Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/b7de46-60d9-48a1-9285-f21848fda61d/1/NlkxqBeC_ReQ_TBlw-QpiIXBRh4.roa
File: NlkxqBeC_ReQ_TBlw-QpiIXBRh4.roa (raw, json)
Hash identifier: WGe/LPiBGNVk2kIoBdtfyq3zdaI5kQ5l5G/+I1tYg9M=
Subject key identifier: 36:59:31:A8:17:82:FD:17:90:FD:30:65:C3:E4:29:88:85:C1:46:1E
Certificate issuer: /CN=2cac38240bfa5ddafe861328d174c9fd7a4ec761
Certificate serial: 7BAADA
Authority key identifier: 2C:AC:38:24:0B:FA:5D:DA:FE:86:13:28:D1:74:C9:FD:7A:4E:C7:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKw4JAv6Xdr-hhMo0XTJ_XpOx2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/b7de46-60d9-48a1-9285-f21848fda61d/1/NlkxqBeC_ReQ_TBlw-QpiIXBRh4.roa
Signing time: Sat 01 Jan 2022 00:57:21 +0000
ROA not before: Sat 01 Jan 2022 00:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.52.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8104666 (0x7baada)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac38240bfa5ddafe861328d174c9fd7a4ec761
Validity
Not Before: Jan 1 00:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365931a81782fd1790fd3065c3e4298885c1461e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c5:b1:f7:db:20:50:07:1a:be:5c:85:ef:65:
d6:ae:38:e6:1f:92:b3:4b:42:39:26:68:17:2b:0a:
9b:f0:03:ae:42:78:61:98:0a:2e:7f:e2:4d:b2:d9:
62:ed:d3:d6:3e:e3:9c:39:4a:f6:52:0b:fa:05:a1:
6e:33:d0:14:bf:c4:44:fd:26:91:79:1c:9e:c8:09:
ba:17:7c:fb:89:bf:2f:11:b4:a9:74:73:e2:04:9b:
b1:4a:fd:53:ce:b5:64:77:86:52:95:ac:17:3a:ec:
d3:fe:06:84:53:cb:8a:19:dc:b2:22:00:17:5d:f0:
ed:3f:32:28:59:be:a9:8f:8c:13:72:c0:11:1f:04:
16:b8:70:97:69:bd:b4:a6:a2:95:4f:06:d8:e0:d1:
68:c3:3c:c5:b3:5f:8d:f5:f6:13:4b:ee:18:56:72:
26:37:ac:4c:ad:be:e2:7e:5e:b6:5c:95:03:49:ed:
7b:4a:0a:33:4e:1a:3c:08:c6:02:69:6a:39:9e:c8:
eb:f1:28:4b:d1:a3:f9:9e:24:00:e4:af:0a:3d:90:
90:ca:73:bb:ba:9c:58:b1:ae:2d:8e:2e:91:29:8a:
4b:66:9a:70:49:aa:f9:65:07:4c:7a:22:bd:99:0b:
68:f7:91:b2:83:23:cb:18:cf:39:ab:2d:ec:f3:47:
57:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:59:31:A8:17:82:FD:17:90:FD:30:65:C3:E4:29:88:85:C1:46:1E
X509v3 Authority Key Identifier:
keyid:2C:AC:38:24:0B:FA:5D:DA:FE:86:13:28:D1:74:C9:FD:7A:4E:C7:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKw4JAv6Xdr-hhMo0XTJ_XpOx2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b7de46-60d9-48a1-9285-f21848fda61d/1/NlkxqBeC_ReQ_TBlw-QpiIXBRh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/b7de46-60d9-48a1-9285-f21848fda61d/1/LKw4JAv6Xdr-hhMo0XTJ_XpOx2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.27.0/24
