Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/NubO0sPxr_cuDCWGfPaZps4XHmU.roa
File: NubO0sPxr_cuDCWGfPaZps4XHmU.roa (raw, json)
Hash identifier: IosGPlSdz8qVsL7WE6s1aTvXI6+f2Lb8gYJwebh24vo=
Subject key identifier: 36:E6:CE:D2:C3:F1:AF:F7:2E:0C:25:86:7C:F6:99:A6:CE:17:1E:65
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 019421B1BB7FB02D2B265F471EB8AA2F8441
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/NubO0sPxr_cuDCWGfPaZps4XHmU.roa
Signing time: Wed 01 Jan 2025 11:48:03 +0000
ROA not before: Wed 01 Jan 2025 11:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27281
IP address blocks: 91.228.72.0/22 maxlen: 24
91.228.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bb:7f:b0:2d:2b:26:5f:47:1e:b8:aa:2f:84:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 1 11:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36e6ced2c3f1aff72e0c25867cf699a6ce171e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:cc:07:c5:69:61:94:b1:d5:57:28:ed:45:
6c:26:b0:a2:ca:ae:fe:50:0d:8b:71:81:03:b0:96:
db:85:75:d7:ce:3c:31:4e:3c:2a:ec:8b:63:3d:d3:
c4:e6:ea:c7:0e:aa:9a:1a:57:4d:03:0d:4e:ad:6f:
d7:1d:20:e4:49:43:3c:cb:af:23:fd:9d:a7:32:c5:
e3:48:7a:46:d1:38:10:85:ea:fd:0c:7b:68:9a:99:
73:61:fa:59:c2:aa:26:2f:9e:75:eb:0c:fa:5b:7c:
ac:8b:66:ab:27:a4:d9:2c:2c:94:aa:71:f1:37:94:
6d:9f:17:8b:61:ba:9e:03:bf:b4:92:ec:a9:7f:46:
fb:ae:be:f4:bf:5a:37:95:9d:e2:02:ad:7a:3b:91:
88:71:9a:3a:5c:11:fe:26:e9:11:27:a9:e7:c2:a0:
0f:24:53:65:e5:67:8f:48:35:fb:c3:16:87:c3:20:
66:b4:e3:4b:18:9b:c2:93:d3:14:72:c2:9a:cc:ab:
89:66:4f:fd:79:54:38:5c:10:d4:3b:7b:62:e3:3f:
92:a6:9d:4b:f3:ea:0d:c1:5e:d6:f6:7e:a2:1b:66:
89:f0:4d:44:60:76:0a:7a:ce:17:b3:2f:92:33:d0:
2b:cb:e7:e6:6e:d0:f5:bf:b6:06:92:e1:f8:ae:bf:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E6:CE:D2:C3:F1:AF:F7:2E:0C:25:86:7C:F6:99:A6:CE:17:1E:65
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/NubO0sPxr_cuDCWGfPaZps4XHmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:56:28:d8:69:bd:57:c8:5d:55:85:e4:0a:d9:f4:61:b5:4e:
34:ae:49:0c:b1:b4:20:d4:28:43:62:2c:57:61:a1:90:45:b5:
0e:43:57:0f:42:df:8a:4f:fb:29:81:e5:47:52:49:42:d7:cb:
92:89:a5:9b:12:18:40:6f:16:7f:15:c9:7a:1e:c8:01:fd:8f:
04:5b:32:62:e5:40:11:a6:a8:c1:7b:9a:8f:7e:da:7d:ce:9c:
86:30:cf:c0:5b:71:c5:81:26:98:ca:10:47:7c:4d:66:12:25:
00:0c:c6:c5:fa:36:eb:7e:f4:4e:0d:2b:1a:b9:ab:63:dc:df:
f3:98:84:fe:fe:74:10:3f:e7:34:34:94:63:00:c6:cd:d3:c4:
af:28:53:f3:a9:80:01:88:13:5c:2a:c5:f0:52:d1:73:3b:e5:
da:23:b9:1b:9d:fd:87:85:dd:72:5e:3e:7c:13:a7:db:6d:d7:
40:47:00:5b:3d:dd:34:24:ed:33:de:11:3f:f1:84:2e:03:42:
6c:a9:b1:2a:50:06:67:a0:6a:7f:71:54:7a:52:9e:f2:30:b7:
e7:43:bc:6d:bd:17:74:a9:de:5c:6b:eb:f4:b1:d7:2f:d1:cd:
ba:61:3e:19:e4:33:98:fa:bb:c9:2f:4f:ac:0c:93:87:fd:56:
1c:5b:bc:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbt/sC0rJl9HHriqL4RBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4
YTU4NWUwHhcNMjUwMTAxMTE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU2Y2VkMmMzZjFhZmY3MmUwYzI1ODY3Y2Y2OTlhNmNlMTcxZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cnMB8VpYZSx1Vco7UVsJrCiyq7+
UA2LcYEDsJbbhXXXzjwxTjwq7ItjPdPE5urHDqqaGldNAw1OrW/XHSDkSUM8y68j
/Z2nMsXjSHpG0TgQher9DHtomplzYfpZwqomL5516wz6W3ysi2arJ6TZLCyUqnHx
N5RtnxeLYbqeA7+0kuypf0b7rr70v1o3lZ3iAq16O5GIcZo6XBH+JukRJ6nnwqAP
JFNl5WePSDX7wxaHwyBmtONLGJvCk9MUcsKazKuJZk/9eVQ4XBDUO3ti4z+Spp1L
8+oNwV7W9n6iG2aJ8E1EYHYKes4Xsy+SM9Ary+fmbtD1v7YGkuH4rr+2WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbmztLD8a/3Lgwlhnz2mabOFx5lMB8GA1UdIwQY
MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt
MTdmYjRmZmI5ZmFkLzEvTnViTzBzUHhyX2N1RENXR2ZQYVpwczRYSG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk
LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+RIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdVijYab1XyF1VheQK2fRhtU40rkkMsbQg1ChDYixX
YaGQRbUOQ1cPQt+KT/spgeVHUklC18uSiaWbEhhAbxZ/Fcl6HsgB/Y8EWzJi5UAR
pqjBe5qPftp9zpyGMM/AW3HFgSaYyhBHfE1mEiUADMbF+jbrfvRODSsauatj3N/z
mIT+/nQQP+c0NJRjAMbN08SvKFPzqYABiBNcKsXwUtFzO+XaI7kbnf2Hhd1yXj58
E6fbbddARwBbPd00JO0z3hE/8YQuA0JsqbEqUAZnoGp/cVR6Up7yMLfnQ7xtvRd0
qd5ca+v0sdcv0c26YT4Z5DOY+rvJL0+sDJOH/VYcW7wI
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:16 2025 by rpki-client