Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/njf2cA4Izq96Vk5pAZtjc0TN3EM.roa
File: njf2cA4Izq96Vk5pAZtjc0TN3EM.roa (raw, json)
Hash identifier: r4tRn2uGsqHtrnVPbW6PMDcKIjJj2qnbc7d6j5OIoQ4=
Subject key identifier: 9E:37:F6:70:0E:08:CE:AF:7A:56:4E:69:01:9B:63:73:44:CD:DC:43
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 019408BB981BC4A0640BD295F472AA0DF41B
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/njf2cA4Izq96Vk5pAZtjc0TN3EM.roa
Signing time: Fri 27 Dec 2024 15:28:19 +0000
ROA not before: Fri 27 Dec 2024 15:28:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59538
IP address blocks: 185.0.34.0/24 maxlen: 24
194.180.196.0/24 maxlen: 24
2a0f:7800::/31 maxlen: 48
2a0f:7800:600::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:bb:98:1b:c4:a0:64:0b:d2:95:f4:72:aa:0d:f4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Dec 27 15:28:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e37f6700e08ceaf7a564e69019b637344cddc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:42:d8:3d:eb:7b:33:6c:f0:f7:1b:e6:94:65:
94:14:c1:49:5e:07:32:73:e1:c1:52:25:b4:a9:67:
d3:7c:ce:d6:46:33:42:8f:83:5b:fa:4f:eb:91:f1:
58:43:52:9c:3e:d9:f9:f9:8d:1c:ca:ad:4f:25:b1:
a2:88:95:23:10:9b:9e:6f:09:20:3a:00:d2:b2:4f:
58:b4:5f:eb:8c:fd:de:0c:35:8c:9c:0f:fc:91:a0:
40:80:0b:5d:1d:ec:ab:02:dc:ef:be:09:15:4c:01:
35:bd:79:32:3d:2a:42:48:ab:cd:5b:d0:16:8d:6c:
85:cf:fc:a8:5f:c4:a6:6d:1e:c3:ac:ea:46:fd:37:
45:f1:6a:fd:af:df:78:a7:9b:8a:36:4c:6c:ad:c9:
cf:5e:74:9e:c9:0b:5f:96:47:1e:9d:ee:ce:04:41:
c5:46:19:e9:9d:41:56:73:0d:b6:e2:33:2f:24:57:
b7:ba:2a:8b:44:e8:1e:01:43:86:21:9a:b8:e0:7a:
6e:83:e3:74:11:5a:b9:31:54:4d:be:92:a3:7e:b2:
b5:07:7a:71:6a:da:df:dc:ee:c6:97:67:fe:c2:6a:
2a:97:c5:7d:56:41:d6:08:76:c3:0b:ef:75:7f:1b:
a3:24:39:3a:3e:0e:af:e6:28:53:45:8e:d5:ff:5d:
d9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:37:F6:70:0E:08:CE:AF:7A:56:4E:69:01:9B:63:73:44:CD:DC:43
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/njf2cA4Izq96Vk5pAZtjc0TN3EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.0.34.0/24
194.180.196.0/24
IPv6:
2a0f:7800::/31
Signature Algorithm: sha256WithRSAEncryption
47:2d:6a:34:3a:e4:d9:02:c5:69:89:70:80:e9:38:87:e3:27:
d3:22:29:4c:02:21:68:e8:71:a8:6f:02:8a:f6:d1:7c:26:8d:
83:60:cf:85:c6:74:c0:cb:72:27:54:4d:a0:47:0d:07:fd:40:
ff:6a:4a:ee:1c:16:c8:a1:a8:30:00:a8:cb:a0:0a:94:aa:05:
73:09:b8:db:23:7f:24:57:97:6e:29:1b:7e:38:b5:20:1b:e6:
d8:a5:83:f8:a0:eb:84:93:4c:0c:75:cf:41:25:54:2e:85:a8:
7c:87:13:83:66:b0:d5:17:8a:31:95:05:0d:2f:90:bb:fa:29:
49:bf:d6:83:c0:6e:22:30:e7:38:6d:70:23:67:2f:40:c0:77:
ee:d5:54:ef:0f:20:b3:ad:f3:41:2b:1d:6b:19:85:fe:3d:04:
5d:46:85:1a:30:24:2f:59:c7:53:6c:da:98:d8:62:10:03:1b:
61:2c:f3:8d:3e:91:84:9d:44:fb:db:0a:1e:23:ab:e8:56:aa:
00:2f:68:5b:52:6c:3b:47:43:fd:90:60:c5:f0:66:26:d5:90:
8c:b1:3d:2f:ae:d4:23:00:ec:04:28:a6:21:1d:39:3d:3b:1e:
36:54:ab:42:31:06:ab:32:24:86:d7:b2:61:47:81:33:02:e4:
97:35:53:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQIu5gbxKBkC9KV9HKqDfQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQxMjI3MTUyODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTM3ZjY3MDBlMDhjZWFmN2E1NjRlNjkwMTliNjM3MzQ0Y2RkYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0LYPet7M2zw9xvmlGWUFMFJXgcy
c+HBUiW0qWfTfM7WRjNCj4Nb+k/rkfFYQ1KcPtn5+Y0cyq1PJbGiiJUjEJuebwkg
OgDSsk9YtF/rjP3eDDWMnA/8kaBAgAtdHeyrAtzvvgkVTAE1vXkyPSpCSKvNW9AW
jWyFz/yoX8SmbR7DrOpG/TdF8Wr9r994p5uKNkxsrcnPXnSeyQtflkcene7OBEHF
RhnpnUFWcw224jMvJFe3uiqLROgeAUOGIZq44Hpug+N0EVq5MVRNvpKjfrK1B3px
atrf3O7Gl2f+wmoql8V9VkHWCHbDC+91fxujJDk6Pg6v5ihTRY7V/13ZDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ439nAOCM6velZOaQGbY3NEzdxDMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvbmpmMmNBNEl6cTk2Vms1cEFadGpjMFROM0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQAiAwQA
wrTEMA0EAgACMAcDBQEqD3gAMA0GCSqGSIb3DQEBCwUAA4IBAQBHLWo0OuTZAsVp
iXCA6TiH4yfTIilMAiFo6HGobwKK9tF8Jo2DYM+FxnTAy3InVE2gRw0H/UD/akru
HBbIoagwAKjLoAqUqgVzCbjbI38kV5duKRt+OLUgG+bYpYP4oOuEk0wMdc9BJVQu
hah8hxODZrDVF4oxlQUNL5C7+ilJv9aDwG4iMOc4bXAjZy9AwHfu1VTvDyCzrfNB
Kx1rGYX+PQRdRoUaMCQvWcdTbNqY2GIQAxthLPONPpGEnUT72woeI6voVqoAL2hb
Umw7R0P9kGDF8GYm1ZCMsT0vrtQjAOwEKKYhHTk9Ox42VKtCMQarMiSG17JhR4Ez
AuSXNVMi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:56 2025 by rpki-client