Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NsU1C1OkyIYliMV-YQajnM8kUOg.roa
File: NsU1C1OkyIYliMV-YQajnM8kUOg.roa (raw, json)
Hash identifier: EIKK2keBPivFVm6F5Pvx6iWMbvLxqx5Mnwr+9j6Qr6s=
Subject key identifier: 36:C5:35:0B:53:A4:C8:86:25:88:C5:7E:61:06:A3:9C:CF:24:50:E8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748465540017FF4EB58A9C9EB45334A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NsU1C1OkyIYliMV-YQajnM8kUOg.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25417
IP address blocks: 194.103.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:46:55:40:01:7f:f4:eb:58:a9:c9:eb:45:33:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36c5350b53a4c8862588c57e6106a39ccf2450e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:49:e5:c5:26:9b:a0:7f:3e:1c:e1:84:1b:
2b:f9:81:70:4e:6f:6a:0b:de:39:c6:3c:92:41:e7:
c1:79:98:52:2e:c5:cc:0c:cb:88:d5:77:f8:2c:19:
12:8e:b9:b5:01:62:1c:f6:45:3b:c0:a2:de:6e:22:
45:4a:c1:42:f7:42:b3:58:83:e4:17:fe:23:ad:78:
16:94:46:b2:fc:db:5d:9e:b9:56:88:ca:cc:b9:7c:
6b:71:e3:f9:af:6b:11:b4:29:19:23:36:a6:3f:62:
75:89:73:86:6d:17:b8:01:cd:62:9e:dd:76:f3:91:
e6:fd:db:b5:06:11:55:a0:e0:c0:13:98:b4:0a:65:
f3:e4:c2:49:9c:5b:cc:60:c2:81:d0:89:f3:2f:43:
61:11:46:68:f8:9c:8e:81:62:b7:6c:d9:89:c7:7e:
5e:a9:f2:ce:da:d1:24:b4:81:64:50:b9:5e:5f:5f:
a6:cd:64:58:aa:3f:63:4a:6f:a9:6c:5f:7f:2c:2f:
19:95:bb:5f:b6:4a:98:94:27:82:b9:31:f5:82:68:
9b:b3:d6:1c:1a:fe:09:27:04:3a:28:cd:23:20:12:
ab:18:d7:a1:65:78:a2:07:fb:07:ef:ec:b1:e5:e9:
30:e2:48:ea:d9:66:41:60:53:4d:7d:a4:9a:7e:57:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C5:35:0B:53:A4:C8:86:25:88:C5:7E:61:06:A3:9C:CF:24:50:E8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NsU1C1OkyIYliMV-YQajnM8kUOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.103.35.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d4:2b:a4:b1:a2:91:53:54:47:42:df:39:83:d7:be:01:de:
b7:5f:2f:ab:17:f7:43:83:50:26:86:70:bd:e9:b6:3f:fd:e1:
6a:cd:a0:69:32:6e:a7:ab:e6:68:e0:c9:38:97:95:3b:c3:91:
c5:dd:a6:4b:04:fc:5e:ac:e3:6f:81:a3:10:52:3c:43:76:9a:
4f:95:fd:e6:30:62:67:b0:17:4c:2b:ec:07:78:52:c9:0a:a1:
59:e6:e0:1c:0a:e1:36:de:83:5d:00:9e:5d:8c:d8:26:e3:23:
9a:53:cc:de:36:71:10:99:49:98:cf:e2:f8:ac:04:80:eb:9a:
07:bc:dc:fb:82:e5:0f:4a:63:81:07:97:13:5f:f5:b1:94:e7:
42:d4:d0:01:92:38:7f:c6:6b:69:da:2e:58:ae:e5:60:f5:ef:
3d:2f:ee:2c:64:c3:2f:4f:53:bd:c8:49:86:ef:aa:6f:61:57:
47:37:97:b7:61:7d:06:1a:28:0a:f8:88:e0:12:4c:09:08:5d:
8b:8f:b8:3d:ab:1b:2b:e7:13:fc:f7:ab:72:c7:0d:47:27:65:
2f:95:1f:b9:28:05:33:8d:75:7f:11:c3:78:d5:3b:52:6b:c9:
cc:62:90:21:bf:d3:e0:79:ed:32:82:84:46:d7:1b:ac:1e:ff:
4e:3f:d4:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSEZVQAF/9OtYqcnrRTNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmM1MzUwYjUzYTRjODg2MjU4OGM1N2U2MTA2YTM5Y2NmMjQ1MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucZJ5cUmm6B/PhzhhBsr+YFwTm9q
C945xjySQefBeZhSLsXMDMuI1Xf4LBkSjrm1AWIc9kU7wKLebiJFSsFC90KzWIPk
F/4jrXgWlEay/NtdnrlWiMrMuXxrceP5r2sRtCkZIzamP2J1iXOGbRe4Ac1int12
85Hm/du1BhFVoODAE5i0CmXz5MJJnFvMYMKB0InzL0NhEUZo+JyOgWK3bNmJx35e
qfLO2tEktIFkULleX1+mzWRYqj9jSm+pbF9/LC8ZlbtftkqYlCeCuTH1gmibs9Yc
Gv4JJwQ6KM0jIBKrGNehZXiiB/sH7+yx5ekw4kjq2WZBYFNNfaSaflcJCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbFNQtTpMiGJYjFfmEGo5zPJFDoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTnNVMUMxT2t5SVlsaU1WLVlRYWpuTThrVU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmcjMA0G
CSqGSIb3DQEBCwUAA4IBAQBz1CuksaKRU1RHQt85g9e+Ad63Xy+rF/dDg1AmhnC9
6bY//eFqzaBpMm6nq+Zo4Mk4l5U7w5HF3aZLBPxerONvgaMQUjxDdppPlf3mMGJn
sBdMK+wHeFLJCqFZ5uAcCuE23oNdAJ5djNgm4yOaU8zeNnEQmUmYz+L4rASA65oH
vNz7guUPSmOBB5cTX/WxlOdC1NABkjh/xmtp2i5YruVg9e89L+4sZMMvT1O9yEmG
76pvYVdHN5e3YX0GGigK+IjgEkwJCF2Lj7g9qxsr5xP896tyxw1HJ2UvlR+5KAUz
jXV/EcN41TtSa8nMYpAhv9Pgee0ygoRG1xusHv9OP9Qk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:17 2025 by rpki-client