Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/NSppdy32pK0kuht35Ks5xIRdV5s.roa
File: NSppdy32pK0kuht35Ks5xIRdV5s.roa (raw, json)
Hash identifier: e3lqo49PNkPXZsVtpcSw5P8QfGbIbaYvIeXnhh1mWBY=
Subject key identifier: 35:2A:69:77:2D:F6:A4:AD:24:BA:1B:77:E4:AB:39:C4:84:5D:57:9B
Certificate issuer: /CN=926c98b51061f340cce4e0b4ce361ce34abc2fce
Certificate serial: 0194228E3E9A872B43D1E89063E779A7D98E
Authority key identifier: 92:6C:98:B5:10:61:F3:40:CC:E4:E0:B4:CE:36:1C:E3:4A:BC:2F:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmyYtRBh80DM5OC0zjYc40q8L84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/NSppdy32pK0kuht35Ks5xIRdV5s.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59945
IP address blocks: 91.224.46.0/24 maxlen: 24
91.224.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3e:9a:87:2b:43:d1:e8:90:63:e7:79:a7:d9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926c98b51061f340cce4e0b4ce361ce34abc2fce
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=352a69772df6a4ad24ba1b77e4ab39c4845d579b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ee:6b:54:1c:b2:41:38:bd:44:b5:4b:54:d7:
fe:58:6e:79:39:b0:df:8f:04:af:b6:2a:29:0d:2d:
18:45:70:1f:38:93:3c:bd:46:b7:7b:54:66:f3:c4:
dd:44:6d:7d:0f:5a:d0:d1:bd:0d:11:7b:6e:5f:fd:
ab:71:dd:74:55:ad:e6:84:33:09:dd:af:86:26:09:
e1:26:03:79:d2:7b:a6:38:46:ad:cd:0a:28:66:0e:
06:77:2d:72:3d:c6:71:ee:04:64:28:87:fe:b3:b2:
2c:1a:95:27:5e:7e:77:79:74:5d:85:8f:75:7a:6a:
32:43:88:b7:1f:4a:25:ec:2d:56:98:d8:b3:25:61:
1e:1a:51:fd:67:a5:8b:ac:8a:a1:87:50:82:a2:1f:
4e:b7:c5:e1:9b:61:c8:84:a8:35:b8:87:ca:d0:2c:
89:78:ef:69:27:08:9d:5c:9d:dc:2b:ce:ec:28:b8:
a5:75:bf:57:b6:69:24:79:26:c9:c5:31:c3:86:18:
9e:6f:2f:96:5b:22:aa:30:9b:a6:9a:bc:6f:16:04:
38:2d:9f:8f:b4:1b:a5:95:35:7f:b9:4e:fa:06:e2:
e7:f8:c0:aa:f2:59:c9:96:ab:ed:98:81:05:9c:c8:
e7:4b:b1:0d:93:c0:72:cf:b8:e6:d0:8e:a8:60:a3:
fc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2A:69:77:2D:F6:A4:AD:24:BA:1B:77:E4:AB:39:C4:84:5D:57:9B
X509v3 Authority Key Identifier:
keyid:92:6C:98:B5:10:61:F3:40:CC:E4:E0:B4:CE:36:1C:E3:4A:BC:2F:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmyYtRBh80DM5OC0zjYc40q8L84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/NSppdy32pK0kuht35Ks5xIRdV5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05159a-4529-48fa-95e9-dc76feca94bf/1/kmyYtRBh80DM5OC0zjYc40q8L84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.46.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:c1:96:3a:78:d4:7b:15:df:3a:2e:49:74:8e:6c:d8:1f:a1:
