Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nxerLPe__hxclW-rgrRD2_nDvgM.roa
File: nxerLPe__hxclW-rgrRD2_nDvgM.roa (raw, json)
Hash identifier: 7b7rNWSDmW55sg+MXjmCrEgudM5TtrF3ZGBlY2reO50=
Subject key identifier: 9F:17:AB:2C:F7:BF:FE:1C:5C:95:6F:AB:82:B4:43:DB:F9:C3:BE:03
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709508D24A5C54DC155B07F898DC53B0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nxerLPe__hxclW-rgrRD2_nDvgM.roa
Signing time: Mon 02 Jan 2023 03:44:53 +0000
ROA not before: Mon 02 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15428
IP address blocks: 31.148.112.0/21 maxlen: 24
146.158.32.0/20 maxlen: 24
146.158.80.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:08:d2:4a:5c:54:dc:15:5b:07:f8:98:dc:53:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f17ab2cf7bffe1c5c956fab82b443dbf9c3be03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8b:51:71:1b:d8:95:55:bd:37:01:19:35:49:
de:7f:ed:8d:76:a4:1a:e3:e4:db:74:22:c0:f6:ab:
8d:f5:6e:8f:9d:3b:33:97:ba:8c:9d:d5:91:5b:cb:
cd:fa:c8:93:65:2b:4c:78:1f:f2:1c:21:ad:36:19:
d7:ba:8c:2a:91:52:b1:3e:84:cd:d6:67:5a:9c:6b:
f5:92:cc:6e:03:06:86:d9:f1:2c:de:3a:98:20:14:
0e:11:d8:7c:7f:74:15:bc:af:f9:25:9b:74:b2:10:
7e:47:04:da:90:a9:57:f4:83:42:1d:89:a9:f0:79:
7f:ca:36:04:dc:2b:f6:4d:86:ac:05:fd:9a:e2:12:
52:8b:8a:6b:b1:d9:9e:db:a3:cc:2d:fb:29:ef:88:
5e:63:ef:2a:cd:ed:1a:74:34:02:0a:3c:5a:0f:13:
b6:d5:ed:a8:30:33:5d:d1:f4:c4:35:ae:b5:87:8f:
ff:55:f0:8b:ff:c7:88:09:13:2b:cb:2c:62:a8:4d:
1c:33:77:80:2c:cb:e6:b3:36:4c:31:61:1d:15:68:
49:c9:80:ac:ff:29:21:1f:68:f7:1c:e4:26:a7:45:
ba:14:3b:8b:65:ea:69:7f:84:fc:7f:fd:a1:e2:f9:
ca:f7:a4:2c:83:6e:dc:96:2d:12:04:ea:70:be:a0:
1a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:17:AB:2C:F7:BF:FE:1C:5C:95:6F:AB:82:B4:43:DB:F9:C3:BE:03
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nxerLPe__hxclW-rgrRD2_nDvgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.112.0/21
146.158.32.0/20
146.158.80.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:fe:94:94:a2:e3:00:68:b6:57:d6:30:98:ea:42:52:cd:33:
48:19:fc:c8:25:f9:87:c2:69:b1:c6:f9:88:98:26:5e:c6:21:
15:f6:12:23:b5:94:0e:49:06:69:25:35:e0:c7:40:93:73:a1:
3b:3f:40:da:9a:b3:15:2f:f0:f3:52:c2:ea:ea:7d:54:5f:fa:
36:10:1b:81:7a:6c:c2:68:ca:54:3a:44:ad:b4:4d:c8:2e:e6:
31:91:ca:84:f1:b7:19:d9:7e:27:30:ed:9b:13:24:2a:e7:2a:
19:c2:e7:f2:2e:52:fe:53:a5:c0:cf:f1:4f:26:31:e7:2b:a5:
fb:41:1c:b9:3e:8f:09:51:4b:4d:18:2d:22:a6:0f:69:ca:4e:
0e:8f:43:b2:d4:04:54:58:0f:9a:f6:77:40:0f:da:d4:11:02:
e7:6f:29:2d:c4:61:0c:f5:a5:58:fa:bd:68:a7:1e:a0:48:5f:
06:ae:42:1a:ee:ce:c4:c2:20:b2:93:0a:67:9b:c9:fc:ef:45:
dc:87:0a:25:84:f9:47:2a:2b:11:72:fb:03:b0:9b:93:fa:08:
19:ff:f3:e2:0f:62:0b:3c:a7:1e:d4:32:ed:61:60:26:3c:71:
fd:89:b2:9b:4a:ca:52:e9:d0:20:f3:df:f1:c9:c5:01:5e:5e:
dc:6b:4a:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlQjSSlxU3BVbB/iY3FOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE3YWIyY2Y3YmZmZTFjNWM5NTZmYWI4MmI0NDNkYmY5YzNiZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4tRcRvYlVW9NwEZNUnef+2NdqQa
4+TbdCLA9quN9W6PnTszl7qMndWRW8vN+siTZStMeB/yHCGtNhnXuowqkVKxPoTN
1mdanGv1ksxuAwaG2fEs3jqYIBQOEdh8f3QVvK/5JZt0shB+RwTakKlX9INCHYmp
8Hl/yjYE3Cv2TYasBf2a4hJSi4prsdme26PMLfsp74heY+8qze0adDQCCjxaDxO2
1e2oMDNd0fTENa61h4//VfCL/8eICRMryyxiqE0cM3eALMvmszZMMWEdFWhJyYCs
/ykhH2j3HOQmp0W6FDuLZeppf4T8f/2h4vnK96Qsg27cli0SBOpwvqAanwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8Xqyz3v/4cXJVvq4K0Q9v5w74DMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbnhlckxQZV9faHhjbFctcmdyUkQyX25EdmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH5RwAwQE
kp4gAwQEkp5QMA0GCSqGSIb3DQEBCwUAA4IBAQCg/pSUouMAaLZX1jCY6kJSzTNI
GfzIJfmHwmmxxvmImCZexiEV9hIjtZQOSQZpJTXgx0CTc6E7P0DamrMVL/DzUsLq
6n1UX/o2EBuBemzCaMpUOkSttE3ILuYxkcqE8bcZ2X4nMO2bEyQq5yoZwufyLlL+
U6XAz/FPJjHnK6X7QRy5Po8JUUtNGC0ipg9pyk4Oj0Oy1ARUWA+a9ndAD9rUEQLn
byktxGEM9aVY+r1opx6gSF8GrkIa7s7EwiCykwpnm8n870XchwolhPlHKisRcvsD
sJuT+ggZ//PiD2ILPKce1DLtYWAmPHH9ibKbSspS6dAg89/xycUBXl7ca0oG
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:39 2025 by rpki-client