Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/ndShIgCcbsHhUOk-1qX-uYRIuS0.roa
File: ndShIgCcbsHhUOk-1qX-uYRIuS0.roa (raw, json)
Hash identifier: czNtU+SX8QXrL7dVcdfeMOMIGpfeCslspqe7rpd0A8Q=
Subject key identifier: 9D:D4:A1:22:00:9C:6E:C1:E1:50:E9:3E:D6:A5:FE:B9:84:48:B9:2D
Certificate issuer: /CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Certificate serial: 0194214468C5FE39C7521B91FAE1C7E6B845
Authority key identifier: 32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/ndShIgCcbsHhUOk-1qX-uYRIuS0.roa
Signing time: Wed 01 Jan 2025 09:48:38 +0000
ROA not before: Wed 01 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12610
IP address blocks: 213.214.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:68:c5:fe:39:c7:52:1b:91:fa:e1:c7:e6:b8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Validity
Not Before: Jan 1 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dd4a122009c6ec1e150e93ed6a5feb98448b92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a1:05:1a:54:6c:5e:a4:35:75:c6:ef:60:cd:
ea:39:93:76:42:29:48:5f:e7:87:87:d4:cb:85:19:
00:bc:9f:3a:85:21:e2:b7:34:e6:68:d3:53:72:9d:
b4:fe:72:42:80:40:50:d3:72:ba:a3:ba:7c:7c:29:
73:08:77:f3:c4:1f:50:f4:b8:e0:d3:65:4d:78:ff:
91:bc:16:24:b8:ca:c3:8a:21:d1:6f:c2:a1:ac:26:
47:c5:11:2a:1f:d9:00:dc:e5:f8:0e:2f:fe:78:89:
97:53:a7:38:20:07:89:d5:21:96:21:5d:8e:a5:b8:
2a:b2:f7:34:ea:cb:21:0e:0e:48:c8:57:a0:ca:1b:
4c:d2:c4:1d:56:12:3f:a7:dd:f9:9f:9f:a6:38:78:
b0:fb:8d:f1:c7:15:e5:d0:18:ab:33:dd:f3:d1:fb:
53:f4:50:94:4e:24:64:28:05:07:7c:82:2d:e1:fa:
df:68:52:5c:19:d7:53:d6:0c:d6:2e:34:c1:9a:38:
e4:89:b4:50:f1:d5:e2:2c:9c:fe:c0:1c:cc:2b:be:
50:a1:e2:f8:52:33:af:74:81:57:9f:e1:47:86:40:
ac:f2:cc:55:68:77:48:bf:5d:c4:1e:a7:d3:eb:ae:
0c:37:31:b6:79:40:28:9a:5e:5f:8b:13:cc:ec:e0:
13:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D4:A1:22:00:9C:6E:C1:E1:50:E9:3E:D6:A5:FE:B9:84:48:B9:2D
X509v3 Authority Key Identifier:
keyid:32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/ndShIgCcbsHhUOk-1qX-uYRIuS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.214.24.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:5a:21:c0:ac:e3:a0:f8:07:84:27:5f:66:6f:9b:9b:b3:1c:
61:1a:68:64:37:a7:dc:e9:ab:72:6d:c4:e0:db:43:67:84:a2:
f2:6c:3c:23:c9:5f:0f:1a:de:17:62:01:45:01:2e:02:d3:c1:
39:05:b9:32:de:d6:b5:70:d3:ee:99:62:e2:99:7d:0f:71:4e:
46:42:e7:0a:61:83:80:0c:76:9a:e5:ec:cd:2b:a2:5f:d3:e8:
78:5d:68:a6:c2:b4:3d:21:73:b7:34:f4:71:0d:bc:42:b9:a6:
a5:24:2a:29:f3:2c:b9:ea:2b:ae:5f:21:82:2c:89:90:82:e5:
2c:2d:48:18:50:34:ed:31:56:e3:da:83:f9:f1:b9:d5:42:0b:
4d:58:ae:76:bd:cd:99:5c:15:c3:4b:c1:a2:65:65:e4:72:5b:
d5:84:08:df:25:13:db:33:a4:c7:34:d7:95:61:fd:25:8b:8f:
d7:6b:3e:e5:d2:1a:e5:3b:6c:9b:21:d4:5b:58:f0:f8:6c:36:
82:0d:9d:36:d2:1a:a7:14:e8:a9:28:76:b3:f9:90:cb:43:a7:
87:66:12:f1:9d:4b:f3:6c:6b:46:01:c5:d2:ff:bb:1e:3f:e1:
8f:ac:d8:37:4b:11:61:c9:81:4c:52:24:f1:52:76:8d:83:46:
5f:4b:9c:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGjF/jnHUhuR+uHH5rhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTBkNThkNzdiMGZhNWRjZWM0ZjQyYWU5NmYzNDdiYzgw
ZGFhM2UwHhcNMjUwMTAxMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ0YTEyMjAwOWM2ZWMxZTE1MGU5M2VkNmE1ZmViOTg0NDhiOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqEFGlRsXqQ1dcbvYM3qOZN2QilI
X+eHh9TLhRkAvJ86hSHitzTmaNNTcp20/nJCgEBQ03K6o7p8fClzCHfzxB9Q9Ljg
02VNeP+RvBYkuMrDiiHRb8KhrCZHxREqH9kA3OX4Di/+eImXU6c4IAeJ1SGWIV2O
pbgqsvc06sshDg5IyFegyhtM0sQdVhI/p935n5+mOHiw+43xxxXl0BirM93z0ftT
9FCUTiRkKAUHfIIt4frfaFJcGddT1gzWLjTBmjjkibRQ8dXiLJz+wBzMK75QoeL4
UjOvdIFXn+FHhkCs8sxVaHdIv13EHqfT664MNzG2eUAoml5fixPM7OATowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3UoSIAnG7B4VDpPtal/rmESLktMB8GA1UdIwQY
MBaAFDJQ1Y13sPpdzsT0KulvNHvIDao+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUt
M2UzMGE0YzRiODI2LzEvbmRTaElnQ2Nic0hoVU9rLTFxWC11WVJJdVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUtM2UzMGE0YzRiODI2
LzEvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1dYYMA0G
CSqGSIb3DQEBCwUAA4IBAQBeWiHArOOg+AeEJ19mb5ubsxxhGmhkN6fc6atybcTg
20NnhKLybDwjyV8PGt4XYgFFAS4C08E5Bbky3ta1cNPumWLimX0PcU5GQucKYYOA
DHaa5ezNK6Jf0+h4XWimwrQ9IXO3NPRxDbxCuaalJCop8yy56iuuXyGCLImQguUs
LUgYUDTtMVbj2oP58bnVQgtNWK52vc2ZXBXDS8GiZWXkclvVhAjfJRPbM6THNNeV
Yf0li4/Xaz7l0hrlO2ybIdRbWPD4bDaCDZ020hqnFOipKHaz+ZDLQ6eHZhLxnUvz
bGtGAcXS/7seP+GPrNg3SxFhyYFMUiTxUnaNg0ZfS5zJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:06 2025 by rpki-client on console.sobornost.net