Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/NhvlZokh03r84RRehvt_AbNrYY4.roa
File: NhvlZokh03r84RRehvt_AbNrYY4.roa (raw, json)
Hash identifier: Ig+Zcl1zQ/83dc/fw0XGHnXB/NWZSpAw7jLfb4vSIhM=
Subject key identifier: 36:1B:E5:66:89:21:D3:7A:FC:E1:14:5E:86:FB:7F:01:B3:6B:61:8E
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 01836A802D925A984564C03D925EB5D8BB4F
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/NhvlZokh03r84RRehvt_AbNrYY4.roa
Signing time: Fri 23 Sep 2022 13:18:48 +0000
ROA not before: Fri 23 Sep 2022 13:18:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 91.232.182.0/24 maxlen: 24
91.232.184.0/24 maxlen: 24
91.232.185.0/24 maxlen: 24
176.118.80.0/21 maxlen: 21
91.233.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:80:2d:92:5a:98:45:64:c0:3d:92:5e:b5:d8:bb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Sep 23 13:18:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=361be5668921d37afce1145e86fb7f01b36b618e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:b8:c8:e4:8e:ec:2a:11:a7:e1:ca:3e:d8:
90:c6:b1:7f:d1:35:ff:c2:56:3d:b3:d3:17:82:d9:
d2:af:85:f3:73:e4:d3:0f:7a:e5:fd:0d:6d:1c:86:
02:d7:22:bd:71:e0:e6:c5:56:ff:18:2a:a8:62:f1:
87:a8:db:c1:22:c2:8c:f7:bd:5d:04:0d:af:91:ce:
11:bf:5f:b0:ff:e8:fa:7b:c0:68:28:09:43:0b:0e:
52:a8:4f:c6:16:6c:63:4b:77:b2:7b:c1:4f:ad:cd:
d7:66:47:d8:8e:17:7a:b0:8c:c9:ca:1b:0c:93:57:
b3:81:bb:18:9e:95:db:3c:ef:4f:f4:a0:3e:3f:3f:
d9:28:7c:af:74:7a:1e:b5:2d:de:ac:7e:36:c0:3b:
60:4b:20:57:d6:6e:f6:73:a7:a6:d6:a3:5c:10:2c:
cf:71:3c:e8:f9:a1:61:30:4c:9b:70:39:00:0c:1c:
4b:eb:d2:42:2a:2f:d1:18:59:f6:2d:99:cb:ba:98:
01:28:83:1e:86:01:36:08:c1:dc:62:ac:d7:fd:3a:
14:35:29:c0:b2:49:02:f5:3f:40:6e:6c:7f:53:dc:
12:c0:b7:c8:30:40:62:5d:53:7a:34:ed:bd:aa:9d:
ac:79:c2:50:99:eb:ab:41:25:da:5f:4d:b1:7b:96:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1B:E5:66:89:21:D3:7A:FC:E1:14:5E:86:FB:7F:01:B3:6B:61:8E
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/NhvlZokh03r84RRehvt_AbNrYY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.182.0/24
91.232.184.0/23
91.233.192.0/24
176.118.80.0/21
Signature Algorithm: sha256WithRSAEncryption
91:da:f4:5e:90:a6:26:b2:1e:13:75:15:53:b3:0f:6c:2a:6a:
95:4b:59:a0:c4:a0:f8:99:94:80:60:aa:1f:ec:54:1f:19:98:
f0:1b:83:ae:5f:ac:8c:12:b3:be:bc:7a:f9:38:11:60:22:68:
b6:53:ea:58:8f:5f:67:c8:51:44:e4:09:ce:bc:31:75:87:49:
d8:f4:57:cc:b9:72:9e:6f:f3:9f:35:2a:b0:06:65:df:b2:82:
b2:b0:97:1a:97:d4:3f:96:ef:e8:6f:33:a7:7c:0a:ac:b8:68:
15:0e:04:1f:29:be:2a:1c:7e:71:62:18:c1:0f:f8:e6:4a:7b:
66:1d:f1:77:06:d1:6d:39:91:60:b2:69:bb:89:73:06:e9:8b:
af:05:66:95:2a:c1:a9:f0:b0:97:1a:78:f2:5a:b9:86:d4:01:
1e:01:c8:7b:c7:02:cc:92:25:a7:d3:dd:da:13:2f:67:22:ed:
f5:5f:36:8a:1e:e2:42:e1:80:c3:33:80:44:33:cd:d2:94:96:
04:2b:09:ff:ff:db:09:94:0d:3c:a4:e0:82:2c:5b:a3:07:ae:
35:c1:d8:ab:ab:9c:d7:f6:55:aa:0b:e4:52:7f:b2:f7:47:1e:
17:f2:04:f5:b3:e1:c8:d6:4f:ef:3f:33:4a:24:68:b1:a1:28:
dc:f1:0f:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYNqgC2SWphFZMA9kl612LtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjIwOTIzMTMxODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFiZTU2Njg5MjFkMzdhZmNlMTE0NWU4NmZiN2YwMWIzNmI2MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTW4yOSO7CoRp+HKPtiQxrF/0TX/
wlY9s9MXgtnSr4Xzc+TTD3rl/Q1tHIYC1yK9ceDmxVb/GCqoYvGHqNvBIsKM971d
BA2vkc4Rv1+w/+j6e8BoKAlDCw5SqE/GFmxjS3eye8FPrc3XZkfYjhd6sIzJyhsM
k1ezgbsYnpXbPO9P9KA+Pz/ZKHyvdHoetS3erH42wDtgSyBX1m72c6em1qNcECzP
cTzo+aFhMEybcDkADBxL69JCKi/RGFn2LZnLupgBKIMehgE2CMHcYqzX/ToUNSnA
skkC9T9Abmx/U9wSwLfIMEBiXVN6NO29qp2secJQmeurQSXaX02xe5ZYYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDYb5WaJIdN6/OEUXob7fwGza2GOMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvTmh2bFpva2gwM3I4NFJSZWh2dF9BYk5yWVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+i2AwQB
W+i4AwQAW+nAAwQDsHZQMA0GCSqGSIb3DQEBCwUAA4IBAQCR2vRekKYmsh4TdRVT
sw9sKmqVS1mgxKD4mZSAYKof7FQfGZjwG4OuX6yMErO+vHr5OBFgImi2U+pYj19n
yFFE5AnOvDF1h0nY9FfMuXKeb/OfNSqwBmXfsoKysJcal9Q/lu/obzOnfAqsuGgV
DgQfKb4qHH5xYhjBD/jmSntmHfF3BtFtOZFgsmm7iXMG6YuvBWaVKsGp8LCXGnjy
WrmG1AEeAch7xwLMkiWn093aEy9nIu31XzaKHuJC4YDDM4BEM83SlJYEKwn//9sJ
lA08pOCCLFujB641wdirq5zX9lWqC+RSf7L3Rx4X8gT1s+HI1k/vPzNKJGixoSjc
8Q/S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org