Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/Nb2AfO_WRI69ArQBKKCvpnlC5lE.roa
File: Nb2AfO_WRI69ArQBKKCvpnlC5lE.roa (raw, json)
Hash identifier: BWmmOZaepy5uwwRqhf8uve7VBR9DG2cxMgEpYGSfghk=
Subject key identifier: 35:BD:80:7C:EF:D6:44:8E:BD:02:B4:01:28:A0:AF:A6:79:42:E6:51
Certificate issuer: /CN=5758fcd22fb7a11dea8b37e4c3f622aa7a47b9ee
Certificate serial: 01856FCB828809820662ECDB1368CE4AE30D
Authority key identifier: 57:58:FC:D2:2F:B7:A1:1D:EA:8B:37:E4:C3:F6:22:AA:7A:47:B9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1j80i-3oR3qizfkw_YiqnpHue4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/Nb2AfO_WRI69ArQBKKCvpnlC5lE.roa
Signing time: Mon 02 Jan 2023 00:04:46 +0000
ROA not before: Mon 02 Jan 2023 00:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207999
IP address blocks: 95.130.0.0/22 maxlen: 22
2a0e:8d80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:82:88:09:82:06:62:ec:db:13:68:ce:4a:e3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5758fcd22fb7a11dea8b37e4c3f622aa7a47b9ee
Validity
Not Before: Jan 2 00:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35bd807cefd6448ebd02b40128a0afa67942e651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:16:a2:5f:49:76:5e:2e:93:29:25:a5:23:ac:
d3:f1:a1:96:9e:87:48:dc:b5:60:23:c2:4d:ce:bc:
25:53:da:fb:a9:2d:8d:d8:69:8b:24:f7:4a:95:26:
c3:b2:35:b5:b4:32:3f:84:58:5b:65:19:2c:95:4a:
81:ca:bc:98:0d:dd:80:15:31:91:7e:7c:8d:51:0c:
6c:16:16:5c:96:b8:54:60:43:3a:f5:3c:f5:47:35:
26:4f:bb:2b:58:03:2d:1d:f2:f0:e4:5f:7a:8e:de:
3c:a8:2d:70:4c:09:50:34:87:42:0d:71:22:79:79:
20:29:87:75:78:77:29:16:99:26:80:a3:1e:c4:64:
4f:83:f6:81:45:0a:a9:ca:1e:02:4e:be:77:52:0c:
48:7b:67:fe:6f:5b:c0:bd:61:1a:9c:8b:bf:04:f5:
6b:f5:10:40:a8:bc:a1:b0:b7:8c:31:3e:b8:30:2f:
64:88:e3:8e:e6:ae:30:76:8c:a5:6c:a8:e7:89:f8:
ed:04:42:7f:b2:4b:a4:16:57:da:27:aa:74:4a:3f:
e1:df:a8:80:dd:96:52:4a:68:bb:e7:78:2f:6d:ed:
1d:bb:f9:9c:24:ed:12:ea:ac:79:fc:26:3f:ab:26:
c0:c6:fc:d6:f6:37:f0:7d:7b:a7:b1:bc:25:08:ca:
d2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BD:80:7C:EF:D6:44:8E:BD:02:B4:01:28:A0:AF:A6:79:42:E6:51
X509v3 Authority Key Identifier:
keyid:57:58:FC:D2:2F:B7:A1:1D:EA:8B:37:E4:C3:F6:22:AA:7A:47:B9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1j80i-3oR3qizfkw_YiqnpHue4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/Nb2AfO_WRI69ArQBKKCvpnlC5lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/V1j80i-3oR3qizfkw_YiqnpHue4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.0.0/22
IPv6:
2a0e:8d80::/29
