Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/ncR4oR_y2D6exGXXU4466Dj_Hq0.roa
File: ncR4oR_y2D6exGXXU4466Dj_Hq0.roa (raw, json)
Hash identifier: QHWP1FBTjP+R0Pof3RRPjusJf04L/sCOEBJrDKRdhZ4=
Subject key identifier: 9D:C4:78:A1:1F:F2:D8:3E:9E:C4:65:D7:53:8E:3A:E8:38:FF:1E:AD
Certificate issuer: /CN=bfd81ca90cc5224586afebab1c78b1790268d5c1
Certificate serial: 019424B2779FFFC0D2979B8732EF06964255
Authority key identifier: BF:D8:1C:A9:0C:C5:22:45:86:AF:EB:AB:1C:78:B1:79:02:68:D5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9gcqQzFIkWGr-urHHixeQJo1cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/ncR4oR_y2D6exGXXU4466Dj_Hq0.roa
Signing time: Thu 02 Jan 2025 01:47:43 +0000
ROA not before: Thu 02 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398343
IP address blocks: 45.149.218.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:77:9f:ff:c0:d2:97:9b:87:32:ef:06:96:42:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd81ca90cc5224586afebab1c78b1790268d5c1
Validity
Not Before: Jan 2 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dc478a11ff2d83e9ec465d7538e3ae838ff1ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e7:27:24:98:d9:c2:c3:51:5a:71:8e:ae:d7:
e6:18:9c:c7:fc:48:4d:3e:84:b4:25:bd:52:77:03:
fb:9e:20:9d:dc:3d:91:25:13:3a:ef:33:32:f4:74:
92:8d:b2:df:96:2a:29:16:9c:b9:2d:6b:56:46:f1:
03:8b:3a:ea:41:9c:81:bb:f5:e3:2e:e5:be:27:56:
15:48:75:2d:0a:ea:3e:12:c7:ee:e0:9f:35:e2:8f:
7e:3d:00:a4:fc:10:63:e0:33:c4:52:b6:19:43:86:
a2:01:5e:d4:02:58:88:7a:bb:1d:cb:66:77:5e:1d:
a5:f1:5f:d6:e8:a2:fd:33:8d:29:36:8d:e9:95:b2:
93:84:e4:8c:ab:79:bd:4e:5a:a2:f4:8b:50:7c:fa:
f0:2a:69:ba:2c:21:cc:93:0b:94:d4:f6:0d:be:12:
88:de:a8:b4:2d:e3:7a:50:9b:2f:48:05:b9:63:91:
77:80:92:c8:15:6c:9b:2b:95:87:24:d0:67:24:65:
3f:c1:5f:d3:19:c0:b7:ee:53:b8:d2:4c:7d:a1:98:
ab:36:d0:e5:3b:97:c5:38:d4:3e:c6:67:a2:25:fd:
f9:69:3d:2a:82:21:fe:83:b4:50:eb:0c:b4:55:83:
2b:c8:7b:d5:84:22:88:b5:8e:7c:a1:2f:dc:3c:81:
d6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C4:78:A1:1F:F2:D8:3E:9E:C4:65:D7:53:8E:3A:E8:38:FF:1E:AD
X509v3 Authority Key Identifier:
keyid:BF:D8:1C:A9:0C:C5:22:45:86:AF:EB:AB:1C:78:B1:79:02:68:D5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9gcqQzFIkWGr-urHHixeQJo1cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/ncR4oR_y2D6exGXXU4466Dj_Hq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/v9gcqQzFIkWGr-urHHixeQJo1cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.218.0/23
Signature Algorithm: sha256WithRSAEncryption
