Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nJtWVAK4rVZ-QksjyqcUPdq2E-0.roa
File: nJtWVAK4rVZ-QksjyqcUPdq2E-0.roa (raw, json)
Hash identifier: fPIupekHjPTLOUuEW0SI4UjXbZKLCETnBj5TxkygoP8=
Subject key identifier: 9C:9B:56:54:02:B8:AD:56:7E:42:4B:23:CA:A7:14:3D:DA:B6:13:ED
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240CA4D134D9B54F43E2E71583DE50
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nJtWVAK4rVZ-QksjyqcUPdq2E-0.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 46.20.216.0/21 maxlen: 24
86.104.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0c:a4:d1:34:d9:b5:4f:43:e2:e7:15:83:de:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c9b565402b8ad567e424b23caa7143ddab613ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0e:fa:1c:ff:ca:92:7c:39:9d:ca:06:66:7f:
52:e8:5d:55:e7:e5:9c:d2:c9:b9:e0:48:5c:cb:08:
88:5b:fe:d5:d5:fd:7a:b7:f3:46:f0:11:50:75:99:
bb:29:4a:d9:ef:3d:37:0b:79:0b:16:9b:d9:35:01:
b9:d3:cb:63:db:a4:da:f3:9d:6a:bc:43:8e:ef:01:
c8:5f:1c:b1:42:d1:55:0d:a9:a4:6a:f9:ea:b4:c8:
4c:3e:d7:05:de:c9:08:4d:93:6a:58:a8:8b:e4:34:
3e:23:b1:f8:48:ec:3e:26:ac:d1:3d:92:5f:bc:5a:
84:0f:3b:6f:94:8a:c4:3b:8d:15:ac:48:ab:9f:6a:
41:e2:12:f0:51:1b:d7:b2:4d:56:2d:2b:88:27:5f:
05:f2:31:b7:65:79:82:72:2b:83:27:fc:39:54:8d:
b1:02:77:54:99:25:6d:7f:de:d4:a9:08:02:55:55:
a3:c2:d9:b0:4e:94:71:75:ad:54:88:35:14:cb:27:
5c:ab:cc:d3:69:38:e3:38:59:8f:28:aa:bd:04:da:
06:05:1b:db:e6:18:70:c1:8c:04:84:33:16:39:2b:
98:18:f3:72:24:d5:1d:c9:49:b1:9c:8b:b2:88:5b:
3e:c3:d9:b3:8c:b1:da:15:19:e1:24:5c:38:2c:bb:
13:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9B:56:54:02:B8:AD:56:7E:42:4B:23:CA:A7:14:3D:DA:B6:13:ED
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nJtWVAK4rVZ-QksjyqcUPdq2E-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
86.104.164.0/22
Signature Algorithm: sha256WithRSAEncryption
59:a4:e0:34:61:19:20:a4:cb:93:41:61:3b:43:4e:03:7f:57:
fa:96:af:4f:d7:98:d2:2d:50:05:ed:95:2c:3c:c1:25:82:3b:
c3:d1:32:c3:05:3d:28:d2:0e:03:e7:0d:b3:27:87:b4:42:e2:
3d:3c:2b:ef:de:23:6c:bb:a1:61:7c:54:fb:d4:80:5f:5d:df:
26:b5:7a:07:a7:0e:bd:e6:1b:17:05:b3:2f:e9:45:8f:7f:4e:
a4:2c:57:6e:da:c2:31:1e:27:26:62:6d:12:52:b4:2f:1b:e0:
f5:96:9a:d8:7d:0c:15:45:4c:fd:30:0b:7c:a4:b9:bf:e7:c9:
3c:5c:f0:35:ee:40:33:d5:45:cd:00:1b:e5:70:9b:6c:f2:a2:
c2:ba:5b:a2:ec:52:a7:d4:a9:be:76:5f:72:16:43:f3:5f:2e:
3d:b8:56:45:e0:eb:e8:7e:09:35:1f:9e:44:1d:3f:54:56:25:
b2:63:3e:8a:b0:7e:c8:10:ae:16:e8:a7:86:eb:85:a2:a3:2c:
df:8d:4f:e9:df:12:9d:bf:5d:63:3f:29:38:d7:8c:74:b6:7b:
30:6d:be:55:5d:e7:8e:66:2b:a1:3e:ce:88:58:46:a2:fd:06:
52:d9:3e:76:13:f9:b8:75:df:b6:01:f4:3f:92:84:58:3f:17:
4e:54:85:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJAyk0TTZtU9D4ucVg95QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzliNTY1NDAyYjhhZDU2N2U0MjRiMjNjYWE3MTQzZGRhYjYxM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ76HP/Kknw5ncoGZn9S6F1V5+Wc
0sm54EhcywiIW/7V1f16t/NG8BFQdZm7KUrZ7z03C3kLFpvZNQG508tj26Ta851q
vEOO7wHIXxyxQtFVDamkavnqtMhMPtcF3skITZNqWKiL5DQ+I7H4SOw+JqzRPZJf
vFqEDztvlIrEO40VrEirn2pB4hLwURvXsk1WLSuIJ18F8jG3ZXmCciuDJ/w5VI2x
AndUmSVtf97UqQgCVVWjwtmwTpRxda1UiDUUyydcq8zTaTjjOFmPKKq9BNoGBRvb
5hhwwYwEhDMWOSuYGPNyJNUdyUmxnIuyiFs+w9mzjLHaFRnhJFw4LLsTcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJybVlQCuK1WfkJLI8qnFD3athPtMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbkp0V1ZBSzRyVlotUWtzanlxY1VQZHEyRS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhTYAwQC
VmikMA0GCSqGSIb3DQEBCwUAA4IBAQBZpOA0YRkgpMuTQWE7Q04Df1f6lq9P15jS
LVAF7ZUsPMElgjvD0TLDBT0o0g4D5w2zJ4e0QuI9PCvv3iNsu6FhfFT71IBfXd8m
tXoHpw695hsXBbMv6UWPf06kLFdu2sIxHicmYm0SUrQvG+D1lprYfQwVRUz9MAt8
pLm/58k8XPA17kAz1UXNABvlcJts8qLCului7FKn1Km+dl9yFkPzXy49uFZF4Ovo
fgk1H55EHT9UViWyYz6KsH7IEK4W6KeG64WioyzfjU/p3xKdv11jPyk414x0tnsw
bb5VXeeOZiuhPs6IWEai/QZS2T52E/m4dd+2AfQ/koRYPxdOVIW+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:41 2025 by rpki-client