Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/80f91f-1e4b-49e6-8d13-7cd146500b2d/1/nsMiMZPA9gAx5-3WroCpND5hgHk.roa
File: nsMiMZPA9gAx5-3WroCpND5hgHk.roa (raw, json)
Hash identifier: LGSjiJkAkGJ/PXxonpdneeIWsA2TPApQ0M2tU2szz2w=
Subject key identifier: 9E:C3:22:31:93:C0:F6:00:31:E7:ED:D6:AE:80:A9:34:3E:61:80:79
Certificate issuer: /CN=b1693f1be657fb8c71bcbb9c77be54a9372db045
Certificate serial: 01942747C435E64A7FA9C3ABFCEF1D10F986
Authority key identifier: B1:69:3F:1B:E6:57:FB:8C:71:BC:BB:9C:77:BE:54:A9:37:2D:B0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sWk_G-ZX-4xxvLucd75UqTctsEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/80f91f-1e4b-49e6-8d13-7cd146500b2d/1/nsMiMZPA9gAx5-3WroCpND5hgHk.roa
Signing time: Thu 02 Jan 2025 13:50:02 +0000
ROA not before: Thu 02 Jan 2025 13:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9159
IP address blocks: 193.110.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c4:35:e6:4a:7f:a9:c3:ab:fc:ef:1d:10:f9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1693f1be657fb8c71bcbb9c77be54a9372db045
Validity
Not Before: Jan 2 13:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ec3223193c0f60031e7edd6ae80a9343e618079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:85:39:2d:5d:80:e9:ed:81:3b:87:4e:2d:ad:
8a:7f:e4:2f:aa:a8:63:31:38:8f:29:61:56:e6:e7:
ec:ca:98:25:c5:c8:eb:fb:d0:5d:e0:c8:f4:43:39:
76:38:3f:6b:d0:52:b8:3f:76:4d:40:ad:5f:73:fe:
76:f1:15:09:4a:7c:58:e4:f3:60:f6:18:3a:d8:98:
6a:53:08:ae:26:cf:b7:6b:70:a3:6e:7a:68:a1:e9:
1b:f9:e5:07:f9:01:61:dc:0f:d6:06:3d:3e:66:9c:
6b:3a:73:45:92:e8:f2:8a:90:39:87:e4:e1:74:d1:
ea:00:8b:26:e4:6a:30:68:b6:88:52:de:00:d0:8d:
bb:61:89:0b:b4:ee:ea:f7:6d:0c:b1:c7:1a:7e:4b:
c1:11:1d:ef:d6:56:0b:8f:18:8e:25:48:33:b3:6f:
e6:a1:e2:76:28:c4:c6:0a:81:b2:fb:11:92:02:74:
31:0e:97:d1:0d:c0:89:74:03:e6:b9:90:a1:fb:cf:
ce:87:56:ab:91:6d:9d:02:3a:81:ce:24:ea:6e:12:
07:db:13:e0:ed:7c:4d:60:f3:43:d3:de:29:b1:7f:
de:e8:96:bf:be:ae:fe:7d:3d:2b:7f:f5:ad:86:2f:
91:7c:ff:d6:a7:e7:13:53:ae:17:49:cc:8f:c4:76:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C3:22:31:93:C0:F6:00:31:E7:ED:D6:AE:80:A9:34:3E:61:80:79
X509v3 Authority Key Identifier:
keyid:B1:69:3F:1B:E6:57:FB:8C:71:BC:BB:9C:77:BE:54:A9:37:2D:B0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sWk_G-ZX-4xxvLucd75UqTctsEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/80f91f-1e4b-49e6-8d13-7cd146500b2d/1/nsMiMZPA9gAx5-3WroCpND5hgHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/80f91f-1e4b-49e6-8d13-7cd146500b2d/1/sWk_G-ZX-4xxvLucd75UqTctsEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.152.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:6c:ef:93:6a:97:05:90:0e:c7:a1:3a:2a:1b:b2:79:0b:08:
