Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/nxhi5-9uC3Z2GcyVtgN0XH2e-AY.roa
File: nxhi5-9uC3Z2GcyVtgN0XH2e-AY.roa (raw, json)
Hash identifier: TCpb7ZM9/5X8OkM3MtmPCms5hmL6B1GslczU1sVSQk4=
Subject key identifier: 9F:18:62:E7:EF:6E:0B:76:76:19:CC:95:B6:03:74:5C:7D:9E:F8:06
Certificate issuer: /CN=0b62cf8cd90b69f936e82b57801cd779d72e3f3e
Certificate serial: 0195F5B6C199A67FBB29B8913FF1195D04B4
Authority key identifier: 0B:62:CF:8C:D9:0B:69:F9:36:E8:2B:57:80:1C:D7:79:D7:2E:3F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C2LPjNkLafk26CtXgBzXedcuPz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/nxhi5-9uC3Z2GcyVtgN0XH2e-AY.roa
Signing time: Wed 02 Apr 2025 08:55:49 +0000
ROA not before: Wed 02 Apr 2025 08:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214966
IP address blocks: 194.53.216.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:b6:c1:99:a6:7f:bb:29:b8:91:3f:f1:19:5d:04:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b62cf8cd90b69f936e82b57801cd779d72e3f3e
Validity
Not Before: Apr 2 08:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f1862e7ef6e0b767619cc95b603745c7d9ef806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:73:b6:63:4d:36:45:fe:a2:e0:69:d1:0c:
32:ca:0d:a0:4d:c3:ce:9d:24:b9:98:2d:d8:82:f8:
49:fd:82:a6:a8:03:50:93:c7:18:fe:0d:49:52:9b:
c2:fd:6e:ae:0f:f9:e0:08:a1:eb:c3:a8:dd:5a:77:
f1:cf:65:93:21:c1:8c:a9:da:75:0a:4b:55:bc:2e:
30:a2:60:6c:67:df:56:4f:49:5f:ee:e6:69:b3:ac:
ac:cc:37:bc:ea:06:04:3c:59:72:9d:08:86:09:d9:
47:05:39:fe:1e:69:c6:52:14:49:ec:25:cc:41:1b:
a6:c4:61:d5:a7:47:3d:5c:a2:b5:27:43:bb:85:9d:
17:3d:17:b9:04:4b:4d:04:e3:33:c2:15:8b:24:14:
5f:ee:02:23:59:00:2e:20:25:fd:9d:f9:32:ab:c0:
53:49:42:ec:40:58:1e:b7:83:d1:47:bd:48:ca:d9:
03:ed:17:cf:16:f2:e0:87:14:a6:23:8b:89:69:46:
31:10:9d:30:5f:77:c1:9c:6e:60:73:58:bc:32:a8:
76:bd:c5:21:42:b4:92:40:33:c2:62:84:05:73:24:
5c:e5:d5:c0:03:6c:93:29:df:9b:da:da:b0:8a:7c:
03:ae:81:fa:c2:fe:42:0c:9a:f2:50:75:e3:d1:d3:
f4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:18:62:E7:EF:6E:0B:76:76:19:CC:95:B6:03:74:5C:7D:9E:F8:06
X509v3 Authority Key Identifier:
keyid:0B:62:CF:8C:D9:0B:69:F9:36:E8:2B:57:80:1C:D7:79:D7:2E:3F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C2LPjNkLafk26CtXgBzXedcuPz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/nxhi5-9uC3Z2GcyVtgN0XH2e-AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/82cc5d-d6a8-4667-b049-967c57d5a361/1/C2LPjNkLafk26CtXgBzXedcuPz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.216.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:72:9a:79:39:8c:6e:52:06:95:fb:a6:09:c3:bc:0d:10:3a:
