Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/5a7fc3-0ca8-477e-83b4-2b01e53013e2/1/NZKlLUaCJ90keH3-qd7f_4KZ_Ok.roa
File: NZKlLUaCJ90keH3-qd7f_4KZ_Ok.roa (raw, json)
Hash identifier: +dYNRqYU10p/ryIS/zQ9s8eaKWxiJ+h2MGzJjfpoRAw=
Subject key identifier: 35:92:A5:2D:46:82:27:DD:24:78:7D:FE:A9:DE:DF:FF:82:99:FC:E9
Certificate issuer: /CN=0e6731c7df777222e81b03800f8815a07e0b1fc0
Certificate serial: 01862BAFD57DC0B20F485ED1E5DCD9C3FF7C
Authority key identifier: 0E:67:31:C7:DF:77:72:22:E8:1B:03:80:0F:88:15:A0:7E:0B:1F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dmcxx993ciLoGwOAD4gVoH4LH8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/5a7fc3-0ca8-477e-83b4-2b01e53013e2/1/NZKlLUaCJ90keH3-qd7f_4KZ_Ok.roa
Signing time: Tue 07 Feb 2023 11:43:09 +0000
ROA not before: Tue 07 Feb 2023 11:43:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210079
IP address blocks: 91.201.40.0/22 maxlen: 22
185.221.152.0/22 maxlen: 22
185.221.155.0/24 maxlen: 24
185.221.154.0/24 maxlen: 24
212.8.247.0/24 maxlen: 24
185.12.92.0/22 maxlen: 22
2a03:80c0:abba::/48 maxlen: 48
2a03:80c0::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:af:d5:7d:c0:b2:0f:48:5e:d1:e5:dc:d9:c3:ff:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6731c7df777222e81b03800f8815a07e0b1fc0
Validity
Not Before: Feb 7 11:43:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3592a52d468227dd24787dfea9dedfff8299fce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:8d:80:36:f5:5f:eb:b5:13:2f:4a:ff:78:
8e:2d:da:3c:e6:72:ed:ac:48:26:0d:b6:b0:d1:4e:
77:05:5a:48:9d:55:75:1b:5c:13:06:9f:2b:00:1e:
6c:59:71:83:87:d6:fe:3b:c7:d6:2d:d2:c3:70:a2:
fa:48:cc:14:77:48:1c:00:8f:79:83:85:15:78:d6:
24:1f:00:c5:18:b3:5f:2d:b5:3d:c9:60:83:6f:2b:
06:03:f2:20:65:80:ad:38:00:30:ba:7a:a1:71:7f:
13:07:ea:f9:37:5b:98:03:ce:6e:3c:3c:de:bb:d6:
5c:14:a1:95:55:f1:f7:63:e9:f5:d6:1f:e6:35:41:
e3:5c:3d:61:9f:c4:6c:a7:f2:43:9b:6f:4a:97:4c:
fd:c0:40:c6:1a:89:d9:34:82:92:b9:db:04:b3:84:
95:a9:ed:49:1a:4e:16:a4:9a:b4:b2:42:36:42:ed:
3a:0e:9b:0d:da:09:50:da:0b:22:48:bc:3b:b8:72:
0e:d6:d5:70:91:4b:6b:59:a3:ee:98:c7:b9:ae:aa:
0f:9c:a6:41:1b:86:81:b4:38:82:bf:bb:85:8a:12:
5c:dc:e1:21:a0:64:85:6d:58:0f:cf:c7:b2:2f:17:
8c:b2:2b:c3:de:cf:12:35:5a:f1:ca:e2:e9:65:e8:
0a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:92:A5:2D:46:82:27:DD:24:78:7D:FE:A9:DE:DF:FF:82:99:FC:E9
X509v3 Authority Key Identifier:
keyid:0E:67:31:C7:DF:77:72:22:E8:1B:03:80:0F:88:15:A0:7E:0B:1F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dmcxx993ciLoGwOAD4gVoH4LH8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/5a7fc3-0ca8-477e-83b4-2b01e53013e2/1/NZKlLUaCJ90keH3-qd7f_4KZ_Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/5a7fc3-0ca8-477e-83b4-2b01e53013e2/1/Dmcxx993ciLoGwOAD4gVoH4LH8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.40.0/22
