Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/NzMhkwsGLiQZkMoD48sTWCLfAR8.roa
File: NzMhkwsGLiQZkMoD48sTWCLfAR8.roa (raw, json)
Hash identifier: ioMEWo1PIlZKwSVAPB0dgDE+e3+falYLZYlRGwJOPME=
Subject key identifier: 37:33:21:93:0B:06:2E:24:19:90:CA:03:E3:CB:13:58:22:DF:01:1F
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 019424459336A16E7B7A56B5A5ADBA834EC7
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/NzMhkwsGLiQZkMoD48sTWCLfAR8.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12521
IP address blocks: 5.199.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:93:36:a1:6e:7b:7a:56:b5:a5:ad:ba:83:4e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=373321930b062e241990ca03e3cb135822df011f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:89:42:92:f6:af:0b:d8:8e:4d:24:a0:93:eb:
a0:77:19:05:94:e1:79:b4:3c:35:5d:5c:37:cb:f4:
e9:dd:d6:5c:29:84:90:c6:f0:e5:9b:8f:25:f3:b3:
be:91:4a:ed:71:98:5a:82:11:20:ee:6f:e7:95:b3:
c3:5f:d0:57:d4:1e:83:74:78:24:63:d5:94:7b:3b:
ce:26:83:ba:0f:97:9f:b4:87:90:a1:53:5c:e7:7c:
ca:12:89:ce:cd:00:70:6d:05:e3:73:87:1e:c4:53:
19:89:11:f5:7b:34:d0:49:70:ea:04:45:c8:ed:f4:
3d:6c:d8:52:5d:b9:ff:ad:3b:5b:3f:40:46:80:c6:
3f:4e:67:be:3c:d2:17:42:70:11:a4:e7:70:48:2f:
60:f5:f3:bd:62:89:e7:df:0d:6b:20:5e:ba:34:19:
c9:f9:d8:3d:c3:dc:eb:55:85:fb:8d:ff:59:b4:aa:
2c:4f:2e:af:37:ec:bf:ab:d1:6c:e5:a2:b6:dd:6c:
1b:6a:3b:b5:56:3b:57:33:17:4e:d7:ea:3c:f8:53:
0a:74:b1:28:07:a1:77:aa:40:67:6e:2a:bc:ec:03:
1b:ae:fd:4e:e3:3c:21:58:90:25:c9:be:15:8d:86:
98:ab:5f:96:1f:cd:c8:d7:3e:a9:cd:02:7b:fc:ef:
72:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:33:21:93:0B:06:2E:24:19:90:CA:03:E3:CB:13:58:22:DF:01:1F
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/NzMhkwsGLiQZkMoD48sTWCLfAR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.224.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:59:8d:91:52:3c:98:3b:36:8f:0b:90:e2:f7:56:b7:81:5a:
2c:ab:8b:d8:f7:a9:d7:71:7c:52:34:20:29:bc:52:b9:d1:da:
c2:48:a2:53:1b:c8:98:ba:49:44:19:47:0f:a6:75:d2:b4:6a:
d2:10:0d:8e:03:2a:e1:84:14:1d:56:da:6e:2e:a4:41:11:51:
dc:9e:a3:04:ac:44:b4:74:c7:07:d0:78:59:44:4d:03:6f:b3:
bf:85:f9:2a:53:8f:8a:b3:bf:8f:38:dc:0a:58:7e:4b:58:ca:
9f:85:5c:4f:c6:64:ec:5b:12:cf:b9:eb:a2:37:e9:90:4f:cd:
b3:33:45:28:37:f8:ac:62:b2:56:0f:8a:1e:77:e6:ce:b2:af:
fa:b8:f9:15:47:01:c9:af:7d:44:b9:77:35:42:7d:c5:31:52:
11:d7:c4:a0:40:1d:bb:56:c2:2a:bf:1a:c1:c2:80:8b:d2:c4:
66:1d:c8:3c:d0:86:d4:d5:25:d4:c5:0e:6c:1a:82:65:32:cb:
ed:9c:ec:cd:0e:e1:8a:bb:d3:c3:e7:d5:e0:ef:d8:d0:30:71:
54:82:8c:a5:f5:02:10:37:05:9f:9d:15:ec:80:12:c8:dc:b6:
2e:c8:00:9d:5a:de:40:b2:b5:93:19:4a:06:65:63:88:e1:99:
db:07:f5:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRZM2oW57ela1pa26g07HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWE4ODdlNzY1M2EyZGU0NGYxMzE2M2UxODcwMzczMjZh
MjlhMDMwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzMzMjE5MzBiMDYyZTI0MTk5MGNhMDNlM2NiMTM1ODIyZGYwMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4lCkvavC9iOTSSgk+ugdxkFlOF5
tDw1XVw3y/Tp3dZcKYSQxvDlm48l87O+kUrtcZhaghEg7m/nlbPDX9BX1B6DdHgk
Y9WUezvOJoO6D5eftIeQoVNc53zKEonOzQBwbQXjc4cexFMZiRH1ezTQSXDqBEXI
7fQ9bNhSXbn/rTtbP0BGgMY/Tme+PNIXQnARpOdwSC9g9fO9Yonn3w1rIF66NBnJ
+dg9w9zrVYX7jf9ZtKosTy6vN+y/q9Fs5aK23Wwbaju1VjtXMxdO1+o8+FMKdLEo
B6F3qkBnbiq87AMbrv1O4zwhWJAlyb4VjYaYq1+WH83I1z6pzQJ7/O9yxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDczIZMLBi4kGZDKA+PLE1gi3wEfMB8GA1UdIwQY
MBaAFL4aiH52U6LeRPExY+GHA3MmopoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYt
ODZjNTQxY2E5ZDcxLzEvTnpNaGt3c0dMaVFaa01vRDQ4c1RXQ0xmQVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYtODZjNTQxY2E5ZDcx
LzEvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBcfgMA0G
CSqGSIb3DQEBCwUAA4IBAQA+WY2RUjyYOzaPC5Di91a3gVosq4vY96nXcXxSNCAp
vFK50drCSKJTG8iYuklEGUcPpnXStGrSEA2OAyrhhBQdVtpuLqRBEVHcnqMErES0
dMcH0HhZRE0Db7O/hfkqU4+Ks7+PONwKWH5LWMqfhVxPxmTsWxLPueuiN+mQT82z
M0UoN/isYrJWD4oed+bOsq/6uPkVRwHJr31EuXc1Qn3FMVIR18SgQB27VsIqvxrB
woCL0sRmHcg80IbU1SXUxQ5sGoJlMsvtnOzNDuGKu9PD59Xg79jQMHFUgoyl9QIQ
NwWfnRXsgBLI3LYuyACdWt5AsrWTGUoGZWOI4ZnbB/WJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:06:05 2025 by rpki-client