Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/nrlyz_hK2GIq0kAzcLikI_8fI5k.roa
File: nrlyz_hK2GIq0kAzcLikI_8fI5k.roa (raw, json)
Hash identifier: SND+N7I4s4SNDEmj/xPgMHvyaeL1pthUWgFGqGR2wlk=
Subject key identifier: 9E:B9:72:CF:F8:4A:D8:62:2A:D2:40:33:70:B8:A4:23:FF:1F:23:99
Certificate issuer: /CN=b83b5cdb65ecc5bd746d8b74982831a6d8dc1053
Certificate serial: 3623F4
Authority key identifier: B8:3B:5C:DB:65:EC:C5:BD:74:6D:8B:74:98:28:31:A6:D8:DC:10:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uDtc22Xsxb10bYt0mCgxptjcEFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/nrlyz_hK2GIq0kAzcLikI_8fI5k.roa
Signing time: Sat 01 Jan 2022 00:52:45 +0000
ROA not before: Sat 01 Jan 2022 00:52:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60111
IP address blocks: 185.193.236.0/22 maxlen: 22
2a0a:4140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3548148 (0x3623f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b83b5cdb65ecc5bd746d8b74982831a6d8dc1053
Validity
Not Before: Jan 1 00:52:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eb972cff84ad8622ad2403370b8a423ff1f2399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:a1:ab:e4:8a:65:0a:94:6f:02:7a:40:59:
51:6b:be:0e:68:ac:da:25:c7:ee:f0:a1:c4:60:30:
ff:dc:c3:d6:f7:76:98:28:b6:e1:8a:26:9d:9f:3a:
19:d8:29:02:e7:3d:19:8e:03:fe:14:a0:53:1c:43:
a0:a5:65:84:da:3b:11:44:51:5e:e7:84:5d:33:55:
10:a7:62:53:69:9f:a9:bd:08:29:e6:9e:7e:92:a1:
cb:e1:25:ee:61:d2:4c:b0:88:10:f2:33:07:78:c0:
6c:0f:30:57:60:45:32:c4:2d:d7:f1:0c:ae:dd:a4:
cf:d6:9b:ba:87:03:dd:14:e5:19:20:66:a7:ad:6e:
56:3e:30:4c:1e:8c:51:b7:44:2d:e2:3b:78:e1:f4:
95:b6:2e:23:88:dd:07:e8:8f:01:21:b3:88:79:57:
ad:e5:0b:b2:b8:04:d5:9c:a2:41:a2:34:3f:cd:d9:
66:4e:50:a8:ab:ac:d9:f1:ce:01:a2:60:29:9d:02:
85:62:b6:57:ff:44:a5:38:ca:ed:66:3a:d2:ae:43:
9f:86:d1:ff:fd:0e:a4:ae:96:31:72:72:d3:76:5b:
8e:9a:a2:8c:62:0d:d8:1a:a8:28:4a:b2:f0:e7:14:
79:a8:df:a6:96:81:c1:f9:eb:f3:de:15:4e:a9:00:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B9:72:CF:F8:4A:D8:62:2A:D2:40:33:70:B8:A4:23:FF:1F:23:99
X509v3 Authority Key Identifier:
keyid:B8:3B:5C:DB:65:EC:C5:BD:74:6D:8B:74:98:28:31:A6:D8:DC:10:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uDtc22Xsxb10bYt0mCgxptjcEFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/nrlyz_hK2GIq0kAzcLikI_8fI5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/uDtc22Xsxb10bYt0mCgxptjcEFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.236.0/22
IPv6:
2a0a:4140::/29
Signature Algorithm: sha256WithRSAEncryption