185.12.92.0/22
185.221.152.0/22
212.8.247.0/24
IPv6:
2a03:80c0::/47
2a03:80c0:abba::/48
Signature Algorithm: sha256WithRSAEncryption
3e:ca:c5:ec:3e:df:cd:68:d5:4b:3e:54:fa:5f:6c:13:27:ba:
fe:91:b6:d9:79:5e:63:db:4d:cb:6d:ac:5a:77:ec:b7:c5:54:
ea:8b:bc:2e:c8:4e:5b:79:81:8a:ef:0f:2d:50:58:e9:82:f8:
fc:34:ce:3a:25:89:6e:1c:d8:c3:79:5b:27:58:a4:5b:89:5d:
31:ec:3f:6a:ea:1e:96:3b:2a:c2:a3:d7:00:e6:ef:1a:b6:e0:
c5:1c:d5:71:bb:5b:be:40:f0:c3:a8:6a:d1:f5:b4:52:9b:31:
f0:f9:39:92:34:22:0d:4b:f2:d8:dc:c1:ed:a5:a1:34:9c:73:
4c:f4:f8:45:ab:bf:9a:22:ff:fd:b1:b8:94:8e:5a:71:62:22:
9f:5b:45:10:d3:c5:3f:d8:e9:1f:8d:02:11:f7:25:ec:03:37:
8c:df:ae:3c:4d:78:de:0b:72:1e:e0:0f:97:63:e8:b8:e8:d4:
36:11:57:5e:b1:ec:2a:f5:84:85:9c:7c:ca:2f:8b:a2:f1:99:
67:09:e8:9b:cd:e7:53:5f:41:7f:62:3c:c1:22:3a:a0:a2:a1:
0a:92:ed:70:89:71:27:91:d4:16:fe:09:83:78:d8:9e:53:29:
dd:98:60:62:30:5e:71:c4:fd:90:90:71:17:cb:d5:3a:21:65:
7f:46:d5:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYYrr9V9wLIPSF7R5dzZw/98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNjczMWM3ZGY3NzcyMjJlODFiMDM4MDBmODgxNWEwN2Uw
YjFmYzAwHhcNMjMwMjA3MTE0MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkyYTUyZDQ2ODIyN2RkMjQ3ODdkZmVhOWRlZGZmZjgyOTlmY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6uNgDb1X+u1Ey9K/3iOLdo85nLt
rEgmDbaw0U53BVpInVV1G1wTBp8rAB5sWXGDh9b+O8fWLdLDcKL6SMwUd0gcAI95
g4UVeNYkHwDFGLNfLbU9yWCDbysGA/IgZYCtOAAwunqhcX8TB+r5N1uYA85uPDze
u9ZcFKGVVfH3Y+n11h/mNUHjXD1hn8Rsp/JDm29Kl0z9wEDGGonZNIKSudsEs4SV
qe1JGk4WpJq0skI2Qu06DpsN2glQ2gsiSLw7uHIO1tVwkUtrWaPumMe5rqoPnKZB
G4aBtDiCv7uFihJc3OEhoGSFbVgPz8eyLxeMsivD3s8SNVrxyuLpZegKWQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDWSpS1GgifdJHh9/qne3/+CmfzpMB8GA1UdIwQY
MBaAFA5nMcffd3Ii6BsDgA+IFaB+Cx/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1jeHg5OTNjaUxvR3dPQUQ0Z1ZvSDRMSDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81YTdmYzMtMGNhOC00NzdlLTgzYjQt
MmIwMWU1MzAxM2UyLzEvTlpLbExVYUNKOTBrZUgzLXFkN2ZfNEtaX09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81YTdmYzMtMGNhOC00NzdlLTgzYjQtMmIwMWU1MzAxM2Uy
LzEvRG1jeHg5OTNjaUxvR3dPQUQ0Z1ZvSDRMSDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCW8koAwQC
uQxcAwQCud2YAwQA1Aj3MBgEAgACMBIDBwEqA4DAAAADBwAqA4DAq7owDQYJKoZI
hvcNAQELBQADggEBAD7Kxew+381o1Us+VPpfbBMnuv6Rttl5XmPbTcttrFp37LfF
VOqLvC7ITlt5gYrvDy1QWOmC+Pw0zjoliW4c2MN5WydYpFuJXTHsP2rqHpY7KsKj
1wDm7xq24MUc1XG7W75A8MOoatH1tFKbMfD5OZI0Ig1L8tjcwe2loTScc0z0+EWr
v5oi//2xuJSOWnFiIp9bRRDTxT/Y6R+NAhH3JewDN4zfrjxNeN4Lch7gD5dj6Ljo
1DYRV16x7Cr1hIWcfMovi6LxmWcJ6JvN51NfQX9iPMEiOqCioQqS7XCJcSeR1Bb+
CYN42J5TKd2YYGIwXnHE/ZCQcRfL1TohZX9G1Q4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:34 2025 by rpki-client