Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/NXvcTwroDF3spTt_ufJ7XNAcadA.roa
File: NXvcTwroDF3spTt_ufJ7XNAcadA.roa (raw, json)
Hash identifier: cTQM9kAFb0qT4o3TN1NF5t5STqasLxIG++C2qeTUp0I=
Subject key identifier: 35:7B:DC:4F:0A:E8:0C:5D:EC:A5:3B:7F:B9:F2:7B:5C:D0:1C:69:D0
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBCD20A3D0DA1BEF4850387CC898DA
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/NXvcTwroDF3spTt_ufJ7XNAcadA.roa
Signing time: Wed 01 Jan 2025 17:48:34 +0000
ROA not before: Wed 01 Jan 2025 17:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396587
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:cd:20:a3:d0:da:1b:ef:48:50:38:7c:c8:98:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=357bdc4f0ae80c5deca53b7fb9f27b5cd01c69d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2d:8f:d0:63:46:81:34:0b:94:88:a8:ab:43:
8e:64:51:aa:2f:7a:9f:51:52:b0:a4:4d:28:38:77:
f3:e7:00:5c:9f:6f:7c:64:52:e2:93:dc:52:1f:bb:
d9:ef:17:4c:18:6c:d3:5c:a2:53:35:91:66:22:b2:
1c:08:4a:41:b4:73:82:21:1e:da:6a:ee:05:1d:97:
fa:26:19:28:84:4d:ea:45:3e:11:00:e6:8a:f3:a4:
be:4a:50:d3:ee:89:dc:89:55:e5:77:a8:50:ad:2e:
cd:5d:67:51:d6:55:2f:c8:c4:32:79:7a:2b:d6:2c:
cb:3b:a1:8f:43:92:7b:71:11:ac:82:89:6b:6f:8a:
7c:ee:1f:42:9a:eb:f2:17:ac:25:69:91:46:39:b0:
2e:f6:10:2e:67:95:f0:9b:56:95:5d:f7:71:97:f1:
99:42:f7:a9:41:88:8e:9a:4f:f4:bd:35:98:41:0e:
23:23:11:a2:50:da:60:b4:41:2b:a7:97:a5:81:85:
fe:0c:2d:12:5a:7a:f4:df:4c:f4:13:21:4c:fd:12:
9e:54:67:01:ba:87:ac:20:c8:23:d3:42:c2:38:31:
4a:02:e9:83:f8:7f:9c:c1:d5:1e:0b:8c:a0:9b:4c:
3f:87:b0:1f:88:67:c6:89:79:d2:f7:0e:13:11:53:
b6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7B:DC:4F:0A:E8:0C:5D:EC:A5:3B:7F:B9:F2:7B:5C:D0:1C:69:D0
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/NXvcTwroDF3spTt_ufJ7XNAcadA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
27:aa:40:9e:da:a0:53:84:d1:11:bf:90:dc:47:5c:91:e5:93:
50:05:5b:7f:6f:17:a6:3a:c6:92:47:d6:c6:3d:2d:ff:64:35:
5e:b4:b0:a4:26:6c:8b:35:12:69:e2:37:a4:6b:40:40:a7:7e:
92:31:56:dd:43:5a:60:7e:a9:b2:bc:85:26:90:e9:47:ef:97:
5e:41:d6:42:3b:fe:71:ca:f9:26:8e:01:54:c8:f3:43:52:31:
85:dc:76:e3:7b:4c:0f:c9:66:89:92:dc:e7:19:79:23:8a:ed:
0a:ee:67:32:ee:93:0a:32:2e:d2:29:b2:63:8a:55:37:83:11:
e1:02:80:18:88:94:03:96:8d:8e:ca:1f:10:28:e4:52:82:56:
da:ff:6d:d1:f0:4d:dc:c0:f1:49:3c:29:8e:5b:fe:78:1e:74:
0e:d5:20:c5:2b:a5:73:3b:c0:9f:c2:62:cc:0b:8d:e8:85:98:
36:ba:e6:bb:8e:cb:79:3e:4b:e0:83:d0:cf:90:0e:a4:a8:4e:
c8:76:a2:ae:29:90:18:97:4d:51:bd:f9:d9:1c:d1:69:06:dd:
bb:5d:7a:03:44:26:23:03:01:81:20:e9:f7:c7:40:67:89:44:
10:e3:09:28:16:8c:2b:9f:45:d6:cf:17:46:28:23:a4:19:6e:
49:5e:d9:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+80go9DaG+9IUDh8yJjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdiZGM0ZjBhZTgwYzVkZWNhNTNiN2ZiOWYyN2I1Y2QwMWM2OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS2P0GNGgTQLlIioq0OOZFGqL3qf
UVKwpE0oOHfz5wBcn298ZFLik9xSH7vZ7xdMGGzTXKJTNZFmIrIcCEpBtHOCIR7a
au4FHZf6JhkohE3qRT4RAOaK86S+SlDT7onciVXld6hQrS7NXWdR1lUvyMQyeXor
1izLO6GPQ5J7cRGsgolrb4p87h9CmuvyF6wlaZFGObAu9hAuZ5Xwm1aVXfdxl/GZ
QvepQYiOmk/0vTWYQQ4jIxGiUNpgtEErp5elgYX+DC0SWnr030z0EyFM/RKeVGcB
uoesIMgj00LCODFKAumD+H+cwdUeC4ygm0w/h7AfiGfGiXnS9w4TEVO2UwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDV73E8K6Axd7KU7f7nye1zQHGnQMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvTlh2Y1R3cm9ERjNzcFR0X3VmSjdYTkFjYWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBACeqQJ7aoFOE0RG/kNxHXJHlk1AFW39v
F6Y6xpJH1sY9Lf9kNV60sKQmbIs1EmniN6RrQECnfpIxVt1DWmB+qbK8hSaQ6Ufv
l15B1kI7/nHK+SaOAVTI80NSMYXcduN7TA/JZomS3OcZeSOK7QruZzLukwoyLtIp
smOKVTeDEeECgBiIlAOWjY7KHxAo5FKCVtr/bdHwTdzA8Uk8KY5b/ngedA7VIMUr
pXM7wJ/CYswLjeiFmDa65ruOy3k+S+CD0M+QDqSoTsh2oq4pkBiXTVG9+dkc0WkG
3btdegNEJiMDAYEg6ffHQGeJRBDjCSgWjCufRdbPF0YoI6QZbkle2c4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:24 2025 by rpki-client