Signature Algorithm: sha256WithRSAEncryption
31:66:86:db:8b:ac:67:a3:3a:55:ff:fc:ac:2a:92:2e:04:58:
c1:42:33:52:af:1b:25:00:50:60:23:30:e1:97:6d:a1:f0:3c:
15:f6:d8:36:df:1a:37:c1:13:bb:92:11:5d:a1:af:a6:a0:49:
9c:99:a6:c8:91:ba:ad:47:81:22:bb:3e:17:7b:f5:3e:5f:88:
a8:5f:42:9c:ad:64:c3:87:c8:f0:c6:55:8a:f2:2e:1f:92:7b:
73:b1:42:67:8a:a2:94:cc:10:f0:94:23:a1:e2:e6:4b:0a:ff:
82:f9:a6:4e:01:62:b5:e5:98:5c:7b:23:0b:b6:f9:bb:99:bb:
6f:e4:a8:fb:bc:58:62:de:ab:04:e2:43:ee:76:a2:73:6e:7d:
84:61:f6:21:1a:1a:a3:bc:b0:de:96:99:96:73:df:82:1b:b5:
51:7d:57:49:c5:73:bd:d4:75:6a:fc:05:cf:03:f3:bd:3e:e9:
19:27:15:cc:7d:0f:b9:d6:ae:2d:ed:39:80:e2:a5:66:21:07:
9b:c3:97:4a:5f:43:5a:a3:a7:df:9a:73:5f:d0:c8:21:f9:9c:
61:c6:3a:2e:18:b2:1d:66:51:26:34:23:d7:38:0a:ca:db:13:
0a:71:db:12:12:44:01:69:49:a5:97:f0:7f:ce:04:3e:b1:7a:
54:36:d3:24
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDe6raMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJj
YWMzODI0MGJmYTVkZGFmZTg2MTMyOGQxNzRjOWZkN2E0ZWM3NjEwHhcNMjIwMTAx
MDA1NzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNjU5MzFhODE3ODJm
ZDE3OTBmZDMwNjVjM2U0Mjk4ODg1YzE0NjFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5sWx99sgUAcavlyF72XWrjjmH5KzS0I5JmgXKwqb8AOuQnhh
mAouf+JNstli7dPWPuOcOUr2Ugv6BaFuM9AUv8RE/SaReRyeyAm6F3z7ib8vEbSp
dHPiBJuxSv1TzrVkd4ZSlawXOuzT/gaEU8uKGdyyIgAXXfDtPzIoWb6pj4wTcsAR
HwQWuHCXab20pqKVTwbY4NFowzzFs1+N9fYTS+4YVnImN6xMrb7ifl62XJUDSe17
SgozTho8CMYCaWo5nsjr8ShL0aP5niQA5K8KPZCQynO7upxYsa4tji6RKYpLZppw
Sar5ZQdMeiK9mQto95GygyPLGM85qy3s80dXXwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDZZMagXgv0XkP0wZcPkKYiFwUYeMB8GA1UdIwQYMBaAFCysOCQL+l3a/oYT
KNF0yf16TsdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TEt3NEpBdjZYZHItaGhNbzBYVEpfWHBPeDJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOS9iN2RlNDYtNjBkOS00OGExLTkyODUtZjIxODQ4ZmRhNjFkLzEv
TmxreHFCZUNfUmVRX1RCbHctUXBpSVhCUmg0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9i
N2RlNDYtNjBkOS00OGExLTkyODUtZjIxODQ4ZmRhNjFkLzEvTEt3NEpBdjZYZHIt
aGhNbzBYVEpfWHBPeDJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQbMA0GCSqGSIb3DQEBCwUAA4IB
AQAxZobbi6xnozpV//ysKpIuBFjBQjNSrxslAFBgIzDhl22h8DwV9tg23xo3wRO7
khFdoa+moEmcmabIkbqtR4Eiuz4Xe/U+X4ioX0KcrWTDh8jwxlWK8i4fkntzsUJn
iqKUzBDwlCOh4uZLCv+C+aZOAWK15ZhceyMLtvm7mbtv5Kj7vFhi3qsE4kPudqJz
bn2EYfYhGhqjvLDelpmWc9+CG7VRfVdJxXO91HVq/AXPA/O9PukZJxXMfQ+51q4t
7TmA4qVmIQebw5dKX0Nao6ffmnNf0Mgh+ZxhxjouGLIdZlEmNCPXOArK2xMKcdsS
EkQBaUmll/B/zgQ+sXpUNtMk
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:16 2025 by rpki-client