Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/nNkkdnQLmg1XacLLjotJg473l-s.roa
File: nNkkdnQLmg1XacLLjotJg473l-s.roa (raw, json)
Hash identifier: EgIMVEK043J1hpPScuywjYz3NPrcqrXfUas953cUOIk=
Subject key identifier: 9C:D9:24:76:74:0B:9A:0D:57:69:C2:CB:8E:8B:49:83:8E:F7:97:EB
Certificate issuer: /CN=21a1d1ba22e0f9985f4b96e0e81325d538116737
Certificate serial: 09859758
Authority key identifier: 21:A1:D1:BA:22:E0:F9:98:5F:4B:96:E0:E8:13:25:D5:38:11:67:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/nNkkdnQLmg1XacLLjotJg473l-s.roa
Signing time: Sat 01 Jan 2022 05:59:41 +0000
ROA not before: Sat 01 Jan 2022 05:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159749976 (0x9859758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a1d1ba22e0f9985f4b96e0e81325d538116737
Validity
Not Before: Jan 1 05:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cd92476740b9a0d5769c2cb8e8b49838ef797eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dd:95:18:a0:d3:4e:07:5c:cc:3b:81:d9:5c:
96:a8:ae:ea:10:0f:b7:fb:5c:71:53:fa:7a:9c:ea:
15:33:c9:c7:c3:c3:44:d6:ac:28:de:81:21:62:2c:
11:42:d9:48:ec:9e:8b:6c:4d:46:04:90:91:37:9e:
af:a6:18:ad:a6:a0:a4:d5:90:7b:db:75:91:ed:3b:
5f:75:91:cb:07:2c:1b:b2:e4:48:c5:a2:a2:0a:e0:
a8:0b:b7:19:0d:bf:f5:04:a2:01:ce:10:57:de:54:
23:10:83:cf:89:dd:7e:cc:be:a6:9e:60:88:32:1b:
95:d5:5a:42:c8:b2:fb:17:e7:0d:a9:c4:d4:73:69:
6b:7c:1f:c8:4e:ca:b0:72:05:f3:03:be:26:4b:ca:
2e:c3:62:d4:4b:22:53:9c:d9:25:96:4b:53:21:a7:
22:64:f1:d2:69:70:83:23:4d:9f:fd:2a:83:da:2a:
80:e2:76:2d:2f:c2:fd:31:43:38:15:5f:82:1f:ff:
de:8d:fc:f8:12:95:26:74:cf:d1:55:ec:1e:ca:58:
ed:70:7e:18:28:37:6d:8e:1d:92:68:65:23:a9:c9:
f5:3e:f0:75:71:44:d8:e3:c2:09:d2:18:a2:d6:36:
a3:08:e1:e6:85:16:21:08:20:da:81:af:c5:5a:c4:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D9:24:76:74:0B:9A:0D:57:69:C2:CB:8E:8B:49:83:8E:F7:97:EB
X509v3 Authority Key Identifier:
keyid:21:A1:D1:BA:22:E0:F9:98:5F:4B:96:E0:E8:13:25:D5:38:11:67:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/nNkkdnQLmg1XacLLjotJg473l-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4e8e3d-6593-45a7-a3f5-86af3e3c341d/1/IaHRuiLg-ZhfS5bg6BMl1TgRZzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
Signature Algorithm: sha256WithRSAEncryption
2b:34:e3:4d:24:aa:a7:33:c1:59:29:8f:91:e4:7d:6f:13:ca:
e0:71:b3:87:cc:49:b9:60:38:ee:ba:0e:25:7e:b1:24:7c:56:
