Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NJbsjRToAWS0CVfCoU8R0v_G8HE.roa
File: NJbsjRToAWS0CVfCoU8R0v_G8HE.roa (raw, json)
Hash identifier: pPz//JJGQH3mOnBNtaSSOO/HlI1E+T9F/LYzQEbB6RY=
Subject key identifier: 34:96:EC:8D:14:E8:01:64:B4:09:57:C2:A1:4F:11:D2:FF:C6:F0:71
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348DEF83B786F3A717E86EB6DCA46F3
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NJbsjRToAWS0CVfCoU8R0v_G8HE.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199642
IP address blocks: 195.65.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:de:f8:3b:78:6f:3a:71:7e:86:eb:6d:ca:46:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3496ec8d14e80164b40957c2a14f11d2ffc6f071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:de:0f:f9:37:0e:1f:f1:1f:79:01:25:6a:db:
a9:d5:1c:b4:d3:60:b5:c5:19:cb:0e:6e:2c:9a:9a:
64:ed:2d:32:35:65:c7:7e:01:ea:9f:c1:88:b0:7d:
a5:62:04:d4:72:39:93:f1:04:52:a4:f7:10:d6:08:
83:01:14:af:0c:e1:1c:52:f7:7c:51:14:f5:e3:51:
94:b2:83:82:9c:d3:78:6b:ae:15:f4:75:c9:b3:13:
8d:24:78:05:d2:c5:66:f9:c9:fb:3c:24:c8:42:6b:
e0:70:56:6e:0c:68:68:74:1b:4f:58:93:85:54:11:
d5:96:95:5b:91:d6:30:d8:0f:8a:0e:a8:ab:a4:8e:
f6:5c:78:af:e0:94:67:f7:48:96:13:7c:96:dd:d3:
0c:c6:d0:9a:42:a3:4e:3b:a8:51:dc:cd:f5:cf:16:
13:76:14:11:08:85:65:f1:35:e8:34:d3:28:2e:74:
3c:66:37:2a:27:94:b4:8a:32:41:b9:e2:6a:e6:28:
92:85:ea:3f:01:6d:3e:d5:20:48:8d:ec:76:4f:4b:
40:60:39:aa:24:49:2e:5f:e0:d9:00:dd:ce:f7:c4:
40:ea:e9:0c:90:e1:5c:94:43:30:06:c8:e4:70:0f:
e8:35:55:e2:bc:62:97:86:48:73:60:e2:42:63:62:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:96:EC:8D:14:E8:01:64:B4:09:57:C2:A1:4F:11:D2:FF:C6:F0:71
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NJbsjRToAWS0CVfCoU8R0v_G8HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7d:0c:a1:ee:ef:d6:c5:51:56:5b:65:43:f0:07:4d:88:d9:
6c:6c:f3:af:b2:2a:fe:34:f8:ca:40:1b:ad:2b:2a:1b:18:45:
e8:da:60:f4:73:f1:3c:f5:73:a6:76:14:00:fa:87:e9:3d:cd:
48:ff:15:e9:ed:7b:ff:b0:06:b7:0b:3a:49:91:85:89:b0:fc:
5c:58:41:28:de:ab:db:92:a9:c3:35:0e:04:15:0e:68:92:21:
80:09:33:0c:da:57:