Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c75139-6b36-4612-9d99-9d470ced0eaf/1/nKmGXdvp19dv4qLFCNBnuLeCCZw.roa
File: nKmGXdvp19dv4qLFCNBnuLeCCZw.roa (raw, json)
Hash identifier: 7J4EbVok+mW7pZG9ym9dwOhCZKAEyYSwe4jj+04Kitk=
Subject key identifier: 9C:A9:86:5D:DB:E9:D7:D7:6F:E2:A2:C5:08:D0:67:B8:B7:82:09:9C
Certificate issuer: /CN=04d0489303a26dd4e9751964db39b6da4dbc33a4
Certificate serial: 018D12BBF24D26B07DDE6459EACBDE210FA1
Authority key identifier: 04:D0:48:93:03:A2:6D:D4:E9:75:19:64:DB:39:B6:DA:4D:BC:33:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNBIkwOibdTpdRlk2zm22k28M6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c75139-6b36-4612-9d99-9d470ced0eaf/1/nKmGXdvp19dv4qLFCNBnuLeCCZw.roa
Signing time: Tue 16 Jan 2024 14:45:23 +0000
ROA not before: Tue 16 Jan 2024 14:45:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 80.75.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:bb:f2:4d:26:b0:7d:de:64:59:ea:cb:de:21:0f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d0489303a26dd4e9751964db39b6da4dbc33a4
Validity
Not Before: Jan 16 14:45:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca9865ddbe9d7d76fe2a2c508d067b8b782099c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:95:09:7e:33:9a:67:89:37:1f:13:72:bf:b8:
80:99:3f:58:cc:2e:7b:81:8b:9a:f7:e1:5d:96:16:
49:0d:f9:f2:90:e8:c9:cd:36:16:4c:ce:22:33:c0:
09:ac:ae:b6:f2:ca:91:8e:d0:e3:fe:3f:d8:85:4a:
92:eb:2c:e0:5c:12:91:11:c1:09:f8:22:a9:78:e7:
72:16:bf:63:21:16:51:4b:08:25:79:08:e2:bc:b8:
f1:36:24:04:2e:c7:f0:10:56:1c:70:79:b3:e8:52:
de:ee:33:83:8a:9e:1c:ea:f9:67:a0:12:72:77:df:
d9:8e:c2:b5:48:c3:b1:87:91:d6:21:0b:14:98:b5:
22:6d:be:07:f9:44:9d:bc:6a:1f:f2:47:5c:6a:74:
57:d8:5f:4d:5a:39:7b:cc:f8:e7:09:dd:84:c5:4b:
01:52:d7:64:5a:50:59:6d:fb:0d:ce:3b:45:54:61:
33:4f:b7:06:a5:a8:3d:4f:8c:8d:47:e0:53:3f:b1:
a8:bc:c8:a6:bf:41:7d:46:37:73:59:d9:36:d4:a4:
d4:11:e4:75:d1:39:ba:60:1b:48:32:95:cb:38:51:
0e:fa:de:b0:a9:63:a4:22:bc:13:21:66:2d:3d:bb:
70:e6:6c:ab:a7:f3:15:f6:db:2b:a0:ae:9d:46:bf:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A9:86:5D:DB:E9:D7:D7:6F:E2:A2:C5:08:D0:67:B8:B7:82:09:9C
X509v3 Authority Key Identifier:
keyid:04:D0:48:93:03:A2:6D:D4:E9:75:19:64:DB:39:B6:DA:4D:BC:33:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNBIkwOibdTpdRlk2zm22k28M6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c75139-6b36-4612-9d99-9d470ced0eaf/1/nKmGXdvp19dv4qLFCNBnuLeCCZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c75139-6b36-4612-9d99-9d470ced0eaf/1/BNBIkwOibdTpdRlk2zm22k28M6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.221.0/24
