Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/NXQMZ9XqI9H4Fap0T2efSJIGk5Y.roa
File: NXQMZ9XqI9H4Fap0T2efSJIGk5Y.roa (raw, json)
Hash identifier: DPWCXh/CSGN12CTMXMeywisSzwhkqWhQ/oxKKauFNGI=
Subject key identifier: 35:74:0C:67:D5:EA:23:D1:F8:15:AA:74:4F:67:9F:48:92:06:93:96
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B2320318E95F848202F00A30BE04B7
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/NXQMZ9XqI9H4Fap0T2efSJIGk5Y.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205355
IP address blocks: 88.220.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:32:03:18:e9:5f:84:82:02:f0:0a:30:be:04:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35740c67d5ea23d1f815aa744f679f4892069396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0f:f6:2c:0e:ff:35:2d:d0:6b:72:fb:3f:0b:
2e:c0:a4:bd:5b:20:48:15:b0:e5:37:82:70:c1:4e:
ad:52:01:87:41:9b:ea:16:68:39:ba:a2:bc:58:cc:
ed:af:18:35:0a:2d:61:21:6c:a9:c6:b0:68:e3:fc:
f1:19:df:1f:a4:8b:c5:c7:f8:0f:9f:99:49:54:be:
97:d2:3e:46:dc:77:31:5c:d0:ec:96:1c:1d:96:87:
32:76:bb:f2:e4:e7:d7:17:3b:e3:1b:0b:01:d8:c1:
00:88:50:1c:58:4a:be:8e:f3:d6:23:71:49:7e:73:
b0:d1:56:64:82:80:8e:d0:de:5b:e7:8a:0b:9b:25:
29:94:ad:f8:d0:ef:63:d7:99:dc:53:55:d2:af:91:
ae:52:03:9d:26:60:2f:12:ef:c8:51:39:1f:10:8e:
ea:bb:7e:57:5c:18:af:36:8a:43:e0:54:ba:90:0b:
b5:11:ba:0b:6a:13:1c:bf:88:6b:e1:12:3b:f2:f7:
3b:a1:a6:89:8b:08:c9:d7:80:f5:34:41:f2:b3:84:
7d:6d:e7:d9:84:f9:ea:b7:21:1b:d1:4f:c6:99:37:
44:d3:b4:6b:29:a9:f1:43:8b:1e:86:e1:98:93:dc:
a8:0c:58:c3:27:6e:3e:92:3c:c5:44:4a:2c:06:d3:
4a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:74:0C:67:D5:EA:23:D1:F8:15:AA:74:4F:67:9F:48:92:06:93:96
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/NXQMZ9XqI9H4Fap0T2efSJIGk5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.94.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:a4:59:20:d2:61:a3:dd:a9:88:eb:19:ad:48:26:98:2b:88:
50:d8:af:18:23:b2:1d:c6:41:b2:db:42:d1:3c:39:4e:04:b8:
8d:20:30:fb:bf:8f:c6:08:4c:bd:c7:80:b7:5c:bf:19:d6:8d:
f4:88:ae:e4:87:8d:32:55:78:07:07:ad:41:08:33:8b:92:5c:
67:97:5b:e9:ae:61:c1:26:6d:6e:17:65:ab:b0:63:2c:4c:cc:
fb:72:42:e1:44:5d:ae:6b:b7:3d:ce:37:ac:1e:1b:6b:03:84:
83:8e:93:19:d4:99:a1:99:15:1f:ab:73:38:1f:68:eb:01:c6:
a1:39:11:4b:31:f0:48:a2:f0:71:0f:41:c6:7c:46:17:6f:d7:
fe:17:13:5d:da:ea:90:06:00:87:dc:d3:a8:1b:17:78:68:79:
44:75:34:17:4d:02:bb:bc:32:9c:c7:ed:9f:8d:7b:db:82:fb:
69:42:54:e7:6b:4d:2b:7f:a3:d9:f5:23:31:7f:db:5a:e1:e0:
48:86:4f:bb:2e:ca:32:51:1a:55:9b:d3:f4:82:e3:45:f5:d8:
3b:6e:32:ea:1e:ee:5b:fb:89:62:cd:67:43:30:32:01:cc:38:
89:c5:85:ac:2b:b6:2c:2a:56:3a:4d:5b:82:5e:47:04:fb:79:
47:78:f9:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjIDGOlfhIIC8AowvgS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc0MGM2N2Q1ZWEyM2QxZjgxNWFhNzQ0ZjY3OWY0ODkyMDY5Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ/2LA7/NS3Qa3L7PwsuwKS9WyBI
FbDlN4JwwU6tUgGHQZvqFmg5uqK8WMztrxg1Ci1hIWypxrBo4/zxGd8fpIvFx/gP
n5lJVL6X0j5G3HcxXNDslhwdlocydrvy5OfXFzvjGwsB2MEAiFAcWEq+jvPWI3FJ
fnOw0VZkgoCO0N5b54oLmyUplK340O9j15ncU1XSr5GuUgOdJmAvEu/IUTkfEI7q
u35XXBivNopD4FS6kAu1EboLahMcv4hr4RI78vc7oaaJiwjJ14D1NEHys4R9befZ
hPnqtyEb0U/GmTdE07RrKanxQ4sehuGYk9yoDFjDJ24+kjzFREosBtNKYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV0DGfV6iPR+BWqdE9nn0iSBpOWMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvTlhRTVo5WHFJOUg0RmFwMFQyZWZTSklHazVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxeMA0G
CSqGSIb3DQEBCwUAA4IBAQCzpFkg0mGj3amI6xmtSCaYK4hQ2K8YI7IdxkGy20LR
PDlOBLiNIDD7v4/GCEy9x4C3XL8Z1o30iK7kh40yVXgHB61BCDOLklxnl1vprmHB
Jm1uF2WrsGMsTMz7ckLhRF2ua7c9zjesHhtrA4SDjpMZ1JmhmRUfq3M4H2jrAcah
ORFLMfBIovBxD0HGfEYXb9f+FxNd2uqQBgCH3NOoGxd4aHlEdTQXTQK7vDKcx+2f
jXvbgvtpQlTna00rf6PZ9SMxf9ta4eBIhk+7LsoyURpVm9P0guNF9dg7bjLqHu5b
+4lizWdDMDIBzDiJxYWsK7YsKlY6TVuCXkcE+3lHePlG
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:13 2025 by rpki-client