Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NIDKHm7_cZUNMihpKQDzfd-ZjRA.roa
File: NIDKHm7_cZUNMihpKQDzfd-ZjRA.roa (raw, json)
Hash identifier: kaf5wyEDhcWh11clAHcF36F7W+dfPnAjUXKofTGxPck=
Subject key identifier: 34:80:CA:1E:6E:FF:71:95:0D:32:28:69:29:00:F3:7D:DF:99:8D:10
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 019427B5B9C167B7769FD103FF2F6E4AB7E0
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NIDKHm7_cZUNMihpKQDzfd-ZjRA.roa
Signing time: Thu 02 Jan 2025 15:50:08 +0000
ROA not before: Thu 02 Jan 2025 15:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42465
IP address blocks: 86.111.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b9:c1:67:b7:76:9f:d1:03:ff:2f:6e:4a:b7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 2 15:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3480ca1e6eff71950d3228692900f37ddf998d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:37:ee:10:9e:86:24:b6:cc:fa:2f:89:3e:71:
6d:d3:17:ea:65:ac:0a:cb:56:c6:89:a7:d1:ed:19:
4d:c4:1a:41:04:70:b3:43:c7:1d:8e:dd:45:62:82:
89:e8:e9:b7:b3:c8:6d:4d:27:c1:1f:4f:0c:2c:be:
b7:fc:11:fb:66:1e:f8:8f:66:7e:12:6b:b1:70:06:
ca:6b:51:41:33:9c:7c:af:ea:fd:5a:fb:0b:78:58:
a9:f2:42:b7:2c:8f:fa:3f:61:d5:9c:d6:af:68:7a:
b5:60:97:90:2b:a6:c1:02:9a:83:ec:18:cc:58:2b:
60:8b:ab:25:f0:b4:4e:d1:d6:f3:d7:67:d3:1a:4f:
88:c9:b8:d0:93:76:f1:c4:c6:17:1a:df:b4:7d:6d:
b4:f0:06:86:2e:b0:6c:9d:78:86:20:d8:ab:93:81:
00:8c:c6:b5:87:41:76:a7:4c:a1:1b:3b:51:0a:5a:
37:4a:46:78:13:c7:ad:20:02:2c:34:65:f6:bb:eb:
47:7a:1d:9a:13:fb:81:d4:82:81:b0:37:91:44:5d:
70:c8:57:01:70:01:d5:c6:05:ea:25:16:93:b8:dc:
74:47:c2:0d:fc:fc:5c:ae:33:0d:d2:0a:5a:45:d5:
92:09:ba:85:a1:1e:7e:de:cd:33:68:45:c0:9a:8f:
ad:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:80:CA:1E:6E:FF:71:95:0D:32:28:69:29:00:F3:7D:DF:99:8D:10
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NIDKHm7_cZUNMihpKQDzfd-ZjRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.216.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:09:aa:fb:8d:0f:c5:5b:ac:18:16:71:ef:45:d3:74:d4:53:
5c:0f:18:22:13:5e:99:f4:d9:e2:3a:a1:53:8d:3a:cb:8f:5f:
a5:71:62:02:a6:bf:dc:ce:28:83:75:0e:76:92:51:13:58:17:
d3:79:89:42:be:11:d9:b5:b7:43:0c:2d:3c:8e:c0:08:25:07:
85:4e:4b:a4:f6:b9:c5:a2:06:9e:d7:a4:38:41:12:76:d7:74:
a7:c6:ea:c9:b2:ef:b2:25:ea:41:fe:f1:f5:ce:a9:a0:f1:ab:
31:cc:16:9a:7f:25:46:0b:aa:c4:68:86:2e:57:d1:0a:18:c7:
dd:aa:85:91:f1:e1:de:4b:5a:ba:61:80:ba:6f:d5:65:48:16:
dd:0e:cb:b7:cb:e3:8a:b9:1a:d3:2c:ca:2e:ec:e8:0e:aa:c1:
ea:3b:84:2d:2d:3f:57:61:fc:fc:7c:bd:a9:bf:56:ee:00:61:
ee:19:6d:71:d4:fb:24:de:31:4d:9c:ac:df:dd:e1:8c:9e:20:
1b:a2:d0:42:67:08:c7:45:b0:6e:f3:80:de:f4:79:74:73:bb:
f1:55:90:70:5f:93:a4:25:19:0e:06:1d:83:de:35:30:67:67:
ab:85:40:1e:55:04:df:4b:1b:98:0b:8e:e2:ea:9c:09:ed:83:
69:50:69:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntbnBZ7d2n9ED/y9uSrfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjUwMTAyMTU1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgwY2ExZTZlZmY3MTk1MGQzMjI4NjkyOTAwZjM3ZGRmOTk4ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TfuEJ6GJLbM+i+JPnFt0xfqZawK
y1bGiafR7RlNxBpBBHCzQ8cdjt1FYoKJ6Om3s8htTSfBH08MLL63/BH7Zh74j2Z+
EmuxcAbKa1FBM5x8r+r9WvsLeFip8kK3LI/6P2HVnNavaHq1YJeQK6bBApqD7BjM
WCtgi6sl8LRO0dbz12fTGk+IybjQk3bxxMYXGt+0fW208AaGLrBsnXiGINirk4EA
jMa1h0F2p0yhGztRClo3SkZ4E8etIAIsNGX2u+tHeh2aE/uB1IKBsDeRRF1wyFcB
cAHVxgXqJRaTuNx0R8IN/PxcrjMN0gpaRdWSCbqFoR5+3s0zaEXAmo+tUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSAyh5u/3GVDTIoaSkA833fmY0QMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvTklES0htN19jWlVOTWlocEtRRHpmZC1aalJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm/YMA0G
CSqGSIb3DQEBCwUAA4IBAQCPCar7jQ/FW6wYFnHvRdN01FNcDxgiE16Z9NniOqFT
jTrLj1+lcWICpr/cziiDdQ52klETWBfTeYlCvhHZtbdDDC08jsAIJQeFTkuk9rnF
ogae16Q4QRJ213SnxurJsu+yJepB/vH1zqmg8asxzBaafyVGC6rEaIYuV9EKGMfd
qoWR8eHeS1q6YYC6b9VlSBbdDsu3y+OKuRrTLMou7OgOqsHqO4QtLT9XYfz8fL2p
v1buAGHuGW1x1Psk3jFNnKzf3eGMniAbotBCZwjHRbBu84De9Hl0c7vxVZBwX5Ok
JRkOBh2D3jUwZ2erhUAeVQTfSxuYC47i6pwJ7YNpUGlN
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:20:44 2025 by rpki-client