Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/ncGsNjTWkIf28hHD5IvPQUyPHT4.roa
File: ncGsNjTWkIf28hHD5IvPQUyPHT4.roa (raw, json)
Hash identifier: OTRCAQhrm/oTjMPsGhu8HQvEnrVxNQI7H4S1GDdgIBY=
Subject key identifier: 9D:C1:AC:36:34:D6:90:87:F6:F2:11:C3:E4:8B:CF:41:4C:8F:1D:3E
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 01942520B09FA0CD8EEF884DC60A311EC70B
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/ncGsNjTWkIf28hHD5IvPQUyPHT4.roa
Signing time: Thu 02 Jan 2025 03:48:06 +0000
ROA not before: Thu 02 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60201
IP address blocks: 5.183.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:b0:9f:a0:cd:8e:ef:88:4d:c6:0a:31:1e:c7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 2 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dc1ac3634d69087f6f211c3e48bcf414c8f1d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:b7:f4:ff:29:39:49:93:eb:de:ef:07:d6:
55:3d:5a:02:cb:46:77:ff:4d:cd:bd:ab:1d:39:39:
0f:66:05:3e:21:6d:35:b9:62:9c:25:13:1a:4a:b2:
da:7f:fa:1b:be:ca:3a:70:be:f2:d7:02:13:a9:03:
dd:16:cc:d3:da:32:a7:ac:33:e0:49:a1:8d:dd:c5:
48:ea:21:1c:9c:e9:8a:85:ff:9f:8e:1d:c5:51:d9:
f1:66:e7:1e:9d:58:f8:7d:fc:71:12:bf:66:de:53:
aa:c2:d4:b1:5f:80:d2:72:06:f8:9a:c6:61:8b:23:
fc:d5:45:fc:60:82:97:50:54:f7:97:6b:51:76:de:
b2:eb:ac:43:f0:0a:9b:62:41:7d:b2:28:9a:67:d9:
d4:10:72:96:59:9b:3f:c8:11:fc:14:a5:61:b6:41:
28:8b:b4:84:bb:66:89:3f:e4:4e:9c:1e:a9:2b:cc:
41:b0:fa:cf:21:79:ce:78:84:79:1c:ef:f1:88:3f:
68:1f:c4:58:d7:ed:e8:96:49:cf:75:0d:a4:e7:49:
56:57:a5:ed:3b:fb:ac:53:b4:50:08:1f:78:94:78:
0f:a2:6b:91:a3:cf:8a:60:bc:e9:49:29:73:5d:48:
f0:eb:6d:3a:1d:e3:dc:98:58:ba:aa:21:4e:1f:01:
a6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C1:AC:36:34:D6:90:87:F6:F2:11:C3:E4:8B:CF:41:4C:8F:1D:3E
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/ncGsNjTWkIf28hHD5IvPQUyPHT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9d:70:a9:b1:0b:b1:95:67:7c:e2:d5:5b:06:36:ed:5e:b0:
5b:fb:46:d9:a1:1b:60:f0:84:58:72:c4:d7:22:5c:60:ed:31:
40:5d:9b:6c:92:ae:dc:2f:27:db:a8:a5:a7:87:75:2f:f2:70:
05:8c:c1:10:e3:3f:65:79:0e:35:41:d4:0c:cb:ab:b0:4c:c5:
69:f9:da:c3:fb:fc:08:88:09:ea:6d:96:e3:2d:3d:5d:3e:42:
90:5b:f2:72:d0:7c:df:da:6d:2f:4a:11:cb:10:ef:83:84:0f:
75:bc:ac:a7:b0:21:82:3b:f5:d3:7f:bf:66:b3:1b:c2:3f:22:
56:fe:5e:90:e9:ca:aa:dd:6d:c8:cb:47:b5:98:01:40:97:d7:
13:25:02:06:55:00:c3:4a:08:26:25:c5:c1:98:eb:26:5d:09:
fc:de:25:6b:0d:9b:30:10:bb:ae:12:53:b7:a4:bd:69:25:fd:
a0:74:6f:5f:93:03:ac:e7:94:72:47:81:23:bc:35:1c:7a:d6:
eb:34:6b:12:53:db:62:8e:9d:59:c4:22:7c:62:eb:4c:17:94:
fd:95:f7:1f:fc:8b:34:8f:d9:d1:0b:01:f3:64:8e:3f:dd:82:
b2:63:ce:e7:9d:45:0d:60:9b:fa:9b:fe:8c:8b:c3:c2:7d:e6:
67:18:02:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlILCfoM2O74hNxgoxHscLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjUwMTAyMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMxYWMzNjM0ZDY5MDg3ZjZmMjExYzNlNDhiY2Y0MTRjOGYxZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6G39P8pOUmT697vB9ZVPVoCy0Z3
/03NvasdOTkPZgU+IW01uWKcJRMaSrLaf/obvso6cL7y1wITqQPdFszT2jKnrDPg
SaGN3cVI6iEcnOmKhf+fjh3FUdnxZucenVj4ffxxEr9m3lOqwtSxX4DScgb4msZh
iyP81UX8YIKXUFT3l2tRdt6y66xD8AqbYkF9siiaZ9nUEHKWWZs/yBH8FKVhtkEo
i7SEu2aJP+ROnB6pK8xBsPrPIXnOeIR5HO/xiD9oH8RY1+3olknPdQ2k50lWV6Xt
O/usU7RQCB94lHgPomuRo8+KYLzpSSlzXUjw6206HePcmFi6qiFOHwGmCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3BrDY01pCH9vIRw+SLz0FMjx0+MB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvbmNHc05qVFdrSWYyOGhIRDVJdlBRVXlQSFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbeoMA0G
CSqGSIb3DQEBCwUAA4IBAQAcnXCpsQuxlWd84tVbBjbtXrBb+0bZoRtg8IRYcsTX
Ilxg7TFAXZtskq7cLyfbqKWnh3Uv8nAFjMEQ4z9leQ41QdQMy6uwTMVp+drD+/wI
iAnqbZbjLT1dPkKQW/Jy0Hzf2m0vShHLEO+DhA91vKynsCGCO/XTf79msxvCPyJW
/l6Q6cqq3W3Iy0e1mAFAl9cTJQIGVQDDSggmJcXBmOsmXQn83iVrDZswELuuElO3
pL1pJf2gdG9fkwOs55RyR4EjvDUcetbrNGsSU9tijp1ZxCJ8YutMF5T9lfcf/Is0
j9nRCwHzZI4/3YKyY87nnUUNYJv6m/6Mi8PCfeZnGAL0
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:28:17 2025 by rpki-client