Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/3ZAJJr1V85vQnUp25udJPxTIcsM.roa
File: 3ZAJJr1V85vQnUp25udJPxTIcsM.roa (raw, json)
Hash identifier: K9NkWaYiAkQKkUn/58LMpTI1+yZhB1Cg2Ds1tkWjiKA=
Subject key identifier: DD:90:09:26:BD:55:F3:9B:D0:9D:4A:76:E6:E7:49:3F:14:C8:72:C3
Certificate issuer: /CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Certificate serial: 01845CCDD541B57FD54D18F26DCD3E25D7BC
Authority key identifier: 36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/3ZAJJr1V85vQnUp25udJPxTIcsM.roa
Signing time: Wed 09 Nov 2022 14:31:44 +0000
ROA not before: Wed 09 Nov 2022 14:31:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 185.161.121.0/24 maxlen: 24
151.216.16.0/20 maxlen: 24
2a11:9600::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:cd:d5:41:b5:7f:d5:4d:18:f2:6d:cd:3e:25:d7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b59523fd549f1b4b653d3c1040ff516db6e999
Validity
Not Before: Nov 9 14:31:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd900926bd55f39bd09d4a76e6e7493f14c872c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:18:6e:9f:8a:c2:17:80:8c:5c:c1:e9:ed:ee:
d2:2c:76:3d:7a:bb:ba:8e:3a:49:a7:4a:61:36:65:
4d:81:84:a2:74:1f:8b:a8:84:42:a2:cd:98:e5:50:
30:e6:b0:2c:77:95:44:e4:3b:d4:ec:48:01:4e:b0:
1c:77:e3:6d:c9:fe:f9:d3:ae:83:16:6f:3b:56:32:
30:73:a4:f7:29:11:75:be:c3:99:d9:4f:76:99:22:
e9:d0:5d:98:ed:22:31:35:a2:20:3e:3b:0f:56:80:
50:18:e3:a6:b2:15:6d:c4:d6:4d:4f:5b:a6:bc:9a:
7d:de:c0:4d:79:d5:ea:a8:e3:a3:6f:f5:a0:ec:9f:
77:c8:22:ee:c9:4a:bf:d5:93:9d:22:3a:20:a8:35:
42:4f:2c:36:37:e6:47:1c:55:86:fa:21:04:5d:9e:
d3:c8:64:b8:df:ab:76:9a:3f:10:6b:bb:d6:3f:cb:
f8:0b:28:ab:79:02:fd:88:46:cc:7c:5f:83:23:2f:
7f:cc:c7:01:e5:76:ad:51:7e:1d:80:54:a5:21:e7:
43:ae:f8:75:f3:bb:9a:13:d8:8b:90:7e:9c:5f:d6:
e4:45:36:ca:eb:b7:84:be:9a:67:f1:2b:e2:c7:d7:
db:24:15:0f:1a:a8:af:c7:83:41:12:4f:1b:10:f6:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:90:09:26:BD:55:F3:9B:D0:9D:4A:76:E6:E7:49:3F:14:C8:72:C3
X509v3 Authority Key Identifier:
keyid:36:B5:95:23:FD:54:9F:1B:4B:65:3D:3C:10:40:FF:51:6D:B6:E9:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrWVI_1UnxtLZT08EED_UW226Zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/3ZAJJr1V85vQnUp25udJPxTIcsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cd5c51-aff5-45f8-9612-dd3ddb62c719/1/NrWVI_1UnxtLZT08EED_UW226Zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.16.0/20
185.161.121.0/24
IPv6:
2a11:9600::/29
Signature Algorithm: sha256WithRSAEncryption