21:e7:ab:89:17:43:85:f1:2c:b7:64:d5:b6:8e:bc:52:af:66:
41:84:71:76:88:74:98:b5:b3:f0:a1:04:bd:f7:98:32:a6:4f:
42:21:e2:30:2b:9c:11:a8:c7:5b:5f:37:33:b5:56:32:32:80:
44:37:84:07:b8:14:8f:9c:82:4d:59:e3:6c:8a:6a:58:f0:6e:
94:56:5d:4b:fe:34:5f:95:0a:80:3a:79:90:39:dd:70:3c:39:
47:47:45:38:62:b4:81:b8:4c:5a:b4:ae:f1:47:bf:b3:10:f9:
9f:1e:ee:fe:7b:4f:35:32:9e:9b:f3:a6:3f:ed:b3:b7:25:9b:
6f:b8:bd:99:22:a5:97:73:3d:28:f8:26:18:e2:eb:cd:a6:96:
a7:39:5a:f3:65:75:22:06:5b:7e:ee:0c:ef:b5:e0:cf:77:80:
71:66:31:62:f5:c9:d9:b5:cd:90:49:38:bc:0d:71:9e:11:a8:
9d:bc:8a:18:70:df:54:74:25:39:1c:63:04:ec:a4:87:80:68:
ba:6b:5a:fe:4f:b3:74:13:5e:5d:55:f9:eb:c6:48:85:eb:9f:
69:f8:07:7f:8b:cd:e5:e0:a0:8e:4d:27:f7:aa:80:e3:b1:c4:
08:f0:a0:3a:2d:ac:93:79:23:90:c9:65:04:47:20:31:e5:99:
fd:28:e3:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksnef/8DSl5uHMu8GlkJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDgxY2E5MGNjNTIyNDU4NmFmZWJhYjFjNzhiMTc5MDI2
OGQ1YzEwHhcNMjUwMTAyMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM0NzhhMTFmZjJkODNlOWVjNDY1ZDc1MzhlM2FlODM4ZmYxZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+cnJJjZwsNRWnGOrtfmGJzH/EhN
PoS0Jb1SdwP7niCd3D2RJRM67zMy9HSSjbLfliopFpy5LWtWRvEDizrqQZyBu/Xj
LuW+J1YVSHUtCuo+Esfu4J814o9+PQCk/BBj4DPEUrYZQ4aiAV7UAliIersdy2Z3
Xh2l8V/W6KL9M40pNo3plbKThOSMq3m9Tlqi9ItQfPrwKmm6LCHMkwuU1PYNvhKI
3qi0LeN6UJsvSAW5Y5F3gJLIFWybK5WHJNBnJGU/wV/TGcC37lO40kx9oZirNtDl
O5fFONQ+xmeiJf35aT0qgiH+g7RQ6wy0VYMryHvVhCKItY58oS/cPIHWvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3EeKEf8tg+nsRl11OOOug4/x6tMB8GA1UdIwQY
MBaAFL/YHKkMxSJFhq/rqxx4sXkCaNXBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlnY3FRekZJa1dHci11ckhIaXhlUUpvMWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yNWE1OWMtYzJmYy00ZmQ0LTk2Zjct
ODRhZGNiZjVhYzU1LzEvbmNSNG9SX3kyRDZleEdYWFU0NDY2RGpfSHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yNWE1OWMtYzJmYy00ZmQ0LTk2ZjctODRhZGNiZjVhYzU1
LzEvdjlnY3FRekZJa1dHci11ckhIaXhlUUpvMWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZXaMA0G
CSqGSIb3DQEBCwUAA4IBAQAh56uJF0OF8Sy3ZNW2jrxSr2ZBhHF2iHSYtbPwoQS9
95gypk9CIeIwK5wRqMdbXzcztVYyMoBEN4QHuBSPnIJNWeNsimpY8G6UVl1L/jRf
lQqAOnmQOd1wPDlHR0U4YrSBuExatK7xR7+zEPmfHu7+e081Mp6b86Y/7bO3JZtv
uL2ZIqWXcz0o+CYY4uvNppanOVrzZXUiBlt+7gzvteDPd4BxZjFi9cnZtc2QSTi8
DXGeEaidvIoYcN9UdCU5HGME7KSHgGi6a1r+T7N0E15dVfnrxkiF659p+Ad/i83l
4KCOTSf3qoDjscQI8KA6LayTeSOQyWUERyAx5Zn9KON/
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:48 2025 by rpki-client