d5:d8:7e:89:d2:08:84:2b:b1:07:b9:29:57:09:4c:68:08:58:
10:33:a4:ea:de:42:d7:35:41:e5:1c:0d:43:bd:18:c6:45:55:
4c:7c:4a:c5:f0:1c:76:67:8e:e3:7b:22:27:98:74:9d:04:d7:
fc:ad:f8:76:9a:df:d4:a4:ab:e3:31:3e:be:e7:9a:7d:71:40:
a2:fa:8f:47:52:1b:78:71:3e:e6:65:95:3e:3a:6e:e4:3f:b8:
d3:37:89:9d:63:3a:12:79:df:95:db:11:da:2f:40:c8:2e:f9:
e8:e5:61:50:6c:df:07:4f:a0:93:57:66:95:c2:53:1c:10:8e:
65:7e:d6:b9:0c:00:dc:6a:67:d6:56:86:97:6c:0a:09:01:22:
07:9b:f2:95:ff:c2:16:ac:fe:09:c7:b0:ba:aa:4c:df:58:74:
ea:a7:3d:2c:3b:5b:b6:ed:42:b0:fa:2b:b2:f4:73:77:e0:6a:
4d:bd:6c:c4:d0:03:54:02:20:dc:7d:ae:79:57:80:50:4e:37:
80:9c:34:32:f8:b2:35:7d:54:db:73:d3:f7:21:e0:d7:60:39:
6a:ae:5f:91:55:a5:4b:b6:cd:9e:ad:65:bc:9e:70:89:1b:a3:
da:0a:17:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijj6ahytD0eiQY+d5p9mOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmM5OGI1MTA2MWYzNDBjY2U0ZTBiNGNlMzYxY2UzNGFi
YzJmY2UwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJhNjk3NzJkZjZhNGFkMjRiYTFiNzdlNGFiMzljNDg0NWQ1NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+5rVByyQTi9RLVLVNf+WG55ObDf
jwSvtiopDS0YRXAfOJM8vUa3e1Rm88TdRG19D1rQ0b0NEXtuX/2rcd10Va3mhDMJ
3a+GJgnhJgN50numOEatzQooZg4Gdy1yPcZx7gRkKIf+s7IsGpUnXn53eXRdhY91
emoyQ4i3H0ol7C1WmNizJWEeGlH9Z6WLrIqhh1CCoh9Ot8Xhm2HIhKg1uIfK0CyJ
eO9pJwidXJ3cK87sKLildb9XtmkkeSbJxTHDhhieby+WWyKqMJummrxvFgQ4LZ+P
tBullTV/uU76BuLn+MCq8lnJlqvtmIEFnMjnS7ENk8Byz7jm0I6oYKP8NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUqaXct9qStJLobd+SrOcSEXVebMB8GA1UdIwQY
MBaAFJJsmLUQYfNAzOTgtM42HONKvC/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva215WXRSQmg4MERNNU9DMHpqWWM0MHE4TDg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNTE1OWEtNDUyOS00OGZhLTk1ZTkt
ZGM3NmZlY2E5NGJmLzEvTlNwcGR5MzJwSzBrdWh0MzVLczV4SVJkVjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNTE1OWEtNDUyOS00OGZhLTk1ZTktZGM3NmZlY2E5NGJm
LzEva215WXRSQmg4MERNNU9DMHpqWWM0MHE4TDg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+AuMA0G
CSqGSIb3DQEBCwUAA4IBAQAMwZY6eNR7Fd86Lkl0jmzYH6HV2H6J0giEK7EHuSlX
CUxoCFgQM6Tq3kLXNUHlHA1DvRjGRVVMfErF8Bx2Z47jeyInmHSdBNf8rfh2mt/U
pKvjMT6+55p9cUCi+o9HUht4cT7mZZU+Om7kP7jTN4mdYzoSed+V2xHaL0DILvno
5WFQbN8HT6CTV2aVwlMcEI5lfta5DADcamfWVoaXbAoJASIHm/KV/8IWrP4Jx7C6
qkzfWHTqpz0sO1u27UKw+iuy9HN34GpNvWzE0ANUAiDcfa55V4BQTjeAnDQy+LI1
fVTbc9P3IeDXYDlqrl+RVaVLts2erWW8nnCJG6PaChci
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:20 2025 by rpki-client