Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/NHqj8wB10WSekKQpmh-HseccI8I.roa
File: NHqj8wB10WSekKQpmh-HseccI8I.roa (raw, json)
Hash identifier: L+izevOgWXTJAUEusaUxSyDXId3hMIswTW9GC9CMwnw=
Subject key identifier: 34:7A:A3:F3:00:75:D1:64:9E:90:A4:29:9A:1F:87:B1:E7:1C:23:C2
Certificate issuer: /CN=f9e00abe184a625b76f8d1fbceef817aaf71415b
Certificate serial: 01942747B305C58288A4A5A12860EFE371F9
Authority key identifier: F9:E0:0A:BE:18:4A:62:5B:76:F8:D1:FB:CE:EF:81:7A:AF:71:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/NHqj8wB10WSekKQpmh-HseccI8I.roa
Signing time: Thu 02 Jan 2025 13:49:57 +0000
ROA not before: Thu 02 Jan 2025 13:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57494
IP address blocks: 195.178.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b3:05:c5:82:88:a4:a5:a1:28:60:ef:e3:71:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9e00abe184a625b76f8d1fbceef817aaf71415b
Validity
Not Before: Jan 2 13:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=347aa3f30075d1649e90a4299a1f87b1e71c23c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:90:cf:1e:fb:2a:0f:d7:c6:c9:39:29:4a:02:
39:e1:d1:ce:6d:e7:0b:e1:21:2c:01:7e:07:5a:98:
03:ba:f4:05:b4:1e:b3:6c:3d:70:8f:fa:4a:1f:a4:
0f:ac:4e:3f:b5:be:5e:81:c3:44:e6:d3:9d:f5:37:
e0:02:66:a0:52:66:05:22:e8:0f:5f:79:52:9c:aa:
f9:ad:76:f8:48:03:f7:18:30:ea:dc:8c:b9:ce:ed:
a4:ed:fd:14:cc:81:61:2c:51:0b:af:bc:23:a1:78:
7f:c2:02:4d:c0:51:f1:92:bf:09:22:70:ae:57:1e:
61:ef:58:06:91:0f:c1:3e:bc:72:b7:dd:34:50:e5:
fc:da:7b:15:8b:49:53:e3:e6:c4:29:e2:a5:55:93:
28:64:e6:3e:5f:b3:6f:e7:c7:b8:bd:a8:ad:a0:6d:
e0:fc:fd:31:3f:1e:e4:b0:c6:8d:8a:4a:a1:61:85:
cc:57:8b:65:c4:cd:4d:df:95:2e:7e:a7:50:74:65:
ed:7c:c2:45:6a:8a:da:c2:d3:4d:e3:87:28:97:ff:
20:57:3d:e1:e9:bb:8c:e7:d5:97:cd:0c:ea:c9:54:
6f:b6:db:75:c7:ce:8e:1e:09:d4:e9:53:8e:60:d5:
3c:12:32:0a:1a:f8:da:70:d8:b2:2f:e8:3c:cd:2b:
69:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7A:A3:F3:00:75:D1:64:9E:90:A4:29:9A:1F:87:B1:E7:1C:23:C2
X509v3 Authority Key Identifier:
keyid:F9:E0:0A:BE:18:4A:62:5B:76:F8:D1:FB:CE:EF:81:7A:AF:71:41:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/NHqj8wB10WSekKQpmh-HseccI8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.17.0/24
Signature Algorithm: sha256WithRSAEncryption
32:51:9d:28:9f:fb:2c:84:9b:1a:ea:49:3b:64:89:0e:18:6c:
43:25:7a:2e:dd:d7:00:ef:20:84:fa:6d:6c:8a:d0:74:82:52:
3b:7d:f4:1d:74:fd:b2:f5:91:6d:6a:b1:60:ea:6a:b9:20:7f:
93:d7:24:57:1e:12:51:39:a7:b2:14:1c:a0:ec:9a:fb:55:7e:
b8:8e:f4:e7:f9:a3:40:d7:0c:14:ae:44:38:20:77:92:0e:4d:
85:8d:f0:20:25:ce:16:cb:9c:f8:62:78:62:54:ca:7c:8c:49:
cb:35:41:cf:b9:74:f9:aa:6b:b4:90:1a:eb:8e:49:20:06:6a:
f3:91:1c:70:55:31:44:59:1c:96:ac:c2:2b:c0:aa:01:e2:a9:
14:c1:d3:fe:2f:b0:dc:c4:5f:da:99:65:b2:6c:fc:e8:36:7a:
cb:fb:3d:ec:53:ec:9d:8e:31:84:74:30:31:24:3e:b6:32:bb:
69:5e:02:cf:71:9f:ae:9f:58:a2:c4:04:15:0f:94:a4:67:39:
0c:d3:cd:46:7a:31:7b:59:a7:11:6f:5e:54:c8:0e:bb:9a:36:
d6:94:c9:0c:28:61:98:17:ad:59:6f:6b:02:f8:69:8a:cc:f9:
48:91:54:23:5f:95:18:13:12:92:9c:89:a6:da:26:8e:8e:fd:
b3:de:67:fe
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR7MFxYKIpKWhKGDv43H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZTAwYWJlMTg0YTYyNWI3NmY4ZDFmYmNlZWY4MTdhYWY3
MTQxNWIwHhcNMjUwMTAyMTM0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdhYTNmMzAwNzVkMTY0OWU5MGE0Mjk5YTFmODdiMWU3MWMyM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpDPHvsqD9fGyTkpSgI54dHObecL
4SEsAX4HWpgDuvQFtB6zbD1wj/pKH6QPrE4/tb5egcNE5tOd9TfgAmagUmYFIugP
X3lSnKr5rXb4SAP3GDDq3Iy5zu2k7f0UzIFhLFELr7wjoXh/wgJNwFHxkr8JInCu
Vx5h71gGkQ/BPrxyt900UOX82nsVi0lT4+bEKeKlVZMoZOY+X7Nv58e4vaitoG3g
/P0xPx7ksMaNikqhYYXMV4tlxM1N35UufqdQdGXtfMJFaorawtNN44col/8gVz3h
6buM59WXzQzqyVRvttt1x86OHgnU6VOOYNU8EjIKGvjacNiyL+g8zStpOQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDR6o/MAddFknpCkKZofh7HnHCPCMB8GA1UdIwQY
MBaAFPngCr4YSmJbdvjR+87vgXqvcUFbMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1lQUt2aGhLWWx0Mi1OSDd6dS1CZXE5eFFWcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvOGEzMjJmLWRjMjgtNDIyZi1iNTcw
LTU4YjY0ZDU1N2MwYy8xL05IcWo4d0IxMFdTZWtLUXBtaC1Ic2VjY0k4SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvOGEzMjJmLWRjMjgtNDIyZi1iNTcwLTU4YjY0ZDU1N2Mw
Yy8xLzEtZUFLdmhoS1lsdDItTkg3enUtQmVxOXhRVnMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDshEw
DQYJKoZIhvcNAQELBQADggEBADJRnSif+yyEmxrqSTtkiQ4YbEMlei7d1wDvIIT6
bWyK0HSCUjt99B10/bL1kW1qsWDqarkgf5PXJFceElE5p7IUHKDsmvtVfriO9Of5
o0DXDBSuRDggd5IOTYWN8CAlzhbLnPhieGJUynyMScs1Qc+5dPmqa7SQGuuOSSAG
avORHHBVMURZHJaswivAqgHiqRTB0/4vsNzEX9qZZbJs/Og2esv7PexT7J2OMYR0
MDEkPrYyu2leAs9xn66fWKLEBBUPlKRnOQzTzUZ6MXtZpxFvXlTIDruaNtaUyQwo
YZgXrVlvawL4aYrM+UiRVCNflRgTEpKciabaJo6O/bPeZ/4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:57:43 2025 by rpki-client