Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/nHrM02aOl7np7HTV5CMPoVNAWkM.roa
File: nHrM02aOl7np7HTV5CMPoVNAWkM.roa (raw, json)
Hash identifier: 4NP6IapzNt08D0fFT9F7OdNfYH2636EIT1La1znem/0=
Subject key identifier: 9C:7A:CC:D3:66:8E:97:B9:E9:EC:74:D5:E4:23:0F:A1:53:40:5A:43
Certificate issuer: /CN=0aa4667fc501352fbed17e47168c4687d775623f
Certificate serial: 0188CC51F7236F35D0AF9DCE76752F50EAB9
Authority key identifier: 0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/nHrM02aOl7np7HTV5CMPoVNAWkM.roa
Signing time: Sun 18 Jun 2023 02:25:03 +0000
ROA not before: Sun 18 Jun 2023 02:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.26.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cc:51:f7:23:6f:35:d0:af:9d:ce:76:75:2f:50:ea:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aa4667fc501352fbed17e47168c4687d775623f
Validity
Not Before: Jun 18 02:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c7accd3668e97b9e9ec74d5e4230fa153405a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7d:60:c2:33:e7:db:3b:ec:68:3b:65:de:28:
1b:06:7d:b7:c7:df:54:7d:ca:59:27:49:05:f0:ba:
46:37:bf:ba:5b:6a:30:50:3a:69:fe:7c:fd:36:60:
31:d9:93:20:ed:a5:41:0e:93:f4:ed:32:d1:21:ef:
a3:a6:8a:f6:fc:d0:40:bb:8f:6e:6b:fa:8c:fb:98:
d3:8c:7f:d4:4b:9e:df:64:5b:69:a9:ce:72:91:83:
57:47:19:f9:e9:df:ea:a4:08:2a:b6:c0:b7:eb:9a:
a3:71:98:fc:04:3b:79:0d:d1:c9:ce:43:68:9d:4b:
0a:32:c3:d8:f0:e9:97:46:ee:1a:00:45:29:8d:cf:
2a:19:a6:5b:24:bb:07:04:94:3c:6d:40:10:6c:bc:
9f:f7:c7:09:8a:c4:51:cc:08:1b:59:4f:14:9c:20:
e7:85:53:db:bf:c5:70:7b:7c:ec:62:73:88:66:53:
da:c5:af:2b:e7:d4:ec:5d:ee:69:46:eb:3c:48:d3:
3e:78:7e:d8:82:e0:c2:25:44:84:cc:a0:b5:0e:c3:
dc:8f:e2:5f:ca:d0:ec:01:33:2b:74:5d:59:c7:b1:
53:02:f7:b7:d4:53:0d:51:af:e6:19:d4:12:ad:68:
ae:ce:6a:9b:ab:04:3f:bc:fa:11:1a:12:a1:98:11:
df:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7A:CC:D3:66:8E:97:B9:E9:EC:74:D5:E4:23:0F:A1:53:40:5A:43
X509v3 Authority Key Identifier:
keyid:0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/nHrM02aOl7np7HTV5CMPoVNAWkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/CqRmf8UBNS--0X5HFoxGh9d1Yj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.119.0/24
Signature Algorithm: sha256WithRSAEncryption
58:3d:42:a5:47:ad:d6:66:fa:d2:c9:96:bc:16:a5:97:21:ff:
9e:4d:04:59:8d:35:37:47:e7:ba:09:be:ec:44:ca:3d:0c:9b:
