Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/NmoeARNR5KlnZdBERWuM-iNzYM0.roa
File: NmoeARNR5KlnZdBERWuM-iNzYM0.roa (raw, json)
Hash identifier: HgaWyfSju8BbiVq620WeDucyKoI/pqgp0CZAcN9HrcI=
Subject key identifier: 36:6A:1E:01:13:51:E4:A9:67:65:D0:44:45:6B:8C:FA:23:73:60:CD
Certificate issuer: /CN=6821c8ff0437f7edd829166fde03446f86109d80
Certificate serial: 01941FFA16A60E79794A046E46B79247B466
Authority key identifier: 68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/NmoeARNR5KlnZdBERWuM-iNzYM0.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49168
IP address blocks: 91.221.74.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:16:a6:0e:79:79:4a:04:6e:46:b7:92:47:b4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6821c8ff0437f7edd829166fde03446f86109d80
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=366a1e011351e4a96765d044456b8cfa237360cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a5:f5:65:ae:0a:7a:84:ca:b7:53:0e:47:fc:
77:36:ec:65:4f:83:d1:da:72:c0:8c:00:26:28:c8:
77:8d:0a:92:5e:fe:a0:0d:04:63:94:30:aa:0d:6e:
69:8b:9e:80:0a:07:30:50:51:94:9e:a3:88:9a:62:
1c:85:39:d7:cf:7e:94:a4:c8:cc:c4:5a:bd:79:35:
cd:8a:4f:a9:ea:33:f5:74:a2:57:67:43:63:31:0e:
80:e4:c2:dd:66:67:f8:44:bf:60:02:0a:cd:b4:20:
4d:c0:80:61:1e:31:f3:c5:02:a7:91:4b:24:5d:5c:
f6:9f:72:63:c1:45:07:51:5a:3d:6c:0a:09:a6:71:
1e:83:a2:05:cf:d7:8f:16:dd:20:dc:c3:a5:2f:d3:
b4:e0:30:cf:20:3f:4e:4e:2f:30:5f:4c:cb:ff:6d:
81:d0:43:2b:86:aa:4a:5c:18:72:e8:00:9c:7d:05:
4c:19:6c:90:6d:76:c5:eb:c7:07:bb:e4:80:e8:16:
c7:c1:cf:30:95:4c:4b:78:8b:df:20:6e:a4:3e:a9:
20:e8:a3:72:b9:9f:74:e9:b9:ec:d6:62:3a:10:85:
23:42:82:65:4e:b0:5b:a4:90:8a:a6:29:63:9e:3e:
35:f9:42:70:84:18:46:8c:55:b1:99:b0:30:2a:3d:
14:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6A:1E:01:13:51:E4:A9:67:65:D0:44:45:6B:8C:FA:23:73:60:CD
X509v3 Authority Key Identifier:
keyid:68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/NmoeARNR5KlnZdBERWuM-iNzYM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/aCHI_wQ39-3YKRZv3gNEb4YQnYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.74.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:9b:bd:b1:ce:fc:e9:30:1f:46:7c:58:ca:94:b2:d7:b7:de:
4d:ea:45:a9:44:3f:44:a6:48:17:51:38:a1:42:32:4b:f6:e2:
03:79:38:2d:72:07:66:1e:4d:94:ce:84:dc:43:7b:2e:b9:bf:
26:b6:d0:a2:d9:6d:ee:be:cb:9d:7a:48:86:5a:de:65:62:68:
a6:fe:5e:a5:75:81:8d:59:9a:1f:d8:d7:31:fb:3d:7f:50:f2:
4a:cf:3a:46:f7:b6:85:36:47:3c:79:9e:cd:b1:4f:36:c6:35:
56:7f:f1:1f:05:e8:cf:7d:55:34:70:7a:0d:8b:05:c9:6f:c9:
42:a4:3e:8b:64:05:98:b0:05:da:6f:8b:9c:23:c4:15:15:a6:
37:ab:9a:dc:98:fc:e6:3c:e6:6f:78:11:0c:f7:5e:c5:d9:5b:
25:2b:c7:52:0d:25:6e:cd:5d:42:b6:85:e5:ac:23:35:53:c3:
82:bc:ae:33:be:f3:2a:e4:43:44:ac:b2:a7:23:23:15:55:c8:
2d:97:77:e3:a8:f2:e1:4c:50:2d:e0:ce:1f:93:60:e0:b2:74:
20:97:b7:e9:8f:ef:eb:2a:61:cb:3f:62:4b:13:8d:c0:04:46:
99:5c:e9:88:c7:ec:e0:b1:23:ad:09:b8:ce:dc:1e:80:6c:86:
bd:af:f1:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+hamDnl5SgRuRreSR7RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjFjOGZmMDQzN2Y3ZWRkODI5MTY2ZmRlMDM0NDZmODYx
MDlkODAwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZhMWUwMTEzNTFlNGE5Njc2NWQwNDQ0NTZiOGNmYTIzNzM2MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKX1Za4KeoTKt1MOR/x3NuxlT4PR
2nLAjAAmKMh3jQqSXv6gDQRjlDCqDW5pi56ACgcwUFGUnqOImmIchTnXz36UpMjM
xFq9eTXNik+p6jP1dKJXZ0NjMQ6A5MLdZmf4RL9gAgrNtCBNwIBhHjHzxQKnkUsk
XVz2n3JjwUUHUVo9bAoJpnEeg6IFz9ePFt0g3MOlL9O04DDPID9OTi8wX0zL/22B
0EMrhqpKXBhy6ACcfQVMGWyQbXbF68cHu+SA6BbHwc8wlUxLeIvfIG6kPqkg6KNy
uZ906bns1mI6EIUjQoJlTrBbpJCKpiljnj41+UJwhBhGjFWxmbAwKj0UjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZqHgETUeSpZ2XQREVrjPojc2DNMB8GA1UdIwQY
MBaAFGghyP8EN/ft2CkWb94DRG+GEJ2AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNISV93UTM5LTNZS1JadjNnTkViNFlRbllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xM2IxNDQtYmUxNi00OTIyLWE5ODMt
MjVhZTkyOTNmNmI0LzEvTm1vZUFSTlI1S2xuWmRCRVJXdU0taU56WU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xM2IxNDQtYmUxNi00OTIyLWE5ODMtMjVhZTkyOTNmNmI0
LzEvYUNISV93UTM5LTNZS1JadjNnTkViNFlRbllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW91KMA0G
CSqGSIb3DQEBCwUAA4IBAQCMm72xzvzpMB9GfFjKlLLXt95N6kWpRD9EpkgXUTih
QjJL9uIDeTgtcgdmHk2UzoTcQ3suub8mttCi2W3uvsudekiGWt5lYmim/l6ldYGN
WZof2Ncx+z1/UPJKzzpG97aFNkc8eZ7NsU82xjVWf/EfBejPfVU0cHoNiwXJb8lC
pD6LZAWYsAXab4ucI8QVFaY3q5rcmPzmPOZveBEM917F2VslK8dSDSVuzV1CtoXl
rCM1U8OCvK4zvvMq5ENErLKnIyMVVcgtl3fjqPLhTFAt4M4fk2DgsnQgl7fpj+/r
KmHLP2JLE43ABEaZXOmIx+zgsSOtCbjO3B6AbIa9r/F1
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:51:09 2025 by rpki-client