Signature Algorithm: sha256WithRSAEncryption
74:90:e6:a1:91:26:0e:f5:0d:90:41:eb:50:76:f9:f4:51:23:
2e:ab:e2:13:2a:bf:9e:82:4f:89:22:7f:c6:ae:bb:09:9d:ea:
28:c0:30:31:a1:d0:cc:28:3a:cb:89:a0:a6:99:80:d4:8c:ac:
c4:1d:52:72:a8:af:01:f7:0b:c2:90:9a:f7:a2:aa:af:38:c3:
4a:f9:54:ea:ea:df:1a:56:fa:58:29:4d:6f:4e:8b:eb:58:3f:
5a:72:73:d9:55:dc:c1:22:38:0f:2a:c8:f7:c5:3e:59:35:62:
8e:57:b9:d2:6d:33:cd:c2:1b:d2:c4:52:a6:f8:17:b4:4c:30:
bd:3d:f0:b0:58:39:5a:d4:da:de:9f:e3:2b:6d:08:07:dd:12:
0e:df:58:2d:75:e4:45:c0:18:f1:67:f5:1e:f0:42:43:96:69:
59:bf:1c:f8:cb:cd:8a:9e:73:be:45:d7:0b:5b:86:cc:b3:cd:
fd:9f:3c:7a:40:a5:d4:db:6c:6c:98:b2:1b:cf:cb:da:34:91:
ca:38:19:9e:48:60:39:62:b8:54:df:a5:e1:ff:0b:9e:09:bf:
a7:71:ef:c6:b7:9d:53:f3:a8:53:32:2e:3a:41:a6:68:73:ed:
cc:d0:dc:c0:28:c8:c7:9e:e4:4e:6d:e6:52:b5:c5:fd:e4:e6:
f5:2d:75:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0Su/JNJrB93mRZ6sveIQ+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDA0ODkzMDNhMjZkZDRlOTc1MTk2NGRiMzliNmRhNGRi
YzMzYTQwHhcNMjQwMTE2MTQ0NTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E5ODY1ZGRiZTlkN2Q3NmZlMmEyYzUwOGQwNjdiOGI3ODIwOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pUJfjOaZ4k3HxNyv7iAmT9YzC57
gYua9+FdlhZJDfnykOjJzTYWTM4iM8AJrK628sqRjtDj/j/YhUqS6yzgXBKREcEJ
+CKpeOdyFr9jIRZRSwgleQjivLjxNiQELsfwEFYccHmz6FLe7jODip4c6vlnoBJy
d9/ZjsK1SMOxh5HWIQsUmLUibb4H+USdvGof8kdcanRX2F9NWjl7zPjnCd2ExUsB
UtdkWlBZbfsNzjtFVGEzT7cGpag9T4yNR+BTP7GovMimv0F9RjdzWdk21KTUEeR1
0Tm6YBtIMpXLOFEO+t6wqWOkIrwTIWYtPbtw5myrp/MV9tsroK6dRr8JxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyphl3b6dfXb+KixQjQZ7i3ggmcMB8GA1UdIwQY
MBaAFATQSJMDom3U6XUZZNs5ttpNvDOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5CSWt3T2liZFRwZFJsazJ6bTIyazI4TTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jNzUxMzktNmIzNi00NjEyLTlkOTkt
OWQ0NzBjZWQwZWFmLzEvbkttR1hkdnAxOWR2NHFMRkNOQm51TGVDQ1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jNzUxMzktNmIzNi00NjEyLTlkOTktOWQ0NzBjZWQwZWFm
LzEvQk5CSWt3T2liZFRwZFJsazJ6bTIyazI4TTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEvdMA0G
CSqGSIb3DQEBCwUAA4IBAQB0kOahkSYO9Q2QQetQdvn0USMuq+ITKr+egk+JIn/G
rrsJneoowDAxodDMKDrLiaCmmYDUjKzEHVJyqK8B9wvCkJr3oqqvOMNK+VTq6t8a
VvpYKU1vTovrWD9acnPZVdzBIjgPKsj3xT5ZNWKOV7nSbTPNwhvSxFKm+Be0TDC9
PfCwWDla1Nren+MrbQgH3RIO31gtdeRFwBjxZ/Ue8EJDlmlZvxz4y82KnnO+RdcL
W4bMs839nzx6QKXU22xsmLIbz8vaNJHKOBmeSGA5YrhU36Xh/wueCb+nce/Gt51T
86hTMi46QaZoc+3M0NzAKMjHnuRObeZStcX95Ob1LXVa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:13 2025 by rpki-client