Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/31eeed-388d-40c0-b17d-f553ddd9ed1a/1/nbmVOIuVbGlA2xpA2whbaoSkl60.roa
File: nbmVOIuVbGlA2xpA2whbaoSkl60.roa (raw, json)
Hash identifier: 70PvMKGXMQMI5jikM85xlBPooLtb7IA/Vc36Qg7U1Uo=
Subject key identifier: 9D:B9:95:38:8B:95:6C:69:40:DB:1A:40:DB:08:5B:6A:84:A4:97:AD
Certificate issuer: /CN=c1bea8393f6a1d37991989dd875fc531e4084031
Certificate serial: 019427B588082222C2FC4ADC13F55DA4F457
Authority key identifier: C1:BE:A8:39:3F:6A:1D:37:99:19:89:DD:87:5F:C5:31:E4:08:40:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb6oOT9qHTeZGYndh1_FMeQIQDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/31eeed-388d-40c0-b17d-f553ddd9ed1a/1/nbmVOIuVbGlA2xpA2whbaoSkl60.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212129
IP address blocks: 2001:67c:2b2c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:88:08:22:22:c2:fc:4a:dc:13:f5:5d:a4:f4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bea8393f6a1d37991989dd875fc531e4084031
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9db995388b956c6940db1a40db085b6a84a497ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:af:e3:8b:4b:66:4c:ac:86:27:bb:29:da:4d:
85:c6:27:36:49:92:ba:93:18:fe:88:dc:d9:8b:6d:
e3:40:ce:f2:d9:82:09:05:81:b9:bd:33:5a:82:f6:
8e:ce:bf:5a:de:4b:b7:eb:46:af:9e:23:0e:e4:f7:
29:78:2b:58:ee:52:ad:d5:05:eb:d3:63:46:1b:ca:
d3:09:43:a7:9d:54:bc:1a:a6:30:16:56:da:ee:96:
3a:f5:0c:4c:b9:71:da:c0:94:97:30:e2:57:31:61:
8b:1f:e4:42:74:76:58:9f:a0:b1:6c:9d:da:3a:8e:
66:65:05:c3:2a:9f:e2:79:bc:61:4c:04:11:f7:7d:
71:92:24:3e:68:06:ad:ce:ff:4f:fa:5d:46:0d:73:
05:e6:b8:27:fa:53:16:f4:9f:f7:0b:ae:cb:68:3d:
05:b0:cc:30:83:4e:99:4b:52:b4:8b:db:e2:81:ee:
5d:a3:e0:ee:37:b7:f9:f8:4b:54:51:33:85:60:77:
58:2e:17:d9:e5:1e:22:d1:74:2d:d9:bc:7a:58:3f:
4a:c8:34:64:a5:ec:5c:f7:22:c3:88:ec:37:00:e0:
fd:b6:9e:46:34:9f:ac:79:e0:0c:ba:9a:52:fa:b8:
1e:63:c5:4f:6c:a9:52:92:d8:fd:de:df:2a:b4:9c:
c6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B9:95:38:8B:95:6C:69:40:DB:1A:40:DB:08:5B:6A:84:A4:97:AD
X509v3 Authority Key Identifier:
keyid:C1:BE:A8:39:3F:6A:1D:37:99:19:89:DD:87:5F:C5:31:E4:08:40:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb6oOT9qHTeZGYndh1_FMeQIQDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/31eeed-388d-40c0-b17d-f553ddd9ed1a/1/nbmVOIuVbGlA2xpA2whbaoSkl60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/31eeed-388d-40c0-b17d-f553ddd9ed1a/1/wb6oOT9qHTeZGYndh1_FMeQIQDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2b2c::/48