41:03:b7:23:aa:2a:71:d8:45:35:28:bd:16:be:68:a8:5c:f9:
bc:ea:ea:72:e8:68:d0:26:bf:32:0f:68:99:d5:62:e7:5b:f1:
a6:15:b6:38:9a:79:dc:d4:36:a3:72:39:e2:1f:e7:dd:6b:45:
a8:93:43:bc:cc:c6:ba:be:67:fd:ff:88:1f:98:9c:2e:12:7f:
9d:53:07:ca:1f:f1:3e:34:25:b0:43:4d:9f:14:d4:71:ae:cc:
7d:44:7a:ea:93:2a:4d:be:7c:89:2f:b2:26:0a:cb:2a:65:a7:
c6:1f:7e:6e:f6:41:ca:b6:5e:b6:dc:5c:58:e7:67:80:d1:25:
78:2b:60:e7:94:a5:bb:c9:63:86:df:4f:01:3f:59:42:e6:11:
b1:33:c7:1b:f6:a0:9c:8a:4a:78:d1:53:82:d5:82:a1:13:ab:
4f:ba:9c:0a:6c:d3:90:77:77:fc:36:0c:08:f4:3a:30:78:63:
b4:04:be:48:57:e8:70:3c:80:c3:4b:c6:b3:fc:06:d5:26:4d:
20:1e:e1:19:fd:95:a4:57:fd:a7:7c:18:f5:df:6a:f4:d2:ea:
8b:bc:41:1f:36:35:2b:30:f7:9f:cd:31:3b:20:93:31:3b:f6:
cc:e3:80:7a:3c:0f:72:ab:b1:55:de:e5:51:e0:94:69:95:89:
11:29:b5:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDNiP0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI4
M2I1Y2RiNjVlY2M1YmQ3NDZkOGI3NDk4MjgzMWE2ZDhkYzEwNTMwHhcNMjIwMTAx
MDA1MjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZWI5NzJjZmY4NGFk
ODYyMmFkMjQwMzM3MGI4YTQyM2ZmMWYyMzk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqxKhq+SKZQqUbwJ6QFlRa74OaKzaJcfu8KHEYDD/3MPW93aY
KLbhiiadnzoZ2CkC5z0ZjgP+FKBTHEOgpWWE2jsRRFFe54RdM1UQp2JTaZ+pvQgp
5p5+kqHL4SXuYdJMsIgQ8jMHeMBsDzBXYEUyxC3X8Qyu3aTP1pu6hwPdFOUZIGan
rW5WPjBMHoxRt0Qt4jt44fSVti4jiN0H6I8BIbOIeVet5QuyuATVnKJBojQ/zdlm
TlCoq6zZ8c4BomApnQKFYrZX/0SlOMrtZjrSrkOfhtH//Q6krpYxcnLTdluOmqKM
Yg3YGqgoSrLw5xR5qN+mloHB+evz3hVOqQAODQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFJ65cs/4SthiKtJAM3C4pCP/HyOZMB8GA1UdIwQYMBaAFLg7XNtl7MW9dG2L
dJgoMabY3BBTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dUR0YzIyWHN4YjEwYll0MG1DZ3hwdGpjRUZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kNS80YjhmNWEtMjRlMC00ZWRlLWE0YWItNTBjNzg5MTZmOGUzLzEv
bnJseXpfaEsyR0lxMGtBemNMaWtJXzhmSTVrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80
YjhmNWEtMjRlMC00ZWRlLWE0YWItNTBjNzg5MTZmOGUzLzEvdUR0YzIyWHN4YjEw
Yll0MG1DZ3hwdGpjRUZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucHsMA0EAgACMAcDBQMqCkFAMA0G
CSqGSIb3DQEBCwUAA4IBAQBBA7cjqipx2EU1KL0WvmioXPm86upy6GjQJr8yD2iZ
1WLnW/GmFbY4mnnc1DajcjniH+fda0Wok0O8zMa6vmf9/4gfmJwuEn+dUwfKH/E+
NCWwQ02fFNRxrsx9RHrqkypNvnyJL7ImCssqZafGH35u9kHKtl623FxY52eA0SV4
K2DnlKW7yWOG308BP1lC5hGxM8cb9qCcikp40VOC1YKhE6tPupwKbNOQd3f8NgwI
9DoweGO0BL5IV+hwPIDDS8az/AbVJk0gHuEZ/ZWkV/2nfBj132r00uqLvEEfNjUr
MPefzTE7IJMxO/bM44B6PA9yq7FV3uVR4JRplYkRKbUR
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:21 2025 by rpki-client