Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/nteIspt-UVuGJ2lIwXwQAMvJcPM.roa
File: nteIspt-UVuGJ2lIwXwQAMvJcPM.roa (raw, json)
Hash identifier: xmb3u80i3Fj/i5D3GJ8FX7tHh6G589IOk0eyQ86NW1E=
Subject key identifier: 9E:D7:88:B2:9B:7E:51:5B:86:27:69:48:C1:7C:10:00:CB:C9:70:F3
Certificate issuer: /CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Certificate serial: 018CC8010C92EF11F08992F1737160FAD434
Authority key identifier: 4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/nteIspt-UVuGJ2lIwXwQAMvJcPM.roa
Signing time: Tue 02 Jan 2024 02:29:21 +0000
ROA not before: Tue 02 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59605
IP address blocks: 151.248.111.0/24 maxlen: 24
151.248.106.0/24 maxlen: 24
151.248.108.0/24 maxlen: 24
151.248.107.0/24 maxlen: 24
151.248.110.0/24 maxlen: 24
151.248.109.0/24 maxlen: 24
151.248.96.0/21 maxlen: 21
151.248.96.0/20 maxlen: 20
151.248.97.0/24 maxlen: 24
151.248.98.0/24 maxlen: 24
151.248.99.0/24 maxlen: 24
151.248.101.0/24 maxlen: 24
151.248.103.0/24 maxlen: 24
151.248.104.0/24 maxlen: 24
151.248.105.0/24 maxlen: 24
185.201.192.0/22 maxlen: 22
2a02:f040::/29 maxlen: 29
2a02:f040:7::/48 maxlen: 48
2a02:f040:1::/48 maxlen: 48
2a02:f040:c::/48 maxlen: 48
2a02:f040:a::/48 maxlen: 48
2a02:f040:5::/48 maxlen: 48
2a02:f040::/48 maxlen: 48
2a02:f040:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0c:92:ef:11:f0:89:92:f1:73:71:60:fa:d4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed788b29b7e515b86276948c17c1000cbc970f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:da:1a:14:2c:17:41:a4:2e:c4:c2:7e:e8:
84:71:31:c6:c7:be:a9:0c:45:29:58:14:94:9e:0a:
d6:de:ba:0c:c4:02:4a:ec:99:11:db:fd:ce:6a:d9:
21:0f:78:39:83:ca:ec:93:ec:9c:8a:36:ef:6b:18:
67:96:57:96:fb:3c:5f:3f:c1:c1:91:2e:76:61:14:
e7:64:17:16:15:32:85:47:d3:7c:81:ed:24:c0:25:
da:9b:4f:c4:cd:d7:0f:e7:64:5d:b9:c2:a5:96:8b:
7d:73:85:ef:89:66:ad:27:ae:a2:72:3e:21:f1:ab:
df:13:89:db:9b:74:2d:cd:c3:0a:d8:c7:fa:3c:22:
1b:83:49:3d:ae:e2:17:28:ac:b1:ca:b0:e2:1e:e0:
3a:19:75:8d:ff:2b:96:2b:a8:3c:60:e0:da:12:6b:
4a:d6:c8:37:21:aa:0a:de:f6:ab:52:8b:35:a2:e1:
c2:79:91:8c:15:51:3d:e1:eb:0b:ab:1b:70:bd:33:
ea:03:41:7f:a7:d5:53:9b:b5:91:84:02:fc:85:dc:
ed:32:2d:69:e5:39:74:ab:88:ce:ea:e3:52:6a:b5:
54:bb:4d:41:fb:f9:0a:07:5e:40:9b:79:76:50:6c:
3a:b4:77:35:0e:c0:af:b4:65:e0:72:0a:28:d2:c3:
30:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D7:88:B2:9B:7E:51:5B:86:27:69:48:C1:7C:10:00:CB:C9:70:F3
X509v3 Authority Key Identifier:
keyid:4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/nteIspt-UVuGJ2lIwXwQAMvJcPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/S_ID1q5mmOCfJVeAuIrM3NlGdaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.96.0/20
