Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/Nv2aTAyUW8ATxvZH9BPe2xx2soI.roa
File: Nv2aTAyUW8ATxvZH9BPe2xx2soI.roa (raw, json)
Hash identifier: q+oT0bUdGWEb+eb9pRifElKAZEZwte7D5XTMC2sKwnw=
Subject key identifier: 36:FD:9A:4C:0C:94:5B:C0:13:C6:F6:47:F4:13:DE:DB:1C:76:B2:82
Certificate issuer: /CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Certificate serial: 01856C780999EDF9455D2C2C869ABBAB3863
Authority key identifier: B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/Nv2aTAyUW8ATxvZH9BPe2xx2soI.roa
Signing time: Sun 01 Jan 2023 08:34:44 +0000
ROA not before: Sun 01 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42233
IP address blocks: 176.53.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:09:99:ed:f9:45:5d:2c:2c:86:9a:bb:ab:38:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Validity
Not Before: Jan 1 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36fd9a4c0c945bc013c6f647f413dedb1c76b282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:88:81:47:b5:8c:3f:ff:1b:eb:1e:b2:12:
fa:3b:33:f6:fd:e2:54:8d:ab:07:4f:80:92:00:bd:
41:8b:54:2b:35:c5:33:f5:63:2a:3c:30:03:d9:08:
ed:e7:8e:4a:7a:1d:9d:44:2c:cc:b6:05:c3:63:90:
85:f3:76:03:ee:98:78:2d:6d:fb:c3:1c:e0:78:57:
32:e2:4f:14:ea:bd:e6:81:fd:17:69:2b:46:b6:ec:
24:25:41:77:38:d8:68:6c:53:48:06:49:4a:05:64:
b9:13:a7:14:b1:df:33:49:c6:e5:d4:cc:8c:87:5f:
1f:3c:0a:24:b1:25:b8:df:e7:2a:7f:c1:d2:9c:24:
bf:0d:bf:af:b1:ea:2d:4c:4b:4d:6d:88:19:6b:ac:
f4:f6:5d:8b:95:fc:97:b1:37:2d:56:f3:12:0f:83:
f1:6a:83:fd:e2:bc:c8:37:b0:41:4b:4e:ed:fe:20:
44:3a:79:6b:ab:2e:a3:c8:88:4f:ca:86:8d:2d:3a:
83:4a:40:4f:0a:97:00:14:ef:1a:27:0e:10:5b:f1:
cc:00:ea:8f:5e:3c:57:d9:82:d6:ec:77:9f:d3:c3:
03:a3:0e:fe:cb:d0:12:e4:80:8c:d5:51:94:b0:78:
9f:ef:35:02:df:56:2e:e7:df:47:e1:1c:25:bb:07:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FD:9A:4C:0C:94:5B:C0:13:C6:F6:47:F4:13:DE:DB:1C:76:B2:82
X509v3 Authority Key Identifier:
keyid:B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/Nv2aTAyUW8ATxvZH9BPe2xx2soI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tSBEnURVz3icZOpjy_SPw7ssdmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.146.0/24
Signature Algorithm: sha256WithRSAEncryption
32:40:3e:d4:4c:df:e7:24:df:52:c3:fa:cf:f8:31:6c:2b:47:
cd:0b:bf:f5:fc:c8:c2:f1:43:bf:8e:cc:7b:ab:0e:a7:62:d3:
36:aa:a5:ea:dc:d4:05:07:ba:83:96:b0:af:8d:fb:6d:a8:1a:
03:d1:41:b4:34:6f:e5:90:bb:be:e1:6f:18:48:77:d1:87:46:
c5:30:b8:df:84:12:27:e4:4f:6a:08:c0:fc:f4:25:63:b8:4c:
9e:5f:b0:1c:86:be:62:2a:68:a8:53:84:26:b7:80:d9:a1:0c:
7a:20:72:8b:15:6e:10:af:3d:84:8c:ce:80:81:45:d9:e9:a0:
f2:89:c7:1e:d9:23:0d:cb:ad:a4:66:19:06:42:e7:08:f7:40:
df:b5:53:16:a5:ce:fa:5f:20:3c:22:9c:b2:a5:94:b4:66:02:
5e:96:41:e0:72:dd:8a:ef:0d:52:c7:cc:df:5b:4f:b9:fe:f6:
37:ab:7d:49:82:16:38:d3:e0:9e:69:f6:ff:79:31:24:6c:30:
02:90:de:69:5e:18:b0:c9:c3:b1:68:b1:f6:d2:1a:5e:8a:45:
53:97:75:92:b0:d7:8c:c7:1f:f6:2a:41:36:c0:63:29:d8:d4:
08:69:2e:1e:c8:5b:b6:ec:55:63:58:ab:92:26:e9:49:ec:39:
87:ac:ac:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseAmZ7flFXSwshpq7qzhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjA0NDlkNDQ1NWNmNzg5YzY0ZWE2M2NiZjQ4ZmMzYmIy
Yzc2NmEwHhcNMjMwMTAxMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZkOWE0YzBjOTQ1YmMwMTNjNmY2NDdmNDEzZGVkYjFjNzZiMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw+IgUe1jD//G+seshL6OzP2/eJU
jasHT4CSAL1Bi1QrNcUz9WMqPDAD2Qjt545Keh2dRCzMtgXDY5CF83YD7ph4LW37
wxzgeFcy4k8U6r3mgf0XaStGtuwkJUF3ONhobFNIBklKBWS5E6cUsd8zScbl1MyM
h18fPAoksSW43+cqf8HSnCS/Db+vseotTEtNbYgZa6z09l2LlfyXsTctVvMSD4Px
aoP94rzIN7BBS07t/iBEOnlrqy6jyIhPyoaNLTqDSkBPCpcAFO8aJw4QW/HMAOqP
XjxX2YLW7Hef08MDow7+y9AS5ICM1VGUsHif7zUC31Yu599H4RwluweSXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDb9mkwMlFvAE8b2R/QT3tscdrKCMB8GA1UdIwQY
MBaAFLUgRJ1EVc94nGTqY8v0j8O7LHZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODIt
YTE0ZDg1Zjk5NWNiLzEvTnYyYVRBeVVXOEFUeHZaSDlCUGUyeHgyc29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODItYTE0ZDg1Zjk5NWNi
LzEvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDWSMA0G
CSqGSIb3DQEBCwUAA4IBAQAyQD7UTN/nJN9Sw/rP+DFsK0fNC7/1/MjC8UO/jsx7
qw6nYtM2qqXq3NQFB7qDlrCvjfttqBoD0UG0NG/lkLu+4W8YSHfRh0bFMLjfhBIn
5E9qCMD89CVjuEyeX7Achr5iKmioU4Qmt4DZoQx6IHKLFW4Qrz2EjM6AgUXZ6aDy
icce2SMNy62kZhkGQucI90DftVMWpc76XyA8IpyypZS0ZgJelkHgct2K7w1Sx8zf
W0+5/vY3q31JghY40+Ceafb/eTEkbDACkN5pXhiwycOxaLH20hpeikVTl3WSsNeM
xx/2KkE2wGMp2NQIaS4eyFu27FVjWKuSJulJ7DmHrKxQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:03:57 2025 by rpki-client