dd:4d:59:f4:52:a7:6c:84:95:fc:d2:d0:27:e7:74:ba:0a:05:
99:d4:42:d1:77:ff:b7:f0:d0:78:2c:bb:f8:d5:c7:63:32:43:
b0:0d:00:dc:64:03:58:98:ef:6e:6a:20:d0:41:be:ef:7c:71:
f4:79:9c:b2:fd:bb:fa:55:f5:d9:5a:d0:5f:9c:ec:e6:c4:70:
91:cf:87:7e:8a:a0:93:b8:44:78:9e:de:7d:e6:3b:35:f1:33:
0e:0c:af:50:9a:c9:3e:f6:22:a7:02:ca:91:32:f6:bf:8c:88:
30:b6:34:c3:3f:e1:13:2b:79:6d:cc:dc:fb:12:ea:bd:20:54:
a2:cf:07:ca:65:1e:20:e0:bb:f4:62:7e:f6:cd:37:26:01:0f:
bc:8d:fc:c6:5e:37:4f:ff:fd:0f:61:8d:d9:ca:fb:2f:ea:0a:
63:1a:41:61:5f:a9:d1:ba:0b:53:ad:5b:7d:e7:45:16:e5:94:
88:16:7e:6d:94:32:9a:20:43:49:ae:2a:25:bd:d1:fd:7c:a5:
cb:db:f6:17:f3:ae:91:0f:5f:f2:cc:62:64:74:d7:03:6f:1f:
8a:d6:6f:a5:10:49:78:4b:e0:10:5e:05:b1:33:7c:e4:6d:c9:
8c:f0:e8:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX1tsGZpn+7KbiRP/EZXQS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNjJjZjhjZDkwYjY5ZjkzNmU4MmI1NzgwMWNkNzc5ZDcy
ZTNmM2UwHhcNMjUwNDAyMDg1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE4NjJlN2VmNmUwYjc2NzYxOWNjOTViNjAzNzQ1YzdkOWVmODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvblztmNNNkX+ouBp0Qwyyg2gTcPO
nSS5mC3YgvhJ/YKmqANQk8cY/g1JUpvC/W6uD/ngCKHrw6jdWnfxz2WTIcGMqdp1
CktVvC4womBsZ99WT0lf7uZps6yszDe86gYEPFlynQiGCdlHBTn+HmnGUhRJ7CXM
QRumxGHVp0c9XKK1J0O7hZ0XPRe5BEtNBOMzwhWLJBRf7gIjWQAuICX9nfkyq8BT
SULsQFget4PRR71IytkD7RfPFvLghxSmI4uJaUYxEJ0wX3fBnG5gc1i8Mqh2vcUh
QrSSQDPCYoQFcyRc5dXAA2yTKd+b2tqwinwDroH6wv5CDJryUHXj0dP0vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8YYufvbgt2dhnMlbYDdFx9nvgGMB8GA1UdIwQY
MBaAFAtiz4zZC2n5NugrV4Ac13nXLj8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzJMUGpOa0xhZmsyNkN0WGdCelhlZGN1UHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84MmNjNWQtZDZhOC00NjY3LWIwNDkt
OTY3YzU3ZDVhMzYxLzEvbnhoaTUtOXVDM1oyR2N5VnRnTjBYSDJlLUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84MmNjNWQtZDZhOC00NjY3LWIwNDktOTY3YzU3ZDVhMzYx
LzEvQzJMUGpOa0xhZmsyNkN0WGdCelhlZGN1UHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwjXYMA0G
CSqGSIb3DQEBCwUAA4IBAQArcpp5OYxuUgaV+6YJw7wNEDrdTVn0UqdshJX80tAn
53S6CgWZ1ELRd/+38NB4LLv41cdjMkOwDQDcZANYmO9uaiDQQb7vfHH0eZyy/bv6
VfXZWtBfnOzmxHCRz4d+iqCTuER4nt595js18TMODK9Qmsk+9iKnAsqRMva/jIgw
tjTDP+ETK3ltzNz7Euq9IFSizwfKZR4g4Lv0Yn72zTcmAQ+8jfzGXjdP//0PYY3Z
yvsv6gpjGkFhX6nRugtTrVt950UW5ZSIFn5tlDKaIENJriolvdH9fKXL2/YX866R
D1/yzGJkdNcDbx+K1m+lEEl4S+AQXgWxM3zkbcmM8Oif
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net