Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/NMzk_8Rl4BsvIDbu9hw1nlP7KpM.roa
File: NMzk_8Rl4BsvIDbu9hw1nlP7KpM.roa (raw, json)
Hash identifier: mxUfa27OB1TAAlmYm5x56nkknkDy+6wRzqfrAOl/Usc=
Subject key identifier: 34:CC:E4:FF:C4:65:E0:1B:2F:20:36:EE:F6:1C:35:9E:53:FB:2A:93
Certificate issuer: /CN=0297a58998f0974347081c17f25eedd65fad9661
Certificate serial: 018CC64A86706004F5AB1B61171323CAAEBC
Authority key identifier: 02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/NMzk_8Rl4BsvIDbu9hw1nlP7KpM.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199365
IP address blocks: 164.138.1.0/24 maxlen: 24
164.138.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:86:70:60:04:f5:ab:1b:61:17:13:23:ca:ae:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0297a58998f0974347081c17f25eedd65fad9661
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34cce4ffc465e01b2f2036eef61c359e53fb2a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:74:fe:70:31:a6:7e:fa:e2:e6:48:02:1e:d4:
07:5a:51:9d:a1:8b:50:bd:2b:0a:1c:76:e1:f8:d5:
b3:ea:ab:c2:e6:84:71:fd:d2:27:fa:cf:ef:4f:79:
fb:96:2d:9e:5f:18:7f:b6:17:34:89:37:4e:b3:4b:
c2:c6:2c:ce:27:fc:f1:d7:f8:71:db:27:0f:c5:6d:
63:11:19:1e:30:0f:be:fc:a5:7d:e8:e8:97:2c:27:
e8:40:33:81:91:17:77:07:56:d7:e0:8a:b6:58:b0:
37:42:d9:a4:95:39:2b:b2:21:45:9b:ef:01:73:41:
d8:94:53:44:a8:93:d2:99:a2:f4:d9:1f:d5:b5:d0:
5c:eb:f8:cd:c9:fe:f6:60:a0:0b:78:3e:64:82:d3:
78:f8:60:d8:87:9d:ca:9a:9e:71:1a:0b:f7:38:55:
ec:89:4d:7e:38:b1:47:51:85:1d:33:d6:95:6d:02:
94:9b:bc:ac:39:c3:87:cd:f8:3e:17:04:e2:72:59:
aa:12:66:5d:6b:61:80:d1:4e:d2:58:6c:62:c4:48:
60:20:bf:6f:af:90:2f:30:f1:4f:dd:06:a5:f5:62:
5b:2e:1f:dc:ba:b9:3b:20:a2:ef:1e:4e:be:5f:9f:
c3:9f:b3:69:5d:5f:45:b9:11:f1:a9:61:94:5d:69:
68:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CC:E4:FF:C4:65:E0:1B:2F:20:36:EE:F6:1C:35:9E:53:FB:2A:93
X509v3 Authority Key Identifier:
keyid:02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/NMzk_8Rl4BsvIDbu9hw1nlP7KpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/ApeliZjwl0NHCBwX8l7t1l-tlmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.1.0/24
164.138.3.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f2:fa:fc:e8:ad:0b:6f:b2:f0:fe:c2:a4:f4:8e:75:9b:c7:
d7:34:4e:6a:dc:1c:de:64:26:39:46:b4:3b:12:4c:cc:bc:ca:
35:9d:b8:cd:7b:3b:9d:92:bb:bd:0a:3b:a8:5e:7b:ad:22:8a:
fd:41:c4:16:cb:47:a9:a1:58:21:88:b2:0f:00:10:93:99:b4:
04:04:01:61:20:85:b1:61:38:01:47:6e:81:ca:e2:40:58:a2:
f5:f5:6b:17:c6:ef:a4:2c:75:96:b8:cb:e0:24:42:b8:14:58:
b3:12:1b:4e:52:79:22:ae:fe:13:a3:ac:bc:b1:fd:96:15:15:
c4:c2:d5:ad:fe:38:50:36:d7:3e:1a:1b:e8:83:a4:c8:aa:cf:
07:95:97:b5:a0:08:58:90:06:81:f4:a0:16:a2:61:fe:da:36:
f3:40:7b:81:65:a5:bc:a7:82:6e:3a:3d:14:30:d4:7c:a7:19:
c2:ee:f1:e6:6f:27:0b:b0:fd:1d:b2:84:03:5c:71:f6:7c:a8:
dc:aa:dd:64:e1:f6:ce:51:7b:d0:5b:54:fe:9f:4b:b7:90:bf:
ae:78:02:b2:39:53:f1:cc:fa:f5:62:9d:06:03:6b:86:81:9a:
b9:cd:3e:b7:8f:a0:ca:9c:08:a6:2f:ae:26:46:56:d6:c2:dc:
f8:f3:8f:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSoZwYAT1qxthFxMjyq68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTdhNTg5OThmMDk3NDM0NzA4MWMxN2YyNWVlZGQ2NWZh
ZDk2NjEwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNjZTRmZmM0NjVlMDFiMmYyMDM2ZWVmNjFjMzU5ZTUzZmIyYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHT+cDGmfvri5kgCHtQHWlGdoYtQ
vSsKHHbh+NWz6qvC5oRx/dIn+s/vT3n7li2eXxh/thc0iTdOs0vCxizOJ/zx1/hx
2ycPxW1jERkeMA++/KV96OiXLCfoQDOBkRd3B1bX4Iq2WLA3QtmklTkrsiFFm+8B
c0HYlFNEqJPSmaL02R/VtdBc6/jNyf72YKALeD5kgtN4+GDYh53Kmp5xGgv3OFXs
iU1+OLFHUYUdM9aVbQKUm7ysOcOHzfg+FwTiclmqEmZda2GA0U7SWGxixEhgIL9v
r5AvMPFP3Qal9WJbLh/curk7IKLvHk6+X5/Dn7NpXV9FuRHxqWGUXWloiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTM5P/EZeAbLyA27vYcNZ5T+yqTMB8GA1UdIwQY
MBaAFAKXpYmY8JdDRwgcF/Je7dZfrZZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2Qt
NTc5NTMxZTVhMDBmLzEvTk16a184Umw0QnN2SURidTlodzFubFA3S3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2QtNTc5NTMxZTVhMDBm
LzEvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQApIoBAwQA
pIoDMA0GCSqGSIb3DQEBCwUAA4IBAQBg8vr86K0Lb7Lw/sKk9I51m8fXNE5q3Bze
ZCY5RrQ7EkzMvMo1nbjNezudkru9CjuoXnutIor9QcQWy0epoVghiLIPABCTmbQE
BAFhIIWxYTgBR26ByuJAWKL19WsXxu+kLHWWuMvgJEK4FFizEhtOUnkirv4To6y8
sf2WFRXEwtWt/jhQNtc+Ghvog6TIqs8HlZe1oAhYkAaB9KAWomH+2jbzQHuBZaW8
p4JuOj0UMNR8pxnC7vHmbycLsP0dsoQDXHH2fKjcqt1k4fbOUXvQW1T+n0u3kL+u
eAKyOVPxzPr1Yp0GA2uGgZq5zT63j6DKnAimL64mRlbWwtz4848x
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:13 2025 by rpki-client