f2:85:dd:4c:c4:0f:0b:40:ab:3e:f9:3c:f4:2c:47:47:b7:b2:
22:8e:dd:59:1b:9c:16:23:08:02:9f:b1:b3:43:08:35:14:e8:
a9:8a:4c:4d:ed:86:36:3c:12:09:30:52:a4:42:01:3c:f0:13:
f8:74:13:eb:d3:fd:68:94:1e:0c:7e:34:28:fd:0f:ce:de:fa:
c6:61:d1:a6:91:c1:ca:71:0f:c7:b3:32:68:bd:70:ca:a2:ef:
d2:b7:95:24:5e:28:cb:e2:a8:9e:c3:ca:87:50:a7:17:01:59:
7b:7c:71:32:23:6a:7a:4f:4f:0a:63:8b:e8:f6:60:4c:ac:7a:
0c:94:cf:5b:4d:ee:f0:a1:22:ff:cb:1d:08:b1:6f:d9:0c:ff:
34:64:fa:f0:e7:45:86:f7:25:32:78:ba:92:3c:db:3a:17:44:
b5:a9:b9:88:d8:70:c7:ad:d7:df:73:3e:17:82:80:a1:59:ce:
66:68:d8:64:51:58:ed:63:eb:82:93:a0:7a:80:d5:c6:1d:81:
45:a5:29:fd:fb:4a:1b:66:32:1f:b9:b2:56:88:b4:a1:32:20:
2f:8f:44:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECYWXWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWExZDFiYTIyZTBmOTk4NWY0Yjk2ZTBlODEzMjVkNTM4MTE2NzM3MB4XDTIyMDEw
MTA1NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNkOTI0NzY3NDBi
OWEwZDU3NjljMmNiOGU4YjQ5ODM4ZWY3OTdlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTdlRig004HXMw7gdlclqiu6hAPt/tccVP6epzqFTPJx8PD
RNasKN6BIWIsEULZSOyei2xNRgSQkTeer6YYraagpNWQe9t1ke07X3WRywcsG7Lk
SMWiogrgqAu3GQ2/9QSiAc4QV95UIxCDz4ndfsy+pp5giDIbldVaQsiy+xfnDanE
1HNpa3wfyE7KsHIF8wO+JkvKLsNi1EsiU5zZJZZLUyGnImTx0mlwgyNNn/0qg9oq
gOJ2LS/C/TFDOBVfgh//3o38+BKVJnTP0VXsHspY7XB+GCg3bY4dkmhlI6nJ9T7w
dXFE2OPCCdIYotY2owjh5oUWIQgg2oGvxVrEw1ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSc2SR2dAuaDVdpwsuOi0mDjveX6zAfBgNVHSMEGDAWgBQhodG6IuD5mF9L
luDoEyXVOBFnNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lhSFJ1aUxnLVpoZlM1Ymc2Qk1sMVRnUlp6Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNGU4ZTNkLTY1OTMtNDVhNy1hM2Y1LTg2YWYzZTNjMzQxZC8x
L25Oa2tkblFMbWcxWGFjTExqb3RKZzQ3M2wtcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NGU4ZTNkLTY1OTMtNDVhNy1hM2Y1LTg2YWYzZTNjMzQxZC8xL0lhSFJ1aUxnLVpo
ZlM1Ymc2Qk1sMVRnUlp6Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvyrTAPBAIAAjAJAwcAIAEGfAbY
MA0GCSqGSIb3DQEBCwUAA4IBAQArNONNJKqnM8FZKY+R5H1vE8rgcbOHzEm5YDju
ug4lfrEkfFbyhd1MxA8LQKs++Tz0LEdHt7Iijt1ZG5wWIwgCn7GzQwg1FOipikxN
7YY2PBIJMFKkQgE88BP4dBPr0/1olB4MfjQo/Q/O3vrGYdGmkcHKcQ/HszJovXDK
ou/St5UkXijL4qiew8qHUKcXAVl7fHEyI2p6T08KY4vo9mBMrHoMlM9bTe7woSL/
yx0IsW/ZDP80ZPrw50WG9yUyeLqSPNs6F0S1qbmI2HDHrdffcz4XgoChWc5maNhk
UVjtY+uCk6B6gNXGHYFFpSn9+0obZjIfubJWiLShMiAvj0T1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:59 2025 by rpki-client