Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/NxVQaX6suFkgxiAAF2vWtVQF7dk.roa
File: NxVQaX6suFkgxiAAF2vWtVQF7dk.roa (raw, json)
Hash identifier: zsaYmfZBz75BAmMTNCovG+cBN7yV/z5nE5MvUK9bhp0=
Subject key identifier: 37:15:50:69:7E:AC:B8:59:20:C6:20:00:17:6B:D6:B5:54:05:ED:D9
Certificate issuer: /CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006
Certificate serial: 01941FFA25D2D277B7FDF94F7F5D7E57D734
Authority key identifier: 8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/NxVQaX6suFkgxiAAF2vWtVQF7dk.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212865
IP address blocks: 213.133.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:25:d2:d2:77:b7:fd:f9:4f:7f:5d:7e:57:d7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=371550697eacb85920c62000176bd6b55405edd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:08:a5:bb:e0:2e:32:1d:a9:40:aa:56:72:a7:
70:0c:32:45:c9:53:e4:01:79:c6:6b:ba:73:7b:5a:
a2:87:cb:79:f2:e2:2a:e1:7a:97:2b:79:29:b3:85:
52:a4:d0:35:d9:7f:bc:6c:db:de:af:16:89:34:5b:
3a:92:e3:0b:09:97:da:e0:e8:0c:bd:9a:00:e2:b7:
e8:14:01:ff:6b:37:4b:aa:c4:3b:c3:96:ea:0e:15:
51:99:2a:87:2f:15:35:51:82:13:eb:5b:bb:24:cf:
40:1c:11:c0:47:6d:3b:8f:09:55:b0:a0:5c:b8:8b:
7d:d6:97:ad:87:68:d5:5e:3f:f6:f1:22:29:42:56:
e4:f3:ff:85:02:92:5a:01:c4:0d:d5:3e:82:8e:90:
e3:c9:2e:e2:e0:b5:c1:8d:17:57:d7:82:76:da:88:
31:9a:5a:e9:20:4e:81:34:e8:d4:29:49:fd:6d:31:
c1:19:f0:db:9f:a8:7b:96:f5:95:ad:83:f4:19:e4:
0a:41:44:4e:fe:9b:78:d6:8b:ce:f3:2b:0c:66:b1:
5a:d3:88:b2:10:f7:fd:84:2d:3e:97:9f:06:53:14:
2f:3d:94:84:94:1c:18:88:87:6d:63:eb:0c:ea:01:
2d:5e:f8:ea:71:b7:22:1e:c3:4b:3f:4b:11:df:1b:
bb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:15:50:69:7E:AC:B8:59:20:C6:20:00:17:6B:D6:B5:54:05:ED:D9
X509v3 Authority Key Identifier:
keyid:8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/NxVQaX6suFkgxiAAF2vWtVQF7dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/is0usvBhi3LGRtmX08ld2Da90AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.133.240.0/21
Signature Algorithm: sha256WithRSAEncryption
15:ad:9a:ba:07:ea:79:cd:4d:eb:c1:a9:1c:5d:b9:1a:13:5f:
5b:3d:da:ff:8e:ef:df:d1:b0:5e:96:24:31:d8:8f:ec:d8:c5:
91:6a:b6:df:b7:5f:71:3c:ff:9a:b5:ab:60:0f:98:5a:29:a9:
a9:35:85:a6:68:93:a9:7f:f9:b8:b2:45:67:0b:14:d6:44:5f:
d7:19:37:ea:45:a8:a4:34:00:42:88:b6:a3:c6:74:db:28:52:
06:7f:6b:a7:65:1a:bd:43:80:f3:74:ea:ac:28:cd:5e:1f:f2:
37:2c:f3:9a:d0:bc:a6:d4:11:fa:ab:75:67:1e:f2:59:5b:c7:
f6:28:2f:90:b9:fa:dc:76:1d:8d:36:6f:1f:b0:b1:69:18:b1:
46:ad:70:a2:ec:d8:b0:2b:5d:d1:3e:8a:a7:cc:bd:4f:21:8f:
fb:2e:81:54:fc:4a:b2:ea:d6:e0:30:13:ff:bd:84:49:42:7d:
b7:db:f9:03:ed:b9:4b:f1:33:f0:26:42:0b:2c:d5:84:bf:2b:
19:7f:6e:5a:90:48:fc:34:d1:83:7e:d6:c1:45:4c:5a:da:45:
0e:d7:e9:7b:f6:23:a6:c7:5a:e5:a4:39:b1:01:f5:3b:75:59:
18:3f:2d:49:3f:73:50:7f:9d:04:90:8b:fc:4a:e3:f9:b8:41:
b0:ac:d5:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iXS0ne3/flPf11+V9c0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2QyZWIyZjA2MThiNzJjNjQ2ZDk5N2QzYzk1ZGQ4MzZi
ZGQwMDYwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE1NTA2OTdlYWNiODU5MjBjNjIwMDAxNzZiZDZiNTU0MDVlZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgilu+AuMh2pQKpWcqdwDDJFyVPk
AXnGa7pze1qih8t58uIq4XqXK3kps4VSpNA12X+8bNverxaJNFs6kuMLCZfa4OgM
vZoA4rfoFAH/azdLqsQ7w5bqDhVRmSqHLxU1UYIT61u7JM9AHBHAR207jwlVsKBc
uIt91peth2jVXj/28SIpQlbk8/+FApJaAcQN1T6CjpDjyS7i4LXBjRdX14J22ogx
mlrpIE6BNOjUKUn9bTHBGfDbn6h7lvWVrYP0GeQKQURO/pt41ovO8ysMZrFa04iy
EPf9hC0+l58GUxQvPZSElBwYiIdtY+sM6gEtXvjqcbciHsNLP0sR3xu7cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcVUGl+rLhZIMYgABdr1rVUBe3ZMB8GA1UdIwQY
MBaAFIrNLrLwYYtyxkbZl9PJXdg2vdAGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjkt
Nzk0YzlkOTI4Y2RjLzEvTnhWUWFYNnN1RmtneGlBQUYydld0VlFGN2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjktNzk0YzlkOTI4Y2Rj
LzEvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1YXwMA0G
CSqGSIb3DQEBCwUAA4IBAQAVrZq6B+p5zU3rwakcXbkaE19bPdr/ju/f0bBeliQx
2I/s2MWRarbft19xPP+atatgD5haKampNYWmaJOpf/m4skVnCxTWRF/XGTfqRaik
NABCiLajxnTbKFIGf2unZRq9Q4DzdOqsKM1eH/I3LPOa0Lym1BH6q3VnHvJZW8f2
KC+Qufrcdh2NNm8fsLFpGLFGrXCi7NiwK13RPoqnzL1PIY/7LoFU/Eqy6tbgMBP/
vYRJQn232/kD7blL8TPwJkILLNWEvysZf25akEj8NNGDftbBRUxa2kUO1+l79iOm
x1rlpDmxAfU7dVkYPy1JP3NQf50EkIv8SuP5uEGwrNVH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net