98:dd:4c:24:fb:0f:97:ad:a8:b8:f8:64:8c:68:80:de:11:cd:
36:21:2e:0e:59:61:88:27:2a:f8:e6:60:19:ae:40:4a:dc:3a:
75:92:21:6a:c5:ea:70:ab:d9:e7:a0:a6:dd:9d:58:33:72:33:
2b:c8:35:bf:eb:4b:08:7d:61:d4:b2:c9:f8:8a:6a:a2:dd:50:
21:34:4a:0d:fc:d9:27:a8:cb:88:e6:5e:b4:bd:83:d4:c6:61:
77:9f:a7:a2:8b:bc:09:a9:f7:0c:b7:07:6c:c4:4f:e2:21:35:
9d:2a:2f:62:bc:6e:04:de:b0:e3:f5:07:2d:b6:6b:1b:8c:0e:
46:ae:6e:ae:9c:fd:05:e9:1f:77:9a:9e:e7:47:7b:e5:db:bf:
92:8e:79:d7:86:15:b3:6a:29:cf:fd:b6:c5:e5:6d:62:b2:16:
1a:6d:a3:0c:2a:c5:77:63:c4:50:ae:f4:a3:83:6c:34:da:61:
57:6c:ca:76:4f:e7:bd:81:c2:68:aa:34:1a:fe:47:ce:fd:c5:
fc:b2:78:23:6c:a1:c0:de:37:fa:0a:54:21:f4:1b:dc:40:b3:
f0:9c:2a:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjMUfcjbzXQr53OdnUvUOq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYTQ2NjdmYzUwMTM1MmZiZWQxN2U0NzE2OGM0Njg3ZDc3
NTYyM2YwHhcNMjMwNjE4MDIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdhY2NkMzY2OGU5N2I5ZTllYzc0ZDVlNDIzMGZhMTUzNDA1YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA431gwjPn2zvsaDtl3igbBn23x99U
fcpZJ0kF8LpGN7+6W2owUDpp/nz9NmAx2ZMg7aVBDpP07TLRIe+jpor2/NBAu49u
a/qM+5jTjH/US57fZFtpqc5ykYNXRxn56d/qpAgqtsC365qjcZj8BDt5DdHJzkNo
nUsKMsPY8OmXRu4aAEUpjc8qGaZbJLsHBJQ8bUAQbLyf98cJisRRzAgbWU8UnCDn
hVPbv8Vwe3zsYnOIZlPaxa8r59TsXe5pRus8SNM+eH7YguDCJUSEzKC1DsPcj+Jf
ytDsATMrdF1Zx7FTAve31FMNUa/mGdQSrWiuzmqbqwQ/vPoRGhKhmBHfGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJx6zNNmjpe56ex01eQjD6FTQFpDMB8GA1UdIwQY
MBaAFAqkZn/FATUvvtF+RxaMRofXdWI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3FSbWY4VUJOUy0tMFg1SEZveEdoOWQxWWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iNDFmNjMtNjViOS00MDNiLWEwNjct
NDAyMGE0ODk4M2IzLzEvbkhyTTAyYU9sN25wN0hUVjVDTVBvVk5BV2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iNDFmNjMtNjViOS00MDNiLWEwNjctNDAyMGE0ODk4M2Iz
LzEvQ3FSbWY4VUJOUy0tMFg1SEZveEdoOWQxWWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhp3MA0G
CSqGSIb3DQEBCwUAA4IBAQBYPUKlR63WZvrSyZa8FqWXIf+eTQRZjTU3R+e6Cb7s
RMo9DJuY3Uwk+w+Xrai4+GSMaIDeEc02IS4OWWGIJyr45mAZrkBK3Dp1kiFqxepw
q9nnoKbdnVgzcjMryDW/60sIfWHUssn4imqi3VAhNEoN/NknqMuI5l60vYPUxmF3
n6eii7wJqfcMtwdsxE/iITWdKi9ivG4E3rDj9QcttmsbjA5Grm6unP0F6R93mp7n
R3vl27+SjnnXhhWzainP/bbF5W1ishYabaMMKsV3Y8RQrvSjg2w02mFXbMp2T+e9
gcJoqjQa/kfO/cX8sngjbKHA3jf6ClQh9BvcQLPwnCpr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:50 2025 by rpki-client