Signature Algorithm: sha256WithRSAEncryption
6c:85:06:f6:48:48:a6:7e:3d:8b:e6:8a:49:bf:a1:a1:0a:b8:
81:70:ed:0f:1d:1e:a5:1c:53:27:f6:5b:bb:a1:28:7f:e7:4f:
2b:c9:ce:8a:67:ac:c4:68:7d:9e:e9:fd:6c:02:01:a4:07:f9:
e3:f8:27:76:a7:86:ad:56:ff:93:fd:c1:ee:10:4b:90:0f:c0:
ef:be:f4:67:31:f3:8e:ea:07:7e:82:4f:9f:e4:c2:ca:a1:ff:
7f:0c:75:93:64:63:ac:8d:21:4c:e3:93:1c:d8:9c:23:de:79:
9e:e6:f0:ad:8e:2c:14:a6:2e:6d:86:d1:af:22:df:a4:a0:05:
57:ff:32:5d:60:5c:c8:bb:1f:a5:a4:30:2b:17:df:61:ae:97:
9f:ac:5a:bf:c1:c9:24:e2:8c:f5:ae:62:4c:88:2b:c4:5f:10:
e2:df:32:ef:1d:21:f1:24:2d:ac:72:e7:51:78:f2:d2:d4:23:
4c:ff:74:8d:0b:e2:63:42:3a:3b:e8:d7:bd:97:4e:4f:b3:48:
59:de:f0:3f:fa:17:00:ac:bf:5a:a7:f8:a6:ec:67:68:ed:b1:
fc:b5:4b:e5:49:36:86:aa:c3:2c:a5:0f:08:2f:87:84:32:61:
87:94:99:36:b3:37:93:51:c9:9a:9c:73:35:9e:05:33:70:46:
82:df:27:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntYgIIiLC/ErcE/VdpPRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmVhODM5M2Y2YTFkMzc5OTE5ODlkZDg3NWZjNTMxZTQw
ODQwMzEwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI5OTUzODhiOTU2YzY5NDBkYjFhNDBkYjA4NWI2YTg0YTQ5N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q/ji0tmTKyGJ7sp2k2Fxic2SZK6
kxj+iNzZi23jQM7y2YIJBYG5vTNagvaOzr9a3ku360avniMO5PcpeCtY7lKt1QXr
02NGG8rTCUOnnVS8GqYwFlba7pY69QxMuXHawJSXMOJXMWGLH+RCdHZYn6CxbJ3a
Oo5mZQXDKp/iebxhTAQR931xkiQ+aAatzv9P+l1GDXMF5rgn+lMW9J/3C67LaD0F
sMwwg06ZS1K0i9vige5do+DuN7f5+EtUUTOFYHdYLhfZ5R4i0XQt2bx6WD9KyDRk
pexc9yLDiOw3AOD9tp5GNJ+seeAMuppS+rgeY8VPbKlSktj93t8qtJzGowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ25lTiLlWxpQNsaQNsIW2qEpJetMB8GA1UdIwQY
MBaAFMG+qDk/ah03mRmJ3YdfxTHkCEAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2I2b09UOXFIVGVaR1luZGgxX0ZNZVFJUURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMWVlZWQtMzg4ZC00MGMwLWIxN2Qt
ZjU1M2RkZDllZDFhLzEvbmJtVk9JdVZiR2xBMnhwQTJ3aGJhb1NrbDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMWVlZWQtMzg4ZC00MGMwLWIxN2QtZjU1M2RkZDllZDFh
LzEvd2I2b09UOXFIVGVaR1luZGgxX0ZNZVFJUURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCss
MA0GCSqGSIb3DQEBCwUAA4IBAQBshQb2SEimfj2L5opJv6GhCriBcO0PHR6lHFMn
9lu7oSh/508ryc6KZ6zEaH2e6f1sAgGkB/nj+Cd2p4atVv+T/cHuEEuQD8DvvvRn
MfOO6gd+gk+f5MLKof9/DHWTZGOsjSFM45Mc2Jwj3nme5vCtjiwUpi5thtGvIt+k
oAVX/zJdYFzIux+lpDArF99hrpefrFq/wckk4oz1rmJMiCvEXxDi3zLvHSHxJC2s
cudRePLS1CNM/3SNC+JjQjo76Ne9l05Ps0hZ3vA/+hcArL9ap/im7Gdo7bH8tUvl
STaGqsMspQ8IL4eEMmGHlJk2szeTUcmanHM1ngUzcEaC3ydP
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:05 2025 by rpki-client