Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NSsvP_b9bb7LoOYSjYOjiyp8-lg.roa
File: NSsvP_b9bb7LoOYSjYOjiyp8-lg.roa (raw, json)
Hash identifier: jQn1ERuiUoztqN3Itff+TnPCLpJPuJxfbpdJahyOt14=
Subject key identifier: 35:2B:2F:3F:F6:FD:6D:BE:CB:A0:E6:12:8D:83:A3:8B:2A:7C:FA:58
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01952AF34E5DAC91B91A8AE0A6A7266F15CB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NSsvP_b9bb7LoOYSjYOjiyp8-lg.roa
Signing time: Fri 21 Feb 2025 23:59:02 +0000
ROA not before: Fri 21 Feb 2025 23:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.38.0/24 maxlen: 24
147.45.39.0/24 maxlen: 24
147.45.61.0/24 maxlen: 24
147.45.62.0/24 maxlen: 24
147.45.63.0/24 maxlen: 24
147.45.88.0/21 maxlen: 21
147.45.117.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
147.45.127.0/24 maxlen: 24
147.45.205.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.170.0/24 maxlen: 24
193.233.236.0/24 maxlen: 24
193.233.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2a:f3:4e:5d:ac:91:b9:1a:8a:e0:a6:a7:26:6f:15:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 21 23:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=352b2f3ff6fd6dbecba0e6128d83a38b2a7cfa58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a7:27:7c:0b:1e:d8:71:9c:10:c5:ba:f0:60:
8c:b8:fc:0d:e0:9e:4a:56:a2:dd:15:0b:ba:e4:98:
2f:d4:87:ae:d9:01:b2:9e:2a:52:6b:78:cb:a4:53:
fc:58:f8:0c:c8:d9:2a:90:4e:4a:87:dc:b4:af:04:
0b:24:86:c4:3c:38:2a:9a:a0:6d:f7:70:0d:cf:22:
95:20:78:c4:ec:bb:11:7d:4c:76:82:05:7e:5f:f4:
f4:78:29:cb:48:f4:7e:f2:55:90:5b:9d:02:cf:d7:
f2:00:c6:8b:23:21:f9:6c:26:9a:75:ff:0a:64:39:
5c:f4:94:ea:b1:cf:51:9e:bf:3d:9d:f3:da:87:c5:
81:84:5b:60:1f:f0:e4:88:f8:f5:26:e4:89:53:5b:
27:57:4e:17:dd:5b:1e:61:17:bc:80:0f:e9:2c:aa:
2a:3b:26:3a:95:47:80:86:f3:27:85:a3:29:11:63:
5a:7c:a8:9c:c1:fe:66:95:7e:32:91:6d:24:42:2c:
ff:51:fb:fd:58:05:ea:01:a8:a8:e6:7e:7d:cf:54:
ea:07:3b:f8:a3:5d:28:5e:19:52:19:8b:d7:8a:71:
4d:e9:16:d7:e2:e6:6c:3e:26:1c:32:a5:4e:98:3d:
0f:43:7a:4b:75:9f:f0:3d:4f:4f:06:d5:8d:6a:f7:
4d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2B:2F:3F:F6:FD:6D:BE:CB:A0:E6:12:8D:83:A3:8B:2A:7C:FA:58
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/NSsvP_b9bb7LoOYSjYOjiyp8-lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.38.0/23
147.45.61.0-147.45.63.255
147.45.88.0/21
147.45.117.0/24
147.45.120.0/22
147.45.127.0/24
147.45.205.0/24
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
193.233.236.0/24
193.233.239.0/24
Signature Algorithm: sha256WithRSAEncryption
95:65:32:0a:22:50:69:c0:57:65:96:85:7d:c4:33:f4:b7:27:
cb:f3:45:b6:bb:56:4a:ad:2b:58:91:9a:4c:19:7e:f5:83:0d:
e9:62:5e:40:60:87:7f:b3:3c:41:48:75:48:9f:2c:c5:b2:f4:
6d:a2:60:82:e3:95:8a:a7:c1:eb:15:00:5f:bc:b5:ea:72:12:
b5:37:2f:84:f8:6d:81:86:5d:17:7c:f8:78:cb:bb:cc:90:db:
0a:eb:9f:5c:3e:97:23:41:22:7e:17:b4:9a:4d:3b:87:97:0a:
50:1d:7e:f4:33:1c:aa:2b:e1:52:a5:4c:69:b4:3e:4f:69:9b:
82:c5:b7:ce:6b:9d:77:82:4c:f9:73:bd:83:b2:35:d4:d3:aa:
61:a1:70:9c:30:a8:f4:fe:13:87:81:d1:83:6f:eb:63:5c:e9:
86:38:0b:e5:f1:69:2b:00:17:99:f0:c6:b4:e2:52:ab:15:01:
4e:9b:42:96:27:ae:8c:ee:4c:a1:7a:28:dc:82:45:64:fa:cd:
58:5f:56:7c:27:c5:6f:cc:13:bf:98:6f:d8:6e:df:49:f9:d5:
bc:b2:04:36:fb:d7:f1:db:02:d2:c0:4c:ea:a1:f2:88:e1:38:
c5:d8:69:f1:27:b3:ea:b7:a5:0d:ba:af:e9:78:00:0b:e2:80:
33:2a:7a:97
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZUq805drJG5GorgpqcmbxXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMjIxMjM1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJiMmYzZmY2ZmQ2ZGJlY2JhMGU2MTI4ZDgzYTM4YjJhN2NmYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKcnfAse2HGcEMW68GCMuPwN4J5K
VqLdFQu65Jgv1Ieu2QGynipSa3jLpFP8WPgMyNkqkE5Kh9y0rwQLJIbEPDgqmqBt
93ANzyKVIHjE7LsRfUx2ggV+X/T0eCnLSPR+8lWQW50Cz9fyAMaLIyH5bCaadf8K
ZDlc9JTqsc9Rnr89nfPah8WBhFtgH/DkiPj1JuSJU1snV04X3VseYRe8gA/pLKoq
OyY6lUeAhvMnhaMpEWNafKicwf5mlX4ykW0kQiz/Ufv9WAXqAaio5n59z1TqBzv4
o10oXhlSGYvXinFN6RbX4uZsPiYcMqVOmD0PQ3pLdZ/wPU9PBtWNavdNFwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDUrLz/2/W2+y6DmEo2Do4sqfPpYMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTlNzdlBfYjliYjdMb09ZU2pZT2ppeXA4LWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBky0mMAwD
BACTLT0DBAaTLQADBAOTLVgDBACTLXUDBAKTLXgDBACTLX8DBACTLc0DBADB6TwD
BADB6T4DBADB6aoDBADB6ewDBADB6e8wDQYJKoZIhvcNAQELBQADggEBAJVlMgoi
UGnAV2WWhX3EM/S3J8vzRba7VkqtK1iRmkwZfvWDDeliXkBgh3+zPEFIdUifLMWy
9G2iYILjlYqnwesVAF+8tepyErU3L4T4bYGGXRd8+HjLu8yQ2wrrn1w+lyNBIn4X
tJpNO4eXClAdfvQzHKor4VKlTGm0Pk9pm4LFt85rnXeCTPlzvYOyNdTTqmGhcJww
qPT+E4eB0YNv62Nc6YY4C+XxaSsAF5nwxrTiUqsVAU6bQpYnrozuTKF6KNyCRWT6
zVhfVnwnxW/ME7+Yb9hu30n51byyBDb71/HbAtLATOqh8ojhOMXYafEns+q3pQ26
r+l4AAvigDMqepc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:23:12 2025 by rpki-client