185.201.192.0/22
IPv6:
2a02:f040::/29
Signature Algorithm: sha256WithRSAEncryption
a8:23:f4:4a:9c:c4:6d:06:0c:c7:08:3f:8f:6b:6b:96:a4:99:
c9:47:a2:6a:25:3c:9a:f2:1e:ba:22:2c:13:b4:fa:0d:3a:5c:
c5:42:aa:bb:9b:33:60:b6:da:3a:f8:ac:81:69:65:5a:4c:10:
95:52:24:da:02:6f:c8:6b:a8:02:bf:ed:d2:c6:0e:a1:63:4a:
4a:40:ed:ef:1e:2e:ac:86:0a:74:15:76:82:fd:3b:10:44:d3:
d9:92:84:e0:59:d4:0f:04:04:20:92:77:a9:70:88:b3:ed:1f:
e3:41:14:77:6b:08:e9:9d:ac:dc:9f:af:e9:04:8b:9b:35:8b:
7b:7f:17:0a:28:b8:56:52:d5:1f:7b:a8:de:90:27:6b:e0:9c:
e3:e6:f7:67:77:1a:5f:0a:ea:1e:ed:d1:aa:44:86:b0:0a:6b:
34:9b:bb:7a:6e:58:c4:cb:78:d9:be:54:f9:62:0e:24:9a:19:
e4:08:1d:e2:45:00:77:ab:e8:a7:c2:5f:da:25:9e:46:65:0b:
17:50:19:56:fa:97:3c:41:23:9b:b2:99:4e:ef:3d:f2:1a:24:
03:e1:b3:a1:d6:ab:df:73:be:27:35:55:b3:ef:eb:45:e2:49:
1e:7f:3f:e7:a3:9e:d5:18:52:52:4d:e1:62:2a:2b:a7:59:bc:
67:f4:0b:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAQyS7xHwiZLxc3Fg+tQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjIwM2Q2YWU2Njk4ZTA5ZjI1NTc4MGI4OGFjY2RjZDk0
Njc1YTEwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ3ODhiMjliN2U1MTViODYyNzY5NDhjMTdjMTAwMGNiYzk3MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNnaGhQsF0GkLsTCfuiEcTHGx76p
DEUpWBSUngrW3roMxAJK7JkR2/3OatkhD3g5g8rsk+ycijbvaxhnlleW+zxfP8HB
kS52YRTnZBcWFTKFR9N8ge0kwCXam0/EzdcP52RducKllot9c4XviWatJ66icj4h
8avfE4nbm3QtzcMK2Mf6PCIbg0k9ruIXKKyxyrDiHuA6GXWN/yuWK6g8YODaEmtK
1sg3IaoK3varUos1ouHCeZGMFVE94esLqxtwvTPqA0F/p9VTm7WRhAL8hdztMi1p
5Tl0q4jO6uNSarVUu01B+/kKB15Am3l2UGw6tHc1DsCvtGXgcgoo0sMwQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ7XiLKbflFbhidpSMF8EADLyXDzMB8GA1UdIwQY
MBaAFEvyA9auZpjgnyVXgLiKzNzZRnWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19JRDFxNW1tT0NmSlZlQXVJck0zTmxHZGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8yOTk5ODQtNmQ3ZC00NWUzLWI2ZmQt
YmM5MTdjOTIzNWQyLzEvbnRlSXNwdC1VVnVHSjJsSXdYd1FBTXZKY1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8yOTk5ODQtNmQ3ZC00NWUzLWI2ZmQtYmM5MTdjOTIzNWQy
LzEvU19JRDFxNW1tT0NmSlZlQXVJck0zTmxHZGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEl/hgAwQC
ucnAMA0EAgACMAcDBQMqAvBAMA0GCSqGSIb3DQEBCwUAA4IBAQCoI/RKnMRtBgzH
CD+Pa2uWpJnJR6JqJTya8h66IiwTtPoNOlzFQqq7mzNgtto6+KyBaWVaTBCVUiTa
Am/Ia6gCv+3Sxg6hY0pKQO3vHi6shgp0FXaC/TsQRNPZkoTgWdQPBAQgknepcIiz
7R/jQRR3awjpnazcn6/pBIubNYt7fxcKKLhWUtUfe6jekCdr4Jzj5vdndxpfCuoe
7dGqRIawCms0m7t6bljEy3jZvlT5Yg4kmhnkCB3iRQB3q+inwl/aJZ5GZQsXUBlW
+pc8QSObsplO7z3yGiQD4bOh1qvfc74nNVWz7+tF4kkefz/no57VGFJSTeFiKiun
Wbxn9Aua
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:58 2025 by rpki-client