Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NtUJA-IV9HMMEU69ZoU0L11KSz4.roa
File: NtUJA-IV9HMMEU69ZoU0L11KSz4.roa (raw, json)
Hash identifier: 0VQdne+gAxsvsRL6m9Y1wYR3TXCgOPXGgoZH0o+vcWk=
Subject key identifier: 36:D5:09:03:E2:15:F4:73:0C:11:4E:BD:66:85:34:2F:5D:4A:4B:3E
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA360C042632D976A99CC459699F9B
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NtUJA-IV9HMMEU69ZoU0L11KSz4.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44220
IP address blocks: 89.45.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:36:0c:04:26:32:d9:76:a9:9c:c4:59:69:9f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d50903e215f4730c114ebd6685342f5d4a4b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e2:d9:6d:b2:b5:a7:44:bc:80:bf:bf:b7:fc:
3a:05:8d:13:2c:31:e2:04:1c:ed:c1:97:14:97:d0:
b6:15:66:d8:4b:96:48:d9:aa:7a:2c:ba:25:9d:76:
ef:9f:a7:7b:09:30:c1:0e:a0:f8:2b:80:48:91:2c:
14:0b:6e:f1:16:29:ae:a1:ac:a2:79:e5:f1:c1:fc:
64:fe:92:df:97:86:23:7f:a0:7d:1e:4e:e2:e2:14:
98:2a:d3:1e:4a:31:86:f2:15:ef:a5:6c:a6:14:11:
56:0d:af:b4:e7:05:f7:6d:45:ea:18:a5:32:f1:8f:
fc:e7:ba:75:79:de:68:27:13:8d:76:79:e4:38:dd:
d6:35:1e:19:34:d3:7f:45:2d:61:ec:f5:63:33:ae:
91:44:39:a1:58:00:92:44:17:63:9f:f5:46:3d:c5:
85:69:08:32:9e:16:68:14:0b:59:e2:35:57:58:af:
fb:27:92:2c:08:7f:b3:a1:43:e0:de:b2:e2:27:35:
00:a9:db:e1:0e:8e:31:51:9f:49:78:79:8e:cf:f2:
d2:79:a0:37:13:ee:93:6a:16:4b:6d:5b:04:e3:8a:
46:25:f7:39:a0:22:bc:3a:6a:cb:c5:e1:ee:f0:70:
c1:45:46:88:88:55:3a:33:f8:af:96:4a:85:8c:33:
be:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D5:09:03:E2:15:F4:73:0C:11:4E:BD:66:85:34:2F:5D:4A:4B:3E
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/NtUJA-IV9HMMEU69ZoU0L11KSz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.46.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f6:bf:3f:7f:65:38:a2:7c:bb:da:e1:4a:7e:42:2c:e0:23:
fb:fb:53:46:86:14:3a:b0:d4:9d:7f:a2:91:38:d4:40:37:b2:
c9:1d:7d:ee:f1:7b:17:0d:46:a1:8a:f1:7d:8b:eb:9a:15:e1:
9d:2d:5a:9b:87:54:b1:44:74:8c:2c:6c:eb:9a:dc:ef:9f:f3:
97:5c:8f:15:ce:98:96:c2:ce:f8:09:0e:b4:4a:0f:9f:a9:20:
9a:bf:08:79:03:31:82:87:51:fc:c4:00:95:bb:7c:c5:df:55:
34:cd:a1:42:ad:78:19:cb:18:b3:30:73:cd:92:db:04:e2:85:
2a:b0:c2:96:a4:7b:7d:12:d4:fa:e4:63:30:87:e8:ca:ab:e1:
33:fb:bc:cd:e7:c7:f9:28:9c:6a:1c:e3:00:7a:98:19:f3:bf:
33:e9:e9:d5:02:94:2f:ff:a1:9f:57:d2:f7:71:b8:84:6c:dd:
a6:a5:7b:1b:27:fa:51:e2:0a:8a:cb:0f:0d:28:f8:d5:a6:a5:
61:7f:f5:48:8d:77:b0:1f:6d:0c:5b:50:c1:35:a7:1a:ab:ae:
1a:15:b2:cc:7f:f8:67:08:8f:42:3a:d9:cf:bf:e2:9c:c3:28:
4b:3c:60:18:6d:0c:eb:0f:b1:ed:d9:05:6f:6c:c5:79:ad:08:
f5:7e:d6:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jYMBCYy2XapnMRZaZ+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ1MDkwM2UyMTVmNDczMGMxMTRlYmQ2Njg1MzQyZjVkNGE0YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uLZbbK1p0S8gL+/t/w6BY0TLDHi
BBztwZcUl9C2FWbYS5ZI2ap6LLolnXbvn6d7CTDBDqD4K4BIkSwUC27xFimuoayi
eeXxwfxk/pLfl4Yjf6B9Hk7i4hSYKtMeSjGG8hXvpWymFBFWDa+05wX3bUXqGKUy
8Y/857p1ed5oJxONdnnkON3WNR4ZNNN/RS1h7PVjM66RRDmhWACSRBdjn/VGPcWF
aQgynhZoFAtZ4jVXWK/7J5IsCH+zoUPg3rLiJzUAqdvhDo4xUZ9JeHmOz/LSeaA3
E+6TahZLbVsE44pGJfc5oCK8OmrLxeHu8HDBRUaIiFU6M/ivlkqFjDO++wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbVCQPiFfRzDBFOvWaFNC9dSks+MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvTnRVSkEtSVY5SE1NRVU2OVpvVTBMMTFLU3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS0uMA0G
CSqGSIb3DQEBCwUAA4IBAQAh9r8/f2U4ony72uFKfkIs4CP7+1NGhhQ6sNSdf6KR
ONRAN7LJHX3u8XsXDUahivF9i+uaFeGdLVqbh1SxRHSMLGzrmtzvn/OXXI8VzpiW
ws74CQ60Sg+fqSCavwh5AzGCh1H8xACVu3zF31U0zaFCrXgZyxizMHPNktsE4oUq
sMKWpHt9EtT65GMwh+jKq+Ez+7zN58f5KJxqHOMAepgZ878z6enVApQv/6GfV9L3
cbiEbN2mpXsbJ/pR4gqKyw8NKPjVpqVhf/VIjXewH20MW1DBNacaq64aFbLMf/hn
CI9COtnPv+KcwyhLPGAYbQzrD7Ht2QVvbMV5rQj1ftZJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:32 2025 by rpki-client