Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/na2_p1_Q_2nUYM3FqNZSmbxpZdk.roa
File: na2_p1_Q_2nUYM3FqNZSmbxpZdk.roa (raw, json)
Hash identifier: My2oa4dM4Yz5aDlyVXs06FWPFTbffA+5pONgStvktaA=
Subject key identifier: 9D:AD:BF:A7:5F:D0:FF:69:D4:60:CD:C5:A8:D6:52:99:BC:69:65:D9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018602CFF5B9E23074C0FFAE0FB36E658DED
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/na2_p1_Q_2nUYM3FqNZSmbxpZdk.roa
Signing time: Mon 30 Jan 2023 13:13:48 +0000
ROA not before: Mon 30 Jan 2023 13:13:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200218
IP address blocks: 93.170.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:cf:f5:b9:e2:30:74:c0:ff:ae:0f:b3:6e:65:8d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 30 13:13:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dadbfa75fd0ff69d460cdc5a8d65299bc6965d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:29:22:c8:a6:48:5a:d7:e8:b2:34:ab:29:a9:
fa:33:f8:8a:6d:87:cc:0b:cf:fd:b2:50:95:54:12:
d7:12:31:8a:74:81:0f:c5:50:92:34:a2:db:05:8c:
1a:36:41:15:24:31:7d:a6:a6:30:ff:7e:7a:70:0b:
ce:9e:39:67:be:30:e2:65:6f:38:ae:bb:56:fb:d5:
3d:3c:a8:fe:14:97:cb:bf:cc:da:9d:9f:0f:ee:8e:
6c:31:1c:14:4f:bc:60:1f:77:25:47:1e:d0:6c:42:
61:8b:61:05:76:82:63:06:35:56:6e:af:30:d9:2b:
79:a4:54:24:c7:c4:af:7e:df:35:dd:6f:20:2e:c6:
f6:95:9c:ee:6a:d0:5d:18:ff:56:68:fd:f0:d5:fa:
31:80:5b:c1:f2:a7:ef:3b:89:8b:18:0c:81:97:2c:
f3:94:92:3c:24:83:6d:d5:d7:91:50:3d:43:62:bf:
2a:e1:66:94:11:8f:6a:40:1d:43:fb:8a:b4:86:14:
1b:c9:bf:25:a7:ba:d8:4c:46:bf:62:03:5c:f2:d7:
56:91:3a:70:8d:eb:ba:6b:2d:59:b4:c8:41:ae:85:
90:ce:d0:cc:34:9f:64:7d:85:a5:b4:ad:8e:a6:53:
26:04:17:35:60:29:59:01:16:8b:88:2d:e1:01:8d:
72:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AD:BF:A7:5F:D0:FF:69:D4:60:CD:C5:A8:D6:52:99:BC:69:65:D9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/na2_p1_Q_2nUYM3FqNZSmbxpZdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.212.0/22
Signature Algorithm: sha256WithRSAEncryption
19:92:95:3c:f7:4a:6c:35:58:e1:82:39:f1:87:06:c7:6b:8a:
99:13:0b:29:f3:bb:d5:3e:b4:94:5b:18:2d:6f:e4:be:00:62:
5a:dc:05:1f:f5:80:19:50:68:99:9c:7f:2a:d5:df:6b:2c:2b:
39:86:5b:dd:10:f1:e3:8a:72:96:7d:dc:27:50:57:33:af:64:
c7:f9:9a:82:da:e8:c7:21:d8:6a:e5:a9:02:9d:01:b1:2e:de:
b3:5e:77:58:01:aa:94:ed:91:bd:15:11:17:23:0d:ee:43:f0:
e3:79:eb:a3:e0:07:a9:a0:4a:58:7a:d4:2d:22:70:95:2d:1a:
dc:50:9f:15:17:1b:e2:27:fd:53:35:8b:c7:63:c6:c5:a1:06:
a6:8d:bf:49:fc:90:4e:65:eb:bc:89:8a:93:cc:e5:e1:7e:b5:
67:b6:b5:c8:c5:15:ea:fc:8e:69:be:e8:d9:c1:29:50:07:20:
39:2e:0c:6d:a6:3a:8e:b7:38:d0:0e:bc:20:27:d6:4c:1d:34:
17:80:53:30:fe:d8:70:67:65:83:9a:38:7f:82:76:19:d2:d0:
40:6a:72:d5:0a:cb:4f:6a:fd:cc:39:b0:61:67:92:05:68:d0:
5e:c1:f9:36:a3:6a:74:84:af:b9:ce:16:b8:b9:ef:fd:b0:f8:
b1:db:d1:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYCz/W54jB0wP+uD7NuZY3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTMwMTMxMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFkYmZhNzVmZDBmZjY5ZDQ2MGNkYzVhOGQ2NTI5OWJjNjk2NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgikiyKZIWtfosjSrKan6M/iKbYfM
C8/9slCVVBLXEjGKdIEPxVCSNKLbBYwaNkEVJDF9pqYw/356cAvOnjlnvjDiZW84
rrtW+9U9PKj+FJfLv8zanZ8P7o5sMRwUT7xgH3clRx7QbEJhi2EFdoJjBjVWbq8w
2St5pFQkx8Svft813W8gLsb2lZzuatBdGP9WaP3w1foxgFvB8qfvO4mLGAyBlyzz
lJI8JINt1deRUD1DYr8q4WaUEY9qQB1D+4q0hhQbyb8lp7rYTEa/YgNc8tdWkTpw
jeu6ay1ZtMhBroWQztDMNJ9kfYWltK2OplMmBBc1YClZARaLiC3hAY1yZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2tv6df0P9p1GDNxajWUpm8aWXZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbmEyX3AxX1FfMm5VWU0zRnFOWlNtYnhwWmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXarUMA0G
CSqGSIb3DQEBCwUAA4IBAQAZkpU890psNVjhgjnxhwbHa4qZEwsp87vVPrSUWxgt
b+S+AGJa3AUf9YAZUGiZnH8q1d9rLCs5hlvdEPHjinKWfdwnUFczr2TH+ZqC2ujH
Idhq5akCnQGxLt6zXndYAaqU7ZG9FREXIw3uQ/Djeeuj4AepoEpYetQtInCVLRrc
UJ8VFxviJ/1TNYvHY8bFoQamjb9J/JBOZeu8iYqTzOXhfrVntrXIxRXq/I5pvujZ
wSlQByA5LgxtpjqOtzjQDrwgJ9ZMHTQXgFMw/thwZ2WDmjh/gnYZ0tBAanLVCstP
av3MObBhZ5IFaNBewfk2o2p0hK+5zha4ue/9sPix29E5
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:45 2025 by rpki-client