aa:44:9b:f3:b2:0f:5f:c1:53:df:99:9d:0c:48:a3:e8:84:55:
b8:d2:94:8e:76:8a:18:01:3f:f1:a0:19:70:54:df:60:7e:3b:
fc:62:af:e6:04:90:e0:2f:dc:c1:81:3b:5e:ef:0c:b4:b2:5a:
72:c6:25:44:1e:7f:24:c7:7a:78:ab:16:54:10:01:ac:31:59:
e9:00:3e:4c:6f:cb:f2:e7:61:4e:4e:56:c4:da:6d:d0:8b:39:
29:a7:da:a3:84:f3:cb:1c:78:f1:1a:df:f2:7d:da:78:3f:40:
43:e2:45:2f:c9:46:83:95:11:2a:94:f1:bb:d6:0a:d3:26:dd:
31:29:af:20:f9:bc:fc:33:67:8b:59:9c:37:c3:a1:fa:14:9c:
8c:27:28:89:6b:25:ee:01:01:bb:f3:0e:e3:f7:7a:e2:bd:8b:
bc:a9:ea:fa:c0:b9:85:6c:5e:89:01:30:33:a2:e9:1e:ab:7a:
80:3d:5d:bf:e0:2c:5c:de:a0:4b:bd:45:de:67:84:53:66:45:
77:38:70:46:d0:29:59:d8:b6:29:02:a3:0a:1e:09:f5:d0:54:
96:b2:c3:90:b2:4d:cd:47:25:32:08:94:84:20:bc:74:0e:eb:
24:a3:ef:92:ec:a8:a0:15:b6:23:d6:61:7e:cc:f6:c2:a7:59:
64:4f:6c:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRczdVBtX/VTRjybc0+Jde8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU5NTIzZmQ1NDlmMWI0YjY1M2QzYzEwNDBmZjUxNmRi
NmU5OTkwHhcNMjIxMTA5MTQzMTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDkwMDkyNmJkNTVmMzliZDA5ZDRhNzZlNmU3NDkzZjE0Yzg3MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Bhun4rCF4CMXMHp7e7SLHY9eru6
jjpJp0phNmVNgYSidB+LqIRCos2Y5VAw5rAsd5VE5DvU7EgBTrAcd+Ntyf75066D
Fm87VjIwc6T3KRF1vsOZ2U92mSLp0F2Y7SIxNaIgPjsPVoBQGOOmshVtxNZNT1um
vJp93sBNedXqqOOjb/Wg7J93yCLuyUq/1ZOdIjogqDVCTyw2N+ZHHFWG+iEEXZ7T
yGS436t2mj8Qa7vWP8v4CyireQL9iEbMfF+DIy9/zMcB5XatUX4dgFSlIedDrvh1
87uaE9iLkH6cX9bkRTbK67eEvppn8Svix9fbJBUPGqivx4NBEk8bEPZLzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN2QCSa9VfOb0J1KdubnST8UyHLDMB8GA1UdIwQY
MBaAFDa1lSP9VJ8bS2U9PBBA/1FttumZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJXVklfMVVueHRMWlQwOEVFRF9VVzIyNlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZDVjNTEtYWZmNS00NWY4LTk2MTIt
ZGQzZGRiNjJjNzE5LzEvM1pBSkpyMVY4NXZRblVwMjV1ZEpQeFRJY3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZDVjNTEtYWZmNS00NWY4LTk2MTItZGQzZGRiNjJjNzE5
LzEvTnJXVklfMVVueHRMWlQwOEVFRF9VVzIyNlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEl9gQAwQA
uaF5MA0EAgACMAcDBQMqEZYAMA0GCSqGSIb3DQEBCwUAA4IBAQCqRJvzsg9fwVPf
mZ0MSKPohFW40pSOdooYAT/xoBlwVN9gfjv8Yq/mBJDgL9zBgTte7wy0slpyxiVE
Hn8kx3p4qxZUEAGsMVnpAD5Mb8vy52FOTlbE2m3Qizkpp9qjhPPLHHjxGt/yfdp4
P0BD4kUvyUaDlREqlPG71grTJt0xKa8g+bz8M2eLWZw3w6H6FJyMJyiJayXuAQG7
8w7j93rivYu8qer6wLmFbF6JATAzoukeq3qAPV2/4Cxc3qBLvUXeZ4RTZkV3OHBG
0ClZ2LYpAqMKHgn10FSWssOQsk3NRyUyCJSEILx0Dusko++S7KigFbYj1mF+zPbC
p1lkT2zo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:07 2025 by rpki-client