Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/nykQMGC3EtAm8wKq1L4a3XIP3Kc.roa
File: nykQMGC3EtAm8wKq1L4a3XIP3Kc.roa (raw, json)
Hash identifier: c3Us6B2QlLCYPzTMd2FkzmwwgQ7mYiTSyEXFqqXxZJ4=
Subject key identifier: 9F:29:10:30:60:B7:12:D0:26:F3:02:AA:D4:BE:1A:DD:72:0F:DC:A7
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 018CCA990F008D8D1C52831CCADFE3C56E8D
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/nykQMGC3EtAm8wKq1L4a3XIP3Kc.roa
Signing time: Tue 02 Jan 2024 14:34:37 +0000
ROA not before: Tue 02 Jan 2024 14:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51248
IP address blocks: 192.145.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:0f:00:8d:8d:1c:52:83:1c:ca:df:e3:c5:6e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 2 14:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f29103060b712d026f302aad4be1add720fdca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dd:8e:95:14:88:c7:f9:93:d1:88:10:da:86:
42:26:34:93:ff:89:cc:00:22:19:62:a5:96:4b:e1:
bc:d0:2c:61:03:08:1e:c1:39:a1:df:b8:ca:8a:ff:
c8:a9:2e:50:b7:57:d1:4e:fa:ce:39:10:18:cf:be:
0a:e1:10:b6:e7:de:23:0d:6d:2a:c2:bf:cf:05:ff:
38:5d:54:fa:95:2a:f8:69:d4:41:a5:da:13:f4:ed:
ef:11:e9:0b:c8:c3:7b:d1:57:ed:26:df:01:5f:a6:
a6:52:ea:c3:91:fe:ef:b7:1e:bf:2b:97:58:c4:fd:
88:15:10:9d:12:0e:8e:78:8d:f5:b3:6f:e1:cc:75:
cf:b2:43:d8:74:bd:d1:c2:df:4c:15:ff:89:6d:05:
11:ad:5e:ea:f8:60:70:95:54:7b:01:16:47:aa:a1:
eb:54:85:64:e2:06:8c:c1:5f:fa:7f:8b:82:7a:10:
82:71:6b:fe:da:95:80:62:4b:2b:1c:2b:c4:82:2f:
09:cb:eb:4f:4b:06:5d:42:a7:49:2b:6f:25:f0:1b:
43:f7:87:16:80:9f:05:77:c1:41:60:57:c1:61:8b:
da:a0:97:2e:48:2f:7c:8a:39:4e:a6:2c:7f:b4:b9:
da:85:89:11:94:12:f1:03:cf:55:dc:4a:19:d9:f1:
9d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:29:10:30:60:B7:12:D0:26:F3:02:AA:D4:BE:1A:DD:72:0F:DC:A7
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/nykQMGC3EtAm8wKq1L4a3XIP3Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.98.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5b:46:47:b5:a4:37:39:0c:9e:7e:78:92:5f:b4:83:b6:af:
4a:66:70:73:de:93:8d:a1:8d:35:90:0e:68:b9:53:10:52:c9:
8a:e2:0c:2f:be:73:8b:eb:12:d6:7b:99:af:e5:73:45:dd:ba:
e1:4c:41:67:a4:16:32:bf:f5:1d:1e:87:76:5c:7c:49:75:50:
55:24:03:58:0c:0e:ab:69:71:9b:a7:9a:a0:94:5d:b0:46:b7:
94:0b:15:06:a1:d2:49:e8:a4:9c:b5:22:26:c1:b5:b7:74:34:
da:b9:6a:dd:c5:02:7e:95:e3:0f:df:38:aa:1d:0d:48:79:1e:
4e:9c:57:86:90:55:ed:9c:38:6c:c8:a4:00:3d:57:52:98:b8:
17:e7:4e:42:f8:61:c7:65:3c:d7:e7:f4:04:cf:9c:71:00:63:
2e:65:5a:14:ff:7e:e4:4e:b9:cf:68:7a:67:c3:7b:19:7e:c1:
a5:0c:58:94:5a:d5:af:54:03:59:f2:8d:e2:97:27:6f:6c:28:
9a:38:f5:69:b3:87:6b:ef:8d:af:97:51:e2:f5:5f:7f:c4:b4:
4e:59:e7:a7:6c:be:71:93:6b:a1:d8:76:26:ed:1f:53:db:f3:
e1:1c:96:21:43:5d:a4:8c:00:3d:b6:42:25:16:69:28:06:f3:
d6:e5:f6:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmQ8AjY0cUoMcyt/jxW6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDAxZTU4ODkwYmYyMzBkY2FlNWQwMzA1MTE5ZmYyYzJi
OGQ0MzMwHhcNMjQwMTAyMTQzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI5MTAzMDYwYjcxMmQwMjZmMzAyYWFkNGJlMWFkZDcyMGZkY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd2OlRSIx/mT0YgQ2oZCJjST/4nM
ACIZYqWWS+G80CxhAwgewTmh37jKiv/IqS5Qt1fRTvrOORAYz74K4RC2594jDW0q
wr/PBf84XVT6lSr4adRBpdoT9O3vEekLyMN70VftJt8BX6amUurDkf7vtx6/K5dY
xP2IFRCdEg6OeI31s2/hzHXPskPYdL3Rwt9MFf+JbQURrV7q+GBwlVR7ARZHqqHr
VIVk4gaMwV/6f4uCehCCcWv+2pWAYksrHCvEgi8Jy+tPSwZdQqdJK28l8BtD94cW
gJ8Fd8FBYFfBYYvaoJcuSC98ijlOpix/tLnahYkRlBLxA89V3EoZ2fGdlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8pEDBgtxLQJvMCqtS+Gt1yD9ynMB8GA1UdIwQY
MBaAFDhAHliJC/Iw3K5dAwURn/LCuNQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYt
OGI5Y2RkYjczNDA4LzEvbnlrUU1HQzNFdEFtOHdLcTFMNGEzWElQM0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYtOGI5Y2RkYjczNDA4
LzEvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJFiMA0G
CSqGSIb3DQEBCwUAA4IBAQBJW0ZHtaQ3OQyefniSX7SDtq9KZnBz3pONoY01kA5o
uVMQUsmK4gwvvnOL6xLWe5mv5XNF3brhTEFnpBYyv/UdHod2XHxJdVBVJANYDA6r
aXGbp5qglF2wRreUCxUGodJJ6KSctSImwbW3dDTauWrdxQJ+leMP3ziqHQ1IeR5O
nFeGkFXtnDhsyKQAPVdSmLgX505C+GHHZTzX5/QEz5xxAGMuZVoU/37kTrnPaHpn
w3sZfsGlDFiUWtWvVANZ8o3ilydvbCiaOPVps4dr742vl1Hi9V9/xLROWeenbL5x
k2uh2HYm7R9T2/PhHJYhQ12kjAA9tkIlFmkoBvPW5fYz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:41 2025 by rpki-client