Signature Algorithm: sha256WithRSAEncryption
3b:6c:da:66:90:c1:4e:63:1b:5a:f1:b3:e4:4f:3d:40:94:0c:
87:d2:60:9e:b0:9a:66:b8:b7:9b:43:71:00:c1:47:48:da:03:
01:69:6c:2d:2a:ca:06:d6:44:1d:67:4a:3b:d0:4f:2f:3f:64:
b3:b1:76:e2:e2:17:91:39:6e:0a:2d:57:48:ca:62:0a:59:0d:
5b:0b:b1:9a:17:67:25:a3:48:5f:5c:7a:03:bd:8c:16:a3:26:
6a:c3:1e:a6:63:74:61:25:d8:e9:26:92:64:d4:1b:1e:7a:98:
d3:98:93:15:5e:c3:28:17:ad:88:6e:85:f6:5e:5c:41:48:9c:
31:43:b3:47:23:95:f7:fa:f6:df:13:dd:3e:8a:37:5b:d5:bf:
ce:85:c0:bb:78:3c:fa:e0:37:a3:ca:eb:90:36:07:45:5d:98:
de:0f:af:a9:e1:cd:a1:4c:19:bd:f3:54:4c:bc:86:a0:bb:db:
72:e4:da:ad:81:2b:80:c5:81:6c:6f:7a:e5:a2:7f:81:64:c4:
18:1e:5a:9d:7d:d8:4e:aa:cd:be:79:42:2c:c8:65:91:3f:58:
9d:76:8d:d8:d1:74:79:00:89:a4:1c:85:76:a3:56:05:33:7b:
1a:44:71:c7:a0:e5:86:52:e7:5e:89:bb:a7:86:81:b0:10:c8:
cb:e8:9a:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy4KICYIGYuzbE2jOSuMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NThmY2QyMmZiN2ExMWRlYThiMzdlNGMzZjYyMmFhN2E0
N2I5ZWUwHhcNMjMwMTAyMDAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJkODA3Y2VmZDY0NDhlYmQwMmI0MDEyOGEwYWZhNjc5NDJlNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBaiX0l2Xi6TKSWlI6zT8aGWnodI
3LVgI8JNzrwlU9r7qS2N2GmLJPdKlSbDsjW1tDI/hFhbZRkslUqByryYDd2AFTGR
fnyNUQxsFhZclrhUYEM69Tz1RzUmT7srWAMtHfLw5F96jt48qC1wTAlQNIdCDXEi
eXkgKYd1eHcpFpkmgKMexGRPg/aBRQqpyh4CTr53UgxIe2f+b1vAvWEanIu/BPVr
9RBAqLyhsLeMMT64MC9kiOOO5q4wdoylbKjnifjtBEJ/skukFlfaJ6p0Sj/h36iA
3ZZSSmi753gvbe0du/mcJO0S6qx5/CY/qybAxvzW9jfwfXunsbwlCMrSdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDW9gHzv1kSOvQK0ASigr6Z5QuZRMB8GA1UdIwQY
MBaAFFdY/NIvt6Ed6os35MP2Iqp6R7nuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFqODBpLTNvUjNxaXpma3dfWWlxbnBIdWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80ZDgyMDctZTdjYi00MjMyLTgyOTAt
MjUwYmVjOWRjY2ExLzEvTmIyQWZPX1dSSTY5QXJRQktLQ3ZwbmxDNWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80ZDgyMDctZTdjYi00MjMyLTgyOTAtMjUwYmVjOWRjY2Ex
LzEvVjFqODBpLTNvUjNxaXpma3dfWWlxbnBIdWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX4IAMA0E
AgACMAcDBQMqDo2AMA0GCSqGSIb3DQEBCwUAA4IBAQA7bNpmkMFOYxta8bPkTz1A
lAyH0mCesJpmuLebQ3EAwUdI2gMBaWwtKsoG1kQdZ0o70E8vP2SzsXbi4heROW4K
LVdIymIKWQ1bC7GaF2clo0hfXHoDvYwWoyZqwx6mY3RhJdjpJpJk1BseepjTmJMV
XsMoF62IboX2XlxBSJwxQ7NHI5X3+vbfE90+ijdb1b/OhcC7eDz64DejyuuQNgdF
XZjeD6+p4c2hTBm981RMvIagu9ty5NqtgSuAxYFsb3rlon+BZMQYHlqdfdhOqs2+
eUIsyGWRP1iddo3Y0XR5AImkHIV2o1YFM3saRHHHoOWGUudeibunhoGwEMjL6JrZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:18:23 2025 by rpki-client