQEAXZyCATHpvXTGNTIyAOIM
WirY73mgF+CqPJYL3iAItZ6qi/XdN51s8WMoH/FVu9KijAnQ0z2UPBfJuIvzRn4a
3muXRmU84NWB5jzAiog57c+nrwfhYDUuAK2rT3bPf3cKo9pzZd4cjq+dNXkSF2Es
Jq9On8un92CgfVHEd8uSDntEibRpR/hJX6dASh91RCtonnKXkh2kn9PLsmOTbLiH
vCV8D0L4We+BjgkX67GNNZ9FpBOBFEDASDh3L7/+rgyFtAJm7+5/whTzIaguf+YX
T32AfWIX0x1aEO87kn2o5eBX+tpfzcT/e15myRITnP7/1mMt4jk2w1iAhraLPhnP
aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:30 2024 by rpki-client on console-ams.rpki-client.org