Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NUEo3jEEfAZ8gVuIordOzY5aE4A.roa
File: NUEo3jEEfAZ8gVuIordOzY5aE4A.roa (raw, json)
Hash identifier: r9xoGM8yBjIGfDNkttJURm48fz/4NtgHZwa5c3Hms4s=
Subject key identifier: 35:41:28:DE:31:04:7C:06:7C:81:5B:88:A2:B7:4E:CD:8E:5A:13:80
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570958C9BD7656539F897DAD293C4C50F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NUEo3jEEfAZ8gVuIordOzY5aE4A.roa
Signing time: Mon 02 Jan 2023 03:45:26 +0000
ROA not before: Mon 02 Jan 2023 03:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198056
IP address blocks: 93.170.106.0/23 maxlen: 24
146.158.56.0/23 maxlen: 24
146.120.111.0/24 maxlen: 24
95.46.192.0/22 maxlen: 24
95.46.110.0/23 maxlen: 24
93.171.132.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:8c:9b:d7:65:65:39:f8:97:da:d2:93:c4:c5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=354128de31047c067c815b88a2b74ecd8e5a1380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2c:f2:1d:25:0f:67:97:4c:2c:11:06:98:04:
6b:93:43:91:90:a9:36:56:85:f2:bf:07:9b:5d:5e:
38:72:78:c9:a4:e3:19:d4:28:58:d0:2f:74:b4:52:
92:3b:eb:c6:65:54:29:0e:05:da:cc:58:e9:de:3f:
df:03:2a:73:2b:b4:c0:58:41:d6:0a:2c:cb:54:72:
29:74:cd:bd:f0:02:64:cc:fb:58:b1:48:20:ca:0c:
33:d3:9e:e3:c9:50:98:e0:96:1c:62:e2:8d:81:4d:
76:76:3f:58:6d:62:bb:26:51:ac:4f:15:2e:7a:3a:
f8:70:bc:7a:b0:b6:57:07:da:ca:b7:0c:4f:61:89:
e5:b0:6f:4d:73:02:0f:96:e3:b4:94:16:7e:bd:5e:
58:3a:25:c0:ac:7f:00:73:a1:fe:c0:bb:cc:37:c2:
3c:d7:d9:ad:4d:cc:3d:f0:89:c1:5f:91:ca:91:a8:
6b:d2:b3:2f:7b:86:c4:2e:3f:e6:5a:b6:9f:52:d7:
c4:34:e3:60:9f:47:fc:96:e0:f1:29:2e:80:11:3d:
e8:2b:7d:9b:95:19:88:23:e0:51:7e:e1:7d:82:d7:
a1:b6:f0:52:b7:d3:83:d8:43:29:9e:9f:d0:14:f1:
c0:c8:49:21:b1:7d:e0:ab:db:b0:51:3d:84:bf:97:
39:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:41:28:DE:31:04:7C:06:7C:81:5B:88:A2:B7:4E:CD:8E:5A:13:80
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NUEo3jEEfAZ8gVuIordOzY5aE4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.106.0/23
93.171.132.0/23
95.46.110.0/23
95.46.192.0/22
146.120.111.0/24
146.158.56.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:bf:de:cb:3d:fd:84:77:e5:cc:95:95:fa:cc:82:a2:3e:4d:
e1:72:e2:98:35:90:04:82:0b:66:00:c3:bc:ef:f4:0c:64:b1:
5c:fc:70:d4:ec:e5:a8:80:31:86:d7:46:28:10:58:85:eb:6d:
34:26:b8:70:a2:6f:83:16:e5:53:24:19:d7:db:80:57:40:de:
a5:05:94:85:b5:47:65:15:6d:69:2f:26:65:23:7d:26:71:1b:
fb:b9:f9:f6:6b:f1:c8:2b:e3:35:dd:23:ce:05:ce:37:37:3d:
91:4c:b9:e7:a0:3a:09:f3:5b:7e:3d:6e:41:5a:e2:ea:d0:cd:
66:16:8f:63:86:b7:a2:35:db:50:cf:e3:07:3d:e6:42:2e:7a:
7b:2d:58:4d:b9:15:fe:60:69:d0:ee:d9:7e:30:fd:ae:b9:b3:
6c:5b:f9:b8:3d:3b:46:18:2c:f1:d4:1b:d3:52:0f:96:7b:e2:
1f:0f:2c:32:db:66:fb:bd:fd:a9:8e:9e:0d:cf:87:08:51:67:
d0:7a:1a:8a:72:ab:44:95:7d:cf:7c:d9:cd:7a:e0:27:67:61:
a7:4d:bc:1f:a2:55:cc:78:3f:fb:21:af:71:8c:0d:43:35:5b:
ab:32:b6:90:8b:bd:ad:9d:6f:e6:af:22:cd:9b:79:86:28:9f:
41:df:b0:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwlYyb12VlOfiX2tKTxMUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQxMjhkZTMxMDQ3YzA2N2M4MTViODhhMmI3NGVjZDhlNWExMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuizyHSUPZ5dMLBEGmARrk0ORkKk2
VoXyvwebXV44cnjJpOMZ1ChY0C90tFKSO+vGZVQpDgXazFjp3j/fAypzK7TAWEHW
CizLVHIpdM298AJkzPtYsUggygwz057jyVCY4JYcYuKNgU12dj9YbWK7JlGsTxUu
ejr4cLx6sLZXB9rKtwxPYYnlsG9NcwIPluO0lBZ+vV5YOiXArH8Ac6H+wLvMN8I8
19mtTcw98InBX5HKkahr0rMve4bELj/mWrafUtfENONgn0f8luDxKS6AET3oK32b
lRmII+BRfuF9gtehtvBSt9OD2EMpnp/QFPHAyEkhsX3gq9uwUT2Ev5c59wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDVBKN4xBHwGfIFbiKK3Ts2OWhOAMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTlVFbzNqRUVmQVo4Z1Z1SW9yZE96WTVhRTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBXapqAwQB
XauEAwQBXy5uAwQCXy7AAwQAknhvAwQBkp44MA0GCSqGSIb3DQEBCwUAA4IBAQA+
v97LPf2Ed+XMlZX6zIKiPk3hcuKYNZAEggtmAMO87/QMZLFc/HDU7OWogDGG10Yo
EFiF6200Jrhwom+DFuVTJBnX24BXQN6lBZSFtUdlFW1pLyZlI30mcRv7ufn2a/HI
K+M13SPOBc43Nz2RTLnnoDoJ81t+PW5BWuLq0M1mFo9jhreiNdtQz+MHPeZCLnp7
LVhNuRX+YGnQ7tl+MP2uubNsW/m4PTtGGCzx1BvTUg+We+IfDywy22b7vf2pjp4N
z4cIUWfQehqKcqtElX3PfNnNeuAnZ2GnTbwfolXMeD/7Ia9xjA1DNVurMraQi72t
nW/mryLNm3mGKJ9B37A6
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:50 2025 by rpki-client