Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/nxGfgou34pnTV3mld_DB8E2S708.roa
File: nxGfgou34pnTV3mld_DB8E2S708.roa (raw, json)
Hash identifier: 6cwPmVNV+sbjG4KJ9/fCL+qmwBaaOA/jrKDex/wPNPs=
Subject key identifier: 9F:11:9F:82:8B:B7:E2:99:D3:57:79:A5:77:F0:C1:F0:4D:92:EF:4F
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0193D4A6D092F847A5518917B598070EFCBF
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/nxGfgou34pnTV3mld_DB8E2S708.roa
Signing time: Tue 17 Dec 2024 12:45:22 +0000
ROA not before: Tue 17 Dec 2024 12:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211993
IP address blocks: 2.57.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:a6:d0:92:f8:47:a5:51:89:17:b5:98:07:0e:fc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Dec 17 12:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f119f828bb7e299d35779a577f0c1f04d92ef4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:4d:39:54:ca:aa:2c:8b:c8:77:d7:a1:d0:
db:a3:f8:18:09:5e:59:d9:c6:23:d4:20:6c:ec:9a:
82:f6:f2:c7:7c:83:19:4f:5e:45:28:9d:0c:52:c8:
fa:eb:46:f5:31:4e:3a:05:bd:dd:d5:31:59:23:16:
b8:9f:99:6b:6b:ae:30:c3:bc:91:48:14:b6:1e:97:
18:8e:fd:c2:a2:f4:53:e4:a1:c7:d3:91:d7:c3:a0:
a8:75:b8:96:b4:21:6f:f3:ad:b8:c2:06:97:a1:45:
32:3e:0c:f5:57:e5:ae:03:52:86:24:14:99:b2:8b:
df:f1:ef:0c:b5:8a:27:fc:12:8a:c8:17:db:47:94:
db:9b:ad:17:2f:6c:11:10:1e:4f:e4:94:7a:e5:88:
f5:b4:82:6c:25:fc:13:bc:d9:d3:d7:6e:b5:9e:b6:
eb:50:f1:46:3e:36:26:70:d6:42:4a:12:b8:2f:cf:
1c:4e:7d:2f:58:8b:a7:63:05:5a:e0:a0:a4:fd:d0:
d3:ba:0a:83:e1:d1:94:49:0a:27:c0:e5:f8:c0:9c:
e9:15:6d:79:60:09:e0:e6:c2:e4:51:33:cf:cf:36:
f2:e5:ee:b0:a5:d5:aa:92:70:25:5e:f2:eb:66:b6:
1b:e3:ce:fb:19:c5:1c:16:8f:2c:22:37:c4:d8:74:
ee:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:11:9F:82:8B:B7:E2:99:D3:57:79:A5:77:F0:C1:F0:4D:92:EF:4F
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/nxGfgou34pnTV3mld_DB8E2S708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.58.0/24
Signature Algorithm: sha256WithRSAEncryption
20:3b:48:8d:9f:1b:69:b8:43:71:70:15:ea:d3:e1:b9:3d:16:
55:31:4d:d7:a3:fa:97:d0:e4:74:dd:1e:29:88:25:06:c7:06:
d1:4c:7a:8b:3e:8c:8e:c7:7b:9e:5e:b6:78:cb:19:21:a1:99:
35:5c:a1:1f:fd:52:a8:79:a6:22:be:e9:f8:82:de:5b:7d:39:
63:4f:4b:1a:ae:73:5e:37:c3:3e:72:af:47:24:9e:9e:40:fd:
0d:f9:a3:36:27:0b:fe:d1:17:27:96:9f:d4:2c:ff:b9:98:6c:
a4:d6:64:ae:fc:bb:99:09:e6:70:5d:01:a7:5b:74:d2:cf:14:
0f:f9:64:18:bc:2e:90:b4:99:79:48:f1:c9:25:83:81:57:b0:
c8:e0:0b:d4:84:65:98:83:49:26:2d:f1:4f:78:7a:e9:4f:ab:
c6:ff:06:07:94:39:32:aa:b2:80:4e:c5:1d:9f:ba:36:96:29:
61:59:61:7b:14:05:dc:30:6b:e9:29:a9:e5:50:80:90:c9:11:
26:9e:22:b9:bb:08:72:bb:ce:cd:93:72:0e:53:6c:8c:16:52:
cd:dd:e3:9d:4d:86:d1:a6:4b:6e:c6:a4:5f:7b:1e:4e:1c:fd:
ae:fc:59:a9:77:3d:32:c7:c3:33:ed:26:9b:54:66:72:f0:8b:
08:0e:d4:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPUptCS+EelUYkXtZgHDvy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjQxMjE3MTI0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjExOWY4MjhiYjdlMjk5ZDM1Nzc5YTU3N2YwYzFmMDRkOTJlZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIJNOVTKqiyLyHfXodDbo/gYCV5Z
2cYj1CBs7JqC9vLHfIMZT15FKJ0MUsj660b1MU46Bb3d1TFZIxa4n5lra64ww7yR
SBS2HpcYjv3CovRT5KHH05HXw6CodbiWtCFv8624wgaXoUUyPgz1V+WuA1KGJBSZ
sovf8e8MtYon/BKKyBfbR5Tbm60XL2wREB5P5JR65Yj1tIJsJfwTvNnT1261nrbr
UPFGPjYmcNZCShK4L88cTn0vWIunYwVa4KCk/dDTugqD4dGUSQonwOX4wJzpFW15
YAng5sLkUTPPzzby5e6wpdWqknAlXvLrZrYb4877GcUcFo8sIjfE2HTu9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8Rn4KLt+KZ01d5pXfwwfBNku9PMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvbnhHZmdvdTM0cG5UVjNtbGRfREI4RTJTNzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjk6MA0G
CSqGSIb3DQEBCwUAA4IBAQAgO0iNnxtpuENxcBXq0+G5PRZVMU3Xo/qX0OR03R4p
iCUGxwbRTHqLPoyOx3ueXrZ4yxkhoZk1XKEf/VKoeaYivun4gt5bfTljT0sarnNe
N8M+cq9HJJ6eQP0N+aM2Jwv+0Rcnlp/ULP+5mGyk1mSu/LuZCeZwXQGnW3TSzxQP
+WQYvC6QtJl5SPHJJYOBV7DI4AvUhGWYg0kmLfFPeHrpT6vG/wYHlDkyqrKATsUd
n7o2lilhWWF7FAXcMGvpKanlUICQyREmniK5uwhyu87Nk3IOU2yMFlLN3eOdTYbR
pktuxqRfex5OHP2u/Fmpdz0yx8Mz7SabVGZy8IsIDtQv
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:01:21 2025 by rpki-client