Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NBhIgwqpUhseH0mJw9Q2NaBvD6I.roa
File: NBhIgwqpUhseH0mJw9Q2NaBvD6I.roa (raw, json)
Hash identifier: 4mghBGRFR1dQH+Qs6cuTFhEKWII610pqzD1sPxbygC0=
Subject key identifier: 34:18:48:83:0A:A9:52:1B:1E:1F:49:89:C3:D4:36:35:A0:6F:0F:A2
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA33042A4161C534197EBC9F594DFE
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NBhIgwqpUhseH0mJw9Q2NaBvD6I.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39277
IP address blocks: 89.32.216.0/21 maxlen: 21
188.210.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:33:04:2a:41:61:c5:34:19:7e:bc:9f:59:4d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=341848830aa9521b1e1f4989c3d43635a06f0fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8e:19:26:a7:44:eb:a1:fb:35:b8:91:96:37:
a9:90:41:40:d8:c5:06:02:f0:d8:9b:b8:d5:61:46:
cf:c7:3d:00:25:2a:4e:e1:eb:6f:4e:6e:e1:fc:ae:
62:c0:19:5b:03:fa:17:10:e2:bd:4c:12:02:b0:3e:
2f:ba:af:bf:ed:d1:39:40:12:49:4d:6e:81:06:40:
67:f9:e3:69:c3:6a:b5:83:35:cc:c4:fd:91:05:cf:
9e:2a:d2:d5:3f:55:50:b5:8a:d4:70:1c:0f:5f:26:
39:bc:8c:4b:31:46:a3:6e:bf:a4:e1:2d:0a:d7:f5:
ff:bf:e6:1d:f3:d5:33:58:95:f4:69:8e:a8:17:47:
13:b8:6d:e0:3f:ae:f4:7b:15:43:d7:fd:0b:5a:6f:
0b:05:2a:a8:73:01:d6:85:51:76:d0:d5:63:8a:57:
a4:8d:c9:32:c0:4c:a7:21:23:54:ae:b6:d9:00:2e:
4e:05:d7:6c:9c:be:75:28:c0:eb:45:28:d2:87:dd:
7a:27:3f:dc:78:aa:8a:c1:d5:43:05:c0:c0:db:49:
c3:76:ab:59:9d:25:7d:0e:3c:d4:b4:a5:0c:3d:db:
0c:c1:27:94:b5:8b:f0:2f:29:c0:92:d7:3e:97:b4:
a5:d8:b3:72:fe:2f:43:2e:40:79:e5:23:e6:22:dc:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:18:48:83:0A:A9:52:1B:1E:1F:49:89:C3:D4:36:35:A0:6F:0F:A2
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NBhIgwqpUhseH0mJw9Q2NaBvD6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.216.0/21
188.210.224.0/21
Signature Algorithm: sha256WithRSAEncryption
57:e6:16:5d:47:3f:23:2a:b9:2d:38:e4:8c:09:2f:dc:92:c7:
5b:89:6b:42:17:cf:65:1a:98:42:8d:33:82:7f:ac:e8:ee:07:
78:9b:19:f7:5f:00:49:36:f9:4d:65:df:b7:0e:91:60:33:53:
4f:97:81:8b:fd:83:62:23:3c:58:06:25:b7:a0:70:0a:61:2d:
58:0d:40:e8:af:52:89:bd:04:32:ae:1e:7c:27:4a:18:b4:85:
e7:0d:31:e3:b5:f1:76:a6:b1:75:74:6e:8f:88:7e:b1:49:ee:
f8:c0:16:0f:4b:a2:99:bd:62:e2:b5:c1:71:5d:b8:89:fa:48:
c9:07:57:a6:c8:2a:ca:87:fc:6e:99:3b:3d:60:b7:0c:2b:08:
36:29:31:5b:88:7d:37:49:06:f6:6b:27:65:3c:13:16:99:ec:
8f:6c:4f:b4:a3:54:e4:5f:10:c0:2c:de:9e:48:d8:83:13:42:
84:b6:59:11:e8:e9:43:e6:9f:94:69:91:92:ce:4e:e7:1c:3d:
fe:1a:dc:1b:7e:db:58:70:b4:0a:06:80:18:3f:bd:81:71:a6:
3f:c2:42:66:13:ed:c0:e4:17:4f:9b:b5:a4:cf:ea:60:48:bb:
4f:47:ff:1b:41:56:91:b6:d9:83:fb:b1:90:6b:4e:9d:1f:c9:
2b:74:5c:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+jMEKkFhxTQZfryfWU3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE4NDg4MzBhYTk1MjFiMWUxZjQ5ODljM2Q0MzYzNWEwNmYwZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo4ZJqdE66H7NbiRljepkEFA2MUG
AvDYm7jVYUbPxz0AJSpO4etvTm7h/K5iwBlbA/oXEOK9TBICsD4vuq+/7dE5QBJJ
TW6BBkBn+eNpw2q1gzXMxP2RBc+eKtLVP1VQtYrUcBwPXyY5vIxLMUajbr+k4S0K
1/X/v+Yd89UzWJX0aY6oF0cTuG3gP670exVD1/0LWm8LBSqocwHWhVF20NVjilek
jckywEynISNUrrbZAC5OBddsnL51KMDrRSjSh916Jz/ceKqKwdVDBcDA20nDdqtZ
nSV9DjzUtKUMPdsMwSeUtYvwLynAktc+l7Sl2LNy/i9DLkB55SPmItxp4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQYSIMKqVIbHh9JicPUNjWgbw+iMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvTkJoSWd3cXBVaHNlSDBtSnc5UTJOYUJ2RDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWSDYAwQD
vNLgMA0GCSqGSIb3DQEBCwUAA4IBAQBX5hZdRz8jKrktOOSMCS/cksdbiWtCF89l
GphCjTOCf6zo7gd4mxn3XwBJNvlNZd+3DpFgM1NPl4GL/YNiIzxYBiW3oHAKYS1Y
DUDor1KJvQQyrh58J0oYtIXnDTHjtfF2prF1dG6PiH6xSe74wBYPS6KZvWLitcFx
XbiJ+kjJB1emyCrKh/xumTs9YLcMKwg2KTFbiH03SQb2aydlPBMWmeyPbE+0o1Tk
XxDALN6eSNiDE0KEtlkR6OlD5p+UaZGSzk7nHD3+GtwbfttYcLQKBoAYP72BcaY/
wkJmE+3A5BdPm7Wkz+pgSLtPR/8bQVaRttmD+7GQa06dH8krdFy/
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:04:13 2025 by rpki-client