Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NXWBJta-_EbQ3Z9JuB5aO_lxesI.roa
File: NXWBJta-_EbQ3Z9JuB5aO_lxesI.roa (raw, json)
Hash identifier: y6SdscUa0TSBK93nrbISgTyHUfWZfiBrCoWDqjQ56Nc=
Subject key identifier: 35:75:81:26:D6:BE:FC:46:D0:DD:9F:49:B8:1E:5A:3B:F9:71:7A:C2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959CB8C6B0C764D63F8073E9F0F06F2A95
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NXWBJta-_EbQ3Z9JuB5aO_lxesI.roa
Signing time: Sun 16 Mar 2025 02:11:49 +0000
ROA not before: Sun 16 Mar 2025 02:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9c:b8:c6:b0:c7:64:d6:3f:80:73:e9:f0:f0:6f:2a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 02:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35758126d6befc46d0dd9f49b81e5a3bf9717ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:20:77:07:9d:50:f4:67:f1:bd:4f:fc:48:58:
73:13:ab:7e:a9:a1:af:61:da:52:76:d8:d3:d0:e8:
0a:da:73:80:95:03:8a:ec:6f:3d:33:0f:2b:1b:bd:
b1:82:8f:6b:37:c2:1d:80:4d:27:e7:44:10:33:18:
e4:6d:04:ac:4c:2d:3a:7f:1e:b3:33:5b:91:5d:55:
d9:bf:38:e3:a7:15:ee:14:50:5b:07:2a:4e:82:16:
68:7f:3e:3d:d7:16:94:26:d9:32:98:fd:10:a2:31:
6b:4a:51:17:9f:a5:2e:ce:b7:52:18:2b:50:1b:7f:
37:28:70:aa:43:e2:56:22:bc:3b:50:bc:7d:69:9a:
c3:8e:48:1e:1d:34:ee:28:0f:06:f7:33:3a:1c:6c:
13:2b:9e:cf:97:17:b5:e8:40:34:5a:1e:2d:dd:b5:
01:89:5c:02:74:28:92:2e:ae:fe:25:7b:05:95:c8:
6d:ac:22:6e:7e:4b:48:93:97:d1:fe:29:d0:62:df:
96:e0:a1:44:e4:9d:44:4d:f4:db:ce:a2:37:10:bf:
bd:ad:23:a0:23:30:d9:58:b9:ef:13:fb:28:c0:6f:
77:55:6f:e4:a6:42:58:38:2f:a1:06:e9:ec:e0:a2:
4f:12:17:55:d2:a6:d9:18:f4:a4:c2:ab:55:33:f8:
14:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:75:81:26:D6:BE:FC:46:D0:DD:9F:49:B8:1E:5A:3B:F9:71:7A:C2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NXWBJta-_EbQ3Z9JuB5aO_lxesI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
1d:58:21:7a:91:9c:6b:1c:bb:be:c2:b6:61:d9:c8:dd:c7:b5:
4e:ad:80:98:66:7a:57:90:b3:ab:e3:34:0f:b5:5b:76:0c:b1:
1c:93:d8:c2:a2:59:45:c5:ab:c2:a3:a6:57:4d:39:89:ff:b3:
24:39:56:f0:ce:92:80:be:c3:63:c6:7c:3a:9e:f9:30:d7:05:
bf:c0:8f:0e:08:77:fd:c5:47:50:d2:58:97:34:03:18:83:e6:
9f:66:e4:6e:15:83:3a:9d:18:5e:d5:20:51:c7:5b:cf:06:e1:
8a:78:fc:ba:83:5a:f9:a0:09:1a:b4:14:e6:46:8e:a3:5d:c6:
72:d8:cb:bd:fc:30:db:00:78:a8:f1:f9:02:09:d3:11:34:a9:
c8:2f:39:4f:61:ed:af:c0:ae:6c:d1:50:80:7a:cc:f2:c1:13:
79:61:f8:a8:6e:96:67:2c:69:9c:24:5e:e8:7e:0a:6e:33:ad:
c7:a1:60:06:2a:f9:d9:31:d2:ee:64:4c:63:28:a3:98:94:90:
c5:1b:34:95:8b:21:7a:cb:36:ba:d4:7f:2d:21:df:57:e6:52:
4c:d4:37:62:6e:19:af:85:0a:5f:4a:49:9b:20:eb:4b:ed:99:
35:ba:9d:23:8e:a2:53:c5:1d:59:50:9b:56:0f:a2:55:de:fa:
72:13:e4:5a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWcuMawx2TWP4Bz6fDwbyqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MDIxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc1ODEyNmQ2YmVmYzQ2ZDBkZDlmNDliODFlNWEzYmY5NzE3YWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iB3B51Q9GfxvU/8SFhzE6t+qaGv
YdpSdtjT0OgK2nOAlQOK7G89Mw8rG72xgo9rN8IdgE0n50QQMxjkbQSsTC06fx6z
M1uRXVXZvzjjpxXuFFBbBypOghZofz491xaUJtkymP0QojFrSlEXn6UuzrdSGCtQ
G383KHCqQ+JWIrw7ULx9aZrDjkgeHTTuKA8G9zM6HGwTK57Plxe16EA0Wh4t3bUB
iVwCdCiSLq7+JXsFlchtrCJufktIk5fR/inQYt+W4KFE5J1ETfTbzqI3EL+9rSOg
IzDZWLnvE/sowG93VW/kpkJYOC+hBuns4KJPEhdV0qbZGPSkwqtVM/gU4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDV1gSbWvvxG0N2fSbgeWjv5cXrCMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTlhXQkp0YS1fRWJRM1o5SnVCNWFPX2x4ZXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAHVghepGcaxy7vsK2YdnI3ce1
Tq2AmGZ6V5Czq+M0D7VbdgyxHJPYwqJZRcWrwqOmV005if+zJDlW8M6SgL7DY8Z8
Op75MNcFv8CPDgh3/cVHUNJYlzQDGIPmn2bkbhWDOp0YXtUgUcdbzwbhinj8uoNa
+aAJGrQU5kaOo13GctjLvfww2wB4qPH5AgnTETSpyC85T2Htr8CubNFQgHrM8sET
eWH4qG6WZyxpnCRe6H4KbjOtx6FgBir52THS7mRMYyijmJSQxRs0lYshess2utR/
LSHfV+ZSTNQ3Ym4Zr4UKX0pJmyDrS+2ZNbqdI46iU8UdWVCbVg+iVd76chPkWg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:03:59 2025 by rpki-client