Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nLhvt3A4hk04i7VY27kPSG5Q3SE.roa
File: nLhvt3A4hk04i7VY27kPSG5Q3SE.roa (raw, json)
Hash identifier: 2SEFkDlMyGVKqzAgbqLibuidOS+N8dcHQWODglYxZtU=
Subject key identifier: 9C:B8:6F:B7:70:38:86:4D:38:8B:B5:58:DB:B9:0F:48:6E:50:DD:21
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01856F022D711E1A4CAE06C1069D38267735
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nLhvt3A4hk04i7VY27kPSG5Q3SE.roa
Signing time: Sun 01 Jan 2023 20:24:51 +0000
ROA not before: Sun 01 Jan 2023 20:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 62.112.30.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2d:71:1e:1a:4c:ae:06:c1:06:9d:38:26:77:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 20:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cb86fb77038864d388bb558dbb90f486e50dd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:f6:ff:c5:61:78:ee:5b:35:7f:c2:b6:e9:
3a:aa:57:04:26:55:1f:01:02:66:ef:e7:81:0a:81:
6a:d2:70:24:a5:79:fe:b6:3e:1b:b3:c7:40:eb:c7:
fa:65:b6:f1:ab:a8:4b:a6:92:d0:2c:3e:ec:d4:f0:
b3:37:6c:3f:6a:2d:30:27:06:9b:05:22:f5:50:bf:
44:cb:cf:0f:39:81:19:92:48:3f:e2:33:d4:58:bd:
db:50:e3:10:9f:84:19:0c:a3:a7:36:f2:f0:5c:9e:
93:b4:c2:af:12:b8:25:1e:8e:51:43:34:51:05:54:
2c:97:e2:3d:ba:23:c2:95:f3:ec:80:9b:4d:c1:83:
66:08:b6:90:76:d2:e7:bf:70:14:96:4e:f0:98:4f:
11:98:b7:1e:d9:5e:de:2c:ed:11:a5:94:70:23:85:
2c:ce:3a:41:8c:75:e9:e9:4b:a4:1c:2f:ec:f3:9b:
d8:e2:be:8b:1d:63:53:c2:4d:da:47:81:9b:8d:1b:
82:26:ba:9c:c2:8a:de:01:d9:2f:60:94:4f:3f:73:
bb:38:6a:5f:15:17:ee:6c:56:db:2f:10:24:6a:bd:
43:d1:64:8e:73:4c:6b:c9:2b:79:3f:1c:92:94:db:
6e:8b:df:9e:5c:b7:e9:cb:ec:82:d9:33:9b:79:41:
8a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B8:6F:B7:70:38:86:4D:38:8B:B5:58:DB:B9:0F:48:6E:50:DD:21
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/nLhvt3A4hk04i7VY27kPSG5Q3SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.30.0/24
89.34.171.0/24
176.223.181.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0e:18:5b:e9:89:d8:4a:f0:a6:ca:fa:2c:0c:ad:24:a0:04:
51:96:a3:e7:9c:67:fe:06:7b:65:a8:93:b9:bb:93:cc:85:12:
8f:3f:fd:6a:43:1c:2a:19:39:03:d2:4c:6a:73:3e:8d:5b:d4:
c9:86:bf:cd:d2:cf:3d:57:2d:42:5d:da:b8:39:a4:d8:aa:a2:
6e:16:fd:84:d5:d7:56:94:5b:41:de:48:54:44:b1:26:4e:6a:
ad:e0:48:95:9c:e8:ef:91:f0:5d:8c:38:66:37:52:45:e3:7b:
6d:3c:c0:fc:86:7e:69:a5:d0:d8:1e:1b:77:21:af:2f:e1:49:
03:e9:81:d0:ad:58:34:86:ba:33:cb:63:eb:62:ca:54:d6:61:
5b:10:a1:3c:57:f8:b7:96:88:42:3f:81:10:8e:e9:1c:a5:6b:
64:94:56:6c:30:a6:47:7d:cc:15:94:98:a9:51:c1:fd:2e:0a:
9e:e3:3e:26:cd:a7:c8:23:2e:70:c9:a8:94:5f:98:87:63:0d:
5e:ab:0d:0a:f6:e7:cd:b6:7c:2f:fb:2d:61:af:db:c3:44:0d:
12:c8:65:ad:e7:98:fb:ed:b0:44:52:82:e8:ad:fc:3e:44:6a:
72:53:a4:55:43:6a:88:99:78:42:90:96:98:f9:b2:31:fc:b0:
a7:74:6e:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvAi1xHhpMrgbBBp04Jnc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAxMjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I4NmZiNzcwMzg4NjRkMzg4YmI1NThkYmI5MGY0ODZlNTBkZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskr2/8VheO5bNX/Ctuk6qlcEJlUf
AQJm7+eBCoFq0nAkpXn+tj4bs8dA68f6Zbbxq6hLppLQLD7s1PCzN2w/ai0wJwab
BSL1UL9Ey88POYEZkkg/4jPUWL3bUOMQn4QZDKOnNvLwXJ6TtMKvErglHo5RQzRR
BVQsl+I9uiPClfPsgJtNwYNmCLaQdtLnv3AUlk7wmE8RmLce2V7eLO0RpZRwI4Us
zjpBjHXp6UukHC/s85vY4r6LHWNTwk3aR4GbjRuCJrqcworeAdkvYJRPP3O7OGpf
FRfubFbbLxAkar1D0WSOc0xrySt5PxySlNtui9+eXLfpy+yC2TObeUGKOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJy4b7dwOIZNOIu1WNu5D0huUN0hMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbkxodnQzQTRoazA0aTdWWTI3a1BTRzVRM1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPnAeAwQA
WSKrAwQAsN+1AwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQARDhhb6YnYSvCmyvos
DK0koARRlqPnnGf+BntlqJO5u5PMhRKPP/1qQxwqGTkD0kxqcz6NW9TJhr/N0s89
Vy1CXdq4OaTYqqJuFv2E1ddWlFtB3khURLEmTmqt4EiVnOjvkfBdjDhmN1JF43tt
PMD8hn5ppdDYHht3Ia8v4UkD6YHQrVg0hrozy2PrYspU1mFbEKE8V/i3lohCP4EQ
jukcpWtklFZsMKZHfcwVlJipUcH9Lgqe4z4mzafIIy5wyaiUX5iHYw1eqw0K9ufN
tnwv+y1hr9vDRA0SyGWt55j77bBEUoLorfw+RGpyU6RVQ2qImXhCkJaY+bIx/LCn
dG7y
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:54 2025 by rpki-client