Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/NNWMEZj2KM2iS4Og9a2q_2M6GAU.roa
File: NNWMEZj2KM2iS4Og9a2q_2M6GAU.roa (raw, json)
Hash identifier: YcQpsVuDkJbcr6546iTtN2WNSx3d2cPDYivVNT/w7bs=
Subject key identifier: 34:D5:8C:11:98:F6:28:CD:A2:4B:83:A0:F5:AD:AA:FF:63:3A:18:05
Certificate issuer: /CN=b8951c8514b7dd21b333abb33caca3c4dae9d709
Certificate serial: 019424453AFCB2D6E3EA0CCCE3E7A21EDF4C
Authority key identifier: B8:95:1C:85:14:B7:DD:21:B3:33:AB:B3:3C:AC:A3:C4:DA:E9:D7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uJUchRS33SGzM6uzPKyjxNrp1wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/NNWMEZj2KM2iS4Og9a2q_2M6GAU.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34756
IP address blocks: 91.221.160.0/24 maxlen: 24
195.242.171.0/24 maxlen: 24
2001:67c:6b0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3a:fc:b2:d6:e3:ea:0c:cc:e3:e7:a2:1e:df:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8951c8514b7dd21b333abb33caca3c4dae9d709
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34d58c1198f628cda24b83a0f5adaaff633a1805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1b:b5:70:20:d6:2b:25:94:c3:9b:69:c4:fd:
79:da:05:f2:a4:eb:1a:7e:84:04:f0:f5:14:1f:58:
1e:0f:a8:43:d4:35:76:11:47:4d:b0:bb:1d:cc:7a:
dc:8d:17:0e:f9:74:16:8a:5b:2e:65:da:f7:ba:a6:
8a:39:a2:ad:a0:1d:de:29:6d:db:b7:6e:de:92:14:
cd:f1:aa:11:14:a8:79:73:4d:72:2f:bc:15:91:b5:
cb:e7:f0:c4:e3:a3:f1:fc:33:56:54:5f:6a:5e:fe:
4f:12:e6:02:da:96:20:fe:d2:9a:54:c8:ae:31:5d:
88:a4:a5:0c:82:80:76:a9:d3:d8:5a:09:10:ce:c9:
45:d6:0d:78:3e:ea:2f:57:27:69:7e:8a:54:47:76:
81:ae:82:bf:66:49:55:23:42:6d:9b:1a:a4:03:cd:
a8:a2:c2:22:a7:f7:cf:24:3f:17:67:86:9c:32:69:
d7:f3:b4:b1:a0:5c:41:f1:af:c0:2b:9d:e5:f9:5e:
be:4e:ae:5d:6a:ed:a6:39:19:51:9b:a8:10:fa:23:
c5:b0:4f:cb:35:70:5e:00:b9:9b:26:fa:38:bd:2c:
33:0f:b1:44:9c:b6:d3:0f:6c:48:1c:33:0c:f4:ad:
11:bc:bc:d4:13:6d:10:cd:7b:2b:25:d5:9d:d1:d4:
71:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D5:8C:11:98:F6:28:CD:A2:4B:83:A0:F5:AD:AA:FF:63:3A:18:05
X509v3 Authority Key Identifier:
keyid:B8:95:1C:85:14:B7:DD:21:B3:33:AB:B3:3C:AC:A3:C4:DA:E9:D7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uJUchRS33SGzM6uzPKyjxNrp1wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/NNWMEZj2KM2iS4Og9a2q_2M6GAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/uJUchRS33SGzM6uzPKyjxNrp1wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.160.0/24
195.242.171.0/24
IPv6:
2001:67c:6b0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:7f:33:8e:8b:d3:0e:01:90:74:d0:51:71:73:ea:f9:ca:5d:
1f:e4:e4:59:2a:9d:9a:48:c7:06:88:3a:4f:63:67:bb:90:70:
eb:22:22:10:ba:99:c4:dc:26:c4:61:dd:29:96:3c:c8:50:fd:
ba:a9:26:64:09:60:e9:1f:d7:c7:82:48:c0:31:ea:05:ce:22:
7e:76:4a:d9:b9:5c:71:33:dc:01:5d:6a:00:38:20:01:6e:1d:
af:27:30:15:da:be:18:e4:ae:cc:dd:ed:4b:23:2e:ef:1c:11:
c3:ac:f6:ea:d0:7c:31:d3:06:21:0a:92:f6:94:df:c6:44:2b:
02:78:26:15:04:fd:bd:31:30:18:2d:e1:5b:a5:0b:0e:d5:4d:
a3:81:92:19:4b:9a:b9:1d:82:26:65:98:3a:17:d0:06:0b:0c:
8e:49:bd:96:3f:4a:49:0c:52:1d:19:db:51:fd:ca:fe:d5:0e:
5c:07:a9:fa:46:5d:43:44:91:12:9c:8f:0c:b9:67:48:f4:a6:
7b:ec:72:b1:08:7c:52:f1:5a:41:fc:18:1b:78:6e:58:fa:bf:
e9:6b:ce:9f:de:59:57:f1:34:0e:53:45:a6:c0:b2:79:2d:c6:
f4:c2:1b:fa:57:56:3c:02:fa:80:6c:83:89:66:45:bf:4c:ae:
90:4f:e5:2a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQkRTr8stbj6gzM4+eiHt9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OTUxYzg1MTRiN2RkMjFiMzMzYWJiMzNjYWNhM2M0ZGFl
OWQ3MDkwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ1OGMxMTk4ZjYyOGNkYTI0YjgzYTBmNWFkYWFmZjYzM2ExODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hu1cCDWKyWUw5tpxP152gXypOsa
foQE8PUUH1geD6hD1DV2EUdNsLsdzHrcjRcO+XQWilsuZdr3uqaKOaKtoB3eKW3b
t27ekhTN8aoRFKh5c01yL7wVkbXL5/DE46Px/DNWVF9qXv5PEuYC2pYg/tKaVMiu
MV2IpKUMgoB2qdPYWgkQzslF1g14PuovVydpfopUR3aBroK/ZklVI0JtmxqkA82o
osIip/fPJD8XZ4acMmnX87SxoFxB8a/AK53l+V6+Tq5dau2mORlRm6gQ+iPFsE/L
NXBeALmbJvo4vSwzD7FEnLbTD2xIHDMM9K0RvLzUE20QzXsrJdWd0dRxEQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDTVjBGY9ijNokuDoPWtqv9jOhgFMB8GA1UdIwQY
MBaAFLiVHIUUt90hszOrszyso8Ta6dcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUpVY2hSUzMzU0d6TTZ1elBLeWp4TnJwMXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82NDJlYjItM2ZiOS00ZjBlLWJhZjQt
OGNkNzk1MjdlNTMwLzEvTk5XTUVaajJLTTJpUzRPZzlhMnFfMk02R0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82NDJlYjItM2ZiOS00ZjBlLWJhZjQtOGNkNzk1MjdlNTMw
LzEvdUpVY2hSUzMzU0d6TTZ1elBLeWp4TnJwMXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW92gAwQA
w/KrMA8EAgACMAkDBwAgAQZ8BrAwDQYJKoZIhvcNAQELBQADggEBAK5/M46L0w4B
kHTQUXFz6vnKXR/k5FkqnZpIxwaIOk9jZ7uQcOsiIhC6mcTcJsRh3SmWPMhQ/bqp
JmQJYOkf18eCSMAx6gXOIn52Stm5XHEz3AFdagA4IAFuHa8nMBXavhjkrszd7Usj
Lu8cEcOs9urQfDHTBiEKkvaU38ZEKwJ4JhUE/b0xMBgt4VulCw7VTaOBkhlLmrkd
giZlmDoX0AYLDI5JvZY/SkkMUh0Z21H9yv7VDlwHqfpGXUNEkRKcjwy5Z0j0pnvs
crEIfFLxWkH8GBt4blj6v+lrzp/eWVfxNA5TRabAsnktxvTCG/pXVjwC+oBsg4lm
Rb9MrpBP5So=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:05:57 2025 by rpki-client