Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/a44fdd-0dbb-4857-b102-29973b4e342f/1/nfxxjI7pCnuwjukYfLAOqNNNG5Y.roa
File: nfxxjI7pCnuwjukYfLAOqNNNG5Y.roa (raw, json)
Hash identifier: eDE3gw4167CvJHYZtfS+Y6JapysBYaakpUn4b7QH9gs=
Subject key identifier: 9D:FC:71:8C:8E:E9:0A:7B:B0:8E:E9:18:7C:B0:0E:A8:D3:4D:1B:96
Certificate issuer: /CN=e7c84a48be16fc0deb4fde11869237e64954874d
Certificate serial: 01856F26C91C003547E7F811CA3F93BAFBAD
Authority key identifier: E7:C8:4A:48:BE:16:FC:0D:EB:4F:DE:11:86:92:37:E6:49:54:87:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58hKSL4W_A3rT94RhpI35klUh00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/a44fdd-0dbb-4857-b102-29973b4e342f/1/nfxxjI7pCnuwjukYfLAOqNNNG5Y.roa
Signing time: Sun 01 Jan 2023 21:04:50 +0000
ROA not before: Sun 01 Jan 2023 21:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 84.54.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c9:1c:00:35:47:e7:f8:11:ca:3f:93:ba:fb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c84a48be16fc0deb4fde11869237e64954874d
Validity
Not Before: Jan 1 21:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dfc718c8ee90a7bb08ee9187cb00ea8d34d1b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:48:6e:8a:1e:98:bd:a0:76:6c:2b:d1:aa:f7:
f4:d5:54:ce:fe:da:f2:47:a6:df:5d:10:b3:40:a6:
b7:a3:81:a8:f6:db:66:43:6c:34:1e:60:ed:b4:61:
ef:28:25:73:db:b1:4f:a9:56:eb:51:b8:58:e8:38:
5f:d7:bc:15:a0:20:62:81:b2:46:95:87:7a:a0:ba:
05:cf:1a:a2:34:30:58:5f:3f:32:89:4c:67:9e:7d:
cd:37:c8:dd:dd:7b:af:77:d1:f2:89:2d:e0:7e:a8:
2a:d3:2f:b7:fe:05:ca:73:50:3a:3b:08:22:30:b3:
a6:26:d3:60:1c:3f:b8:5e:3b:2d:4f:70:eb:99:05:
29:62:16:d2:bf:cb:73:fa:8b:d3:d2:8b:a7:1a:5b:
65:c1:3a:cc:96:c6:12:d4:28:84:91:c0:cb:20:80:
ef:ce:da:55:de:4a:a2:ca:ec:49:e6:a1:0e:80:95:
1c:c8:7f:9e:64:f4:15:0f:9f:88:80:3f:35:5a:8a:
c8:1c:e7:0c:0e:63:1b:9f:dc:19:f5:58:18:a9:08:
70:ff:b2:74:36:a9:01:2c:0b:f9:d9:44:36:be:76:
4b:e7:b2:ba:b4:91:88:22:11:69:2f:ef:ce:52:48:
8d:73:8b:36:3e:c0:0c:7a:14:40:8d:29:b0:77:77:
43:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FC:71:8C:8E:E9:0A:7B:B0:8E:E9:18:7C:B0:0E:A8:D3:4D:1B:96
X509v3 Authority Key Identifier:
keyid:E7:C8:4A:48:BE:16:FC:0D:EB:4F:DE:11:86:92:37:E6:49:54:87:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58hKSL4W_A3rT94RhpI35klUh00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a44fdd-0dbb-4857-b102-29973b4e342f/1/nfxxjI7pCnuwjukYfLAOqNNNG5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a44fdd-0dbb-4857-b102-29973b4e342f/1/58hKSL4W_A3rT94RhpI35klUh00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.33.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:92:59:2f:a2:ee:4e:a1:fd:58:26:f9:e4:9b:9a:d5:ba:67:
42:a9:51:dd:e0:ab:c0:79:b9:cf:63:d3:d3:ff:ca:09:69:a6:
86:51:58:69:1e:e5:37:81:3d:f8:60:f4:74:17:56:1c:1d:ba:
d9:38:58:c2:e9:d2:c0:ee:65:1a:74:f9:bc:bf:be:fc:15:01:
a1:28:7c:a2:81:58:dd:76:52:00:a1:f8:53:39:5e:2c:d8:c8:
0e:fe:34:57:49:64:d5:e4:53:e0:56:14:e1:b9:64:e8:c7:31:
66:2e:37:fc:f0:92:73:3b:c2:30:44:46:49:54:12:11:55:d8:
cd:7f:58:2d:eb:a7:7c:b3:94:1b:e1:d8:08:a5:5b:c3:cb:a0:
65:39:3a:67:71:77:8b:8c:39:e8:97:47:41:30:66:fe:18:32:
4e:fc:9b:f4:f0:1c:f8:3b:ce:72:f9:41:85:fd:d7:29:45:a6:
3f:a2:e6:fa:b7:d7:a9:66:d2:df:c3:f3:81:db:d1:51:4e:a5:
dc:b1:76:b1:20:b8:ab:77:e5:a1:9b:68:52:44:ff:f5:78:d4:
f5:2f:ad:37:de:92:a8:2d:0c:8a:0a:14:0d:c2:3a:17:e9:de:
69:03:a7:4a:38:35:db:37:61:f2:5c:c0:29:8d:60:fd:73:93:
c5:b2:8c:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJskcADVH5/gRyj+TuvutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Yzg0YTQ4YmUxNmZjMGRlYjRmZGUxMTg2OTIzN2U2NDk1
NDg3NGQwHhcNMjMwMTAxMjEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZjNzE4YzhlZTkwYTdiYjA4ZWU5MTg3Y2IwMGVhOGQzNGQxYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Uhuih6YvaB2bCvRqvf01VTO/try
R6bfXRCzQKa3o4Go9ttmQ2w0HmDttGHvKCVz27FPqVbrUbhY6Dhf17wVoCBigbJG
lYd6oLoFzxqiNDBYXz8yiUxnnn3NN8jd3Xuvd9HyiS3gfqgq0y+3/gXKc1A6Owgi
MLOmJtNgHD+4XjstT3DrmQUpYhbSv8tz+ovT0ounGltlwTrMlsYS1CiEkcDLIIDv
ztpV3kqiyuxJ5qEOgJUcyH+eZPQVD5+IgD81WorIHOcMDmMbn9wZ9VgYqQhw/7J0
NqkBLAv52UQ2vnZL57K6tJGIIhFpL+/OUkiNc4s2PsAMehRAjSmwd3dDmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ38cYyO6Qp7sI7pGHywDqjTTRuWMB8GA1UdIwQY
MBaAFOfISki+FvwN60/eEYaSN+ZJVIdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThoS1NMNFdfQTNyVDk0UmhwSTM1a2xVaDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hNDRmZGQtMGRiYi00ODU3LWIxMDIt
Mjk5NzNiNGUzNDJmLzEvbmZ4eGpJN3BDbnV3anVrWWZMQU9xTk5ORzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hNDRmZGQtMGRiYi00ODU3LWIxMDItMjk5NzNiNGUzNDJm
LzEvNThoS1NMNFdfQTNyVDk0UmhwSTM1a2xVaDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVDYhMA0G
CSqGSIb3DQEBCwUAA4IBAQC5klkvou5Oof1YJvnkm5rVumdCqVHd4KvAebnPY9PT
/8oJaaaGUVhpHuU3gT34YPR0F1YcHbrZOFjC6dLA7mUadPm8v778FQGhKHyigVjd
dlIAofhTOV4s2MgO/jRXSWTV5FPgVhThuWToxzFmLjf88JJzO8IwREZJVBIRVdjN
f1gt66d8s5Qb4dgIpVvDy6BlOTpncXeLjDnol0dBMGb+GDJO/Jv08Bz4O85y+UGF
/dcpRaY/oub6t9epZtLfw/OB29FRTqXcsXaxILird+Whm2hSRP/1eNT1L6033pKo
LQyKChQNwjoX6d5pA6dKODXbN2HyXMApjWD9c5PFsowu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:34 2025 by rpki-client