Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/nqoPtLexU2lmaPSeinp8P_N2pTo.roa
File: nqoPtLexU2lmaPSeinp8P_N2pTo.roa (raw, json)
Hash identifier: DRF8J7BMUcgx+wxi398xel2UF4sr6q/gPQUB9S9p650=
Subject key identifier: 9E:AA:0F:B4:B7:B1:53:69:66:68:F4:9E:8A:7A:7C:3F:F3:76:A5:3A
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019360350E40FCEA3C1A2C69B86A022BD810
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/nqoPtLexU2lmaPSeinp8P_N2pTo.roa
Signing time: Sun 24 Nov 2024 22:05:09 +0000
ROA not before: Sun 24 Nov 2024 22:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.42.0/23 maxlen: 24
109.111.60.0/22 maxlen: 24
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:60:35:0e:40:fc:ea:3c:1a:2c:69:b8:6a:02:2b:d8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 24 22:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eaa0fb4b7b153696668f49e8a7a7c3ff376a53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:ca:d2:c8:0b:04:3b:45:b8:d2:7a:8d:a1:
00:e5:ad:2f:fd:c8:b1:35:c0:9c:d3:0f:6f:f7:f0:
d2:17:46:6e:29:cd:41:a4:8b:0e:33:f3:3b:5c:f7:
6b:80:27:24:9b:42:75:b1:4b:ff:e8:f5:44:ea:22:
e8:92:f5:af:63:b1:0e:56:8c:fb:17:6d:cd:96:59:
f2:2f:2b:d3:e4:95:b8:3c:1e:21:58:3d:64:9a:10:
49:be:f3:9d:16:8b:2a:ae:f9:1a:07:d5:32:61:d9:
05:74:b1:b9:50:52:25:3c:0b:ff:83:6b:12:35:39:
fe:00:25:6b:d6:ae:df:cd:d7:5c:87:2d:94:a4:c2:
50:ca:fa:b9:cb:b2:cc:46:d3:9f:29:9f:22:d4:9a:
d3:2c:90:b9:4b:8a:2b:41:ee:2f:25:0e:e3:da:ff:
a1:5d:5e:dc:48:46:1e:2f:f4:41:4a:07:b6:cc:04:
8e:c3:c4:6c:5d:1d:5b:23:4a:22:f2:34:79:6c:c1:
03:ea:9d:f5:6d:43:6f:06:c8:bb:8b:d8:9e:1a:62:
83:fb:26:a3:ac:2c:48:0b:b8:d2:45:a5:8e:03:72:
37:b7:b7:b5:6c:8d:85:1f:d7:ab:cb:04:bc:bf:bf:
5b:51:2a:3f:4d:7c:c4:ff:70:de:de:f3:51:c6:ab:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AA:0F:B4:B7:B1:53:69:66:68:F4:9E:8A:7A:7C:3F:F3:76:A5:3A
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/nqoPtLexU2lmaPSeinp8P_N2pTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/20
109.111.32.0/20
109.111.60.0/22
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
9e:00:48:90:a3:aa:16:ca:37:d4:b3:66:5a:87:8a:35:ad:71:
76:48:fe:86:2f:ff:b1:95:70:7d:91:6e:b7:23:ac:a3:43:4a:
3b:f2:15:e0:57:6b:46:ff:e5:c6:c9:b5:11:eb:b9:98:a9:f6:
db:f7:01:83:a1:b6:49:b3:76:12:fb:a6:94:8d:21:b9:a4:5e:
9d:1f:e1:d8:51:80:92:c1:6d:26:18:9a:02:9b:74:d3:3f:e0:
c9:6f:e1:2f:f5:89:6b:fe:1c:5d:c0:22:f1:1b:bc:1d:b4:f2:
a4:bf:e5:03:30:54:d3:3f:3d:f8:9e:35:16:8c:c5:35:2a:95:
10:4c:60:86:dc:ba:a6:0f:84:43:2e:70:d5:6b:24:ad:11:af:
4d:9b:f1:ac:dd:74:07:a8:ba:8d:fe:13:bf:c8:78:30:8b:b3:
a9:d1:7f:fa:a9:74:fd:fc:29:6d:b6:b4:15:c1:2b:43:b0:fc:
f6:7c:66:c3:8d:9c:8e:c6:f1:7b:3d:77:88:06:34:44:00:26:
f1:c8:64:89:15:5c:ef:f0:5b:6b:d9:47:a5:71:8f:cc:28:50:
5a:61:c8:59:ea:0b:1d:e7:17:af:26:ee:fc:2e:65:be:f6:93:
f7:70:56:4b:8d:0a:93:98:be:77:da:d6:2b:04:78:16:77:98:
a9:29:c2:f4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNgNQ5A/Oo8GixpuGoCK9gQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQxMTI0MjIwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFhMGZiNGI3YjE1MzY5NjY2OGY0OWU4YTdhN2MzZmYzNzZhNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrnK0sgLBDtFuNJ6jaEA5a0v/cix
NcCc0w9v9/DSF0ZuKc1BpIsOM/M7XPdrgCckm0J1sUv/6PVE6iLokvWvY7EOVoz7
F23NllnyLyvT5JW4PB4hWD1kmhBJvvOdFosqrvkaB9UyYdkFdLG5UFIlPAv/g2sS
NTn+ACVr1q7fzddchy2UpMJQyvq5y7LMRtOfKZ8i1JrTLJC5S4orQe4vJQ7j2v+h
XV7cSEYeL/RBSge2zASOw8RsXR1bI0oi8jR5bMED6p31bUNvBsi7i9ieGmKD+yaj
rCxIC7jSRaWOA3I3t7e1bI2FH9erywS8v79bUSo/TXzE/3De3vNRxqvU8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ6qD7S3sVNpZmj0nop6fD/zdqU6MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvbnFvUHRMZXhVMmxtYVBTZWlucDhQX04ycFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEX1IAAwQE
bW8gAwQCbW88MAwDBAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAJ4ASJCj
qhbKN9SzZlqHijWtcXZI/oYv/7GVcH2RbrcjrKNDSjvyFeBXa0b/5cbJtRHruZip
9tv3AYOhtkmzdhL7ppSNIbmkXp0f4dhRgJLBbSYYmgKbdNM/4Mlv4S/1iWv+HF3A
IvEbvB208qS/5QMwVNM/PfieNRaMxTUqlRBMYIbcuqYPhEMucNVrJK0Rr02b8azd
dAeouo3+E7/IeDCLs6nRf/qpdP38KW22tBXBK0Ow/PZ8ZsONnI7G8Xs9d4gGNEQA
JvHIZIkVXO/wW2vZR6Vxj8woUFphyFnqCx3nF68m7vwuZb72k/dwVkuNCpOYvnfa
1isEeBZ3mKkpwvQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:46 2025 by rpki-client