8e:8b:11:73:43:15:9b:9a:bc:f0:db:b1:ec:2d:00:2f:3c:c1:
8b:30:a8:c3:13:10:05:9a:c4:b3:68:d8:65:a5:8f:e0:8f:ad:
da:22:25:a3:ec:0a:6a:1f:50:6f:e3:9c:6c:fa:50:0e:65:29:
11:3c:3a:77:0d:c0:d9:0e:1f:bd:42:e5:8a:91:28:2a:e9:68:
04:d9:0a:cc:c4:d5:84:b7:4d:41:f1:f3:a8:44:f4:16:c4:03:
77:e7:e0:0d:02:3d:3b:e5:29:e4:12:13:68:0a:27:f9:21:de:
31:dc:8c:c5:76:60:60:13:cc:21:fa:b8:b7:31:3f:8a:33:ca:
41:ba:9b:f3:46:17:cf:65:3d:51:40:99:0a:f7:4d:3a:42:b0:
ed:1b:37:a4:aa:a5:de:81:aa:3d:02:fc:3d:ee:28:3b:1c:ba:
bd:43:06:4d:0e:71:92:d8:19:18:0c:59:50:fd:ed:19:c5:f9:
e6:6b:35:66:47:8a:6c:18:1b:8f:20:91:b2:22:3f:a6:3e:bc:
3b:8d:72:41:d1:e4:ab:58:7c:28:63:1c:b8:83:f1:00:8b:20:
e9:02:76:c4:71:3a:ba:56:c8:10:47:1c:22:fc:48:ba:29:18:
b5:82:44:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR8Q15kp/qcOr/O8dEPmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNjkzZjFiZTY1N2ZiOGM3MWJjYmI5Yzc3YmU1NGE5Mzcy
ZGIwNDUwHhcNMjUwMTAyMTM1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWMzMjIzMTkzYzBmNjAwMzFlN2VkZDZhZTgwYTkzNDNlNjE4MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oU5LV2A6e2BO4dOLa2Kf+Qvqqhj
MTiPKWFW5ufsypglxcjr+9Bd4Mj0Qzl2OD9r0FK4P3ZNQK1fc/528RUJSnxY5PNg
9hg62JhqUwiuJs+3a3Cjbnpooekb+eUH+QFh3A/WBj0+ZpxrOnNFkujyipA5h+Th
dNHqAIsm5GowaLaIUt4A0I27YYkLtO7q920MsccafkvBER3v1lYLjxiOJUgzs2/m
oeJ2KMTGCoGy+xGSAnQxDpfRDcCJdAPmuZCh+8/Oh1arkW2dAjqBziTqbhIH2xPg
7XxNYPND094psX/e6Ja/vq7+fT0rf/Wthi+RfP/Wp+cTU64XScyPxHZJ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7DIjGTwPYAMeft1q6AqTQ+YYB5MB8GA1UdIwQY
MBaAFLFpPxvmV/uMcby7nHe+VKk3LbBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1drX0ctWlgtNHh4dkx1Y2Q3NVVxVGN0c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84MGY5MWYtMWU0Yi00OWU2LThkMTMt
N2NkMTQ2NTAwYjJkLzEvbnNNaU1aUEE5Z0F4NS0zV3JvQ3BORDVoZ0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84MGY5MWYtMWU0Yi00OWU2LThkMTMtN2NkMTQ2NTAwYjJk
LzEvc1drX0ctWlgtNHh4dkx1Y2Q3NVVxVGN0c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW6YMA0G
CSqGSIb3DQEBCwUAA4IBAQA+bO+TapcFkA7HoToqG7J5CwiOixFzQxWbmrzw27Hs
LQAvPMGLMKjDExAFmsSzaNhlpY/gj63aIiWj7ApqH1Bv45xs+lAOZSkRPDp3DcDZ
Dh+9QuWKkSgq6WgE2QrMxNWEt01B8fOoRPQWxAN35+ANAj075SnkEhNoCif5Id4x
3IzFdmBgE8wh+ri3MT+KM8pBupvzRhfPZT1RQJkK9006QrDtGzekqqXegao9Avw9
7ig7HLq9QwZNDnGS2BkYDFlQ/e0ZxfnmazVmR4psGBuPIJGyIj+mPrw7jXJB0eSr
WHwoYxy4g/EAiyDpAnbEcTq6VsgQRxwi/Ei6KRi1gkRr
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:39 2025 by rpki-client