Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/NBJtD0mrjZrVy0usLIMHY0UxB94.roa
File: NBJtD0mrjZrVy0usLIMHY0UxB94.roa (raw, json)
Hash identifier: E13vOjwu89PVhdY9mF+lpHRTFrryLdZebGrY7iYp04c=
Subject key identifier: 34:12:6D:0F:49:AB:8D:9A:D5:CB:4B:AC:2C:83:07:63:45:31:07:DE
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018F351AAF2113D6902BDFB908B34B31E195
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/NBJtD0mrjZrVy0usLIMHY0UxB94.roa
Signing time: Wed 01 May 2024 17:01:32 +0000
ROA not before: Wed 01 May 2024 17:01:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57974
IP address blocks: 85.114.106.0/24 maxlen: 24
2a01:8b20::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:1a:af:21:13:d6:90:2b:df:b9:08:b3:4b:31:e1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: May 1 17:01:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34126d0f49ab8d9ad5cb4bac2c830763453107de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:d9:dd:52:e1:c7:25:02:87:cc:32:61:cd:
76:f8:76:ab:38:cd:a7:d2:b2:7a:04:2e:67:18:43:
7b:6d:ee:af:46:b8:98:81:af:93:69:50:51:7c:8c:
ed:d5:f9:1c:37:b8:3b:8c:a5:85:80:b9:ef:2b:c8:
9b:0f:4b:24:70:be:c6:6b:b4:42:38:02:b1:00:a0:
e5:3f:84:82:7e:63:74:4b:c6:e9:94:31:65:60:99:
85:b2:64:70:94:0c:14:8a:18:60:cf:f3:d5:78:6c:
5b:80:43:6c:ee:d1:72:3c:b0:7f:06:10:d6:f9:47:
9b:69:a9:e0:78:8a:2a:57:23:41:19:78:d0:0d:38:
b3:6a:13:1d:f8:b1:2a:58:db:29:bf:eb:01:c3:69:
08:4a:3a:bd:9a:ed:a4:06:42:8d:54:01:3b:10:6e:
0d:a4:69:0c:7f:01:8f:45:5a:03:d1:49:a3:ff:27:
0d:aa:13:01:cd:ec:e2:2b:84:7d:90:d7:e6:14:b0:
3f:ab:a3:3f:50:d5:d3:1b:ac:c2:29:b3:d5:0e:a1:
d7:4f:cd:e8:f7:ff:bb:7c:0f:94:b9:6d:34:84:40:
7b:05:00:dc:bf:4c:12:85:1b:55:b3:37:38:53:87:
4b:4d:c2:59:93:76:8f:82:84:ef:31:31:a8:57:5b:
dc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:12:6D:0F:49:AB:8D:9A:D5:CB:4B:AC:2C:83:07:63:45:31:07:DE
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/NBJtD0mrjZrVy0usLIMHY0UxB94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.106.0/24
IPv6:
2a01:8b20::/29
Signature Algorithm: sha256WithRSAEncryption
0f:f2:82:62:9d:1a:14:1a:5c:9b:6c:97:be:6f:c6:10:55:7c:
d2:08:2f:ae:e8:cc:26:f3:20:a8:55:a1:14:ec:85:1f:e3:7e:
45:3f:91:9e:c8:11:28:da:ad:ae:1c:12:d8:66:71:ed:7d:7a:
5a:a6:36:32:5b:73:61:b8:3d:ae:f2:0f:4a:16:f9:99:4d:b3:
32:32:b8:e0:8b:46:df:b8:58:62:0e:b3:9c:0b:ac:54:cb:99:
41:6b:0b:00:8a:a8:b1:8c:0f:e8:98:fc:88:a4:85:2b:06:3c:
67:1c:81:0f:73:a9:9f:9a:52:b6:24:fe:1d:48:43:3f:49:c8:
39:f1:4a:a6:b6:5d:6b:11:71:45:6b:5f:3d:07:01:59:bf:d3:
1f:bc:61:17:5b:ed:39:3e:62:5c:28:98:3b:7d:15:ed:43:97:
d3:1c:53:9c:e1:65:c0:04:7e:bb:14:d6:82:cb:b3:3f:5a:df:
a4:2d:20:ec:9a:79:a4:b5:61:38:b3:0c:b2:42:f1:58:89:54:
21:1d:cc:fc:3c:c5:14:85:03:e1:80:8a:16:b1:e1:e4:5a:72:
77:49:87:fc:b6:ee:ed:61:a2:ef:1c:82:e2:7d:8f:71:d2:78:
a6:e9:74:fb:1f:2c:e5:ae:4a:b2:21:40:2f:44:24:05:fd:79:
5a:0c:28:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY81Gq8hE9aQK9+5CLNLMeGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjQwNTAxMTcwMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDEyNmQwZjQ5YWI4ZDlhZDVjYjRiYWMyYzgzMDc2MzQ1MzEwN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf/Z3VLhxyUCh8wyYc12+HarOM2n
0rJ6BC5nGEN7be6vRriYga+TaVBRfIzt1fkcN7g7jKWFgLnvK8ibD0skcL7Ga7RC
OAKxAKDlP4SCfmN0S8bplDFlYJmFsmRwlAwUihhgz/PVeGxbgENs7tFyPLB/BhDW
+UebaangeIoqVyNBGXjQDTizahMd+LEqWNspv+sBw2kISjq9mu2kBkKNVAE7EG4N
pGkMfwGPRVoD0Umj/ycNqhMBzeziK4R9kNfmFLA/q6M/UNXTG6zCKbPVDqHXT83o
9/+7fA+UuW00hEB7BQDcv0wShRtVszc4U4dLTcJZk3aPgoTvMTGoV1vchwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDQSbQ9Jq42a1ctLrCyDB2NFMQfeMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvTkJKdEQwbXJqWnJWeTB1c0xJTUhZMFV4Qjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVXJqMA0E
AgACMAcDBQMqAYsgMA0GCSqGSIb3DQEBCwUAA4IBAQAP8oJinRoUGlybbJe+b8YQ
VXzSCC+u6Mwm8yCoVaEU7IUf435FP5GeyBEo2q2uHBLYZnHtfXpapjYyW3NhuD2u
8g9KFvmZTbMyMrjgi0bfuFhiDrOcC6xUy5lBawsAiqixjA/omPyIpIUrBjxnHIEP
c6mfmlK2JP4dSEM/Scg58Uqmtl1rEXFFa189BwFZv9MfvGEXW+05PmJcKJg7fRXt
Q5fTHFOc4WXABH67FNaCy7M/Wt+kLSDsmnmktWE4swyyQvFYiVQhHcz8PMUUhQPh
gIoWseHkWnJ3SYf8tu7tYaLvHILifY9x0nim6XT7HyzlrkqyIUAvRCQF/XlaDCgZ
-----END CERTIFICATE-----
Generated at Mon May 13 16:03:26 2024 by rpki-client on console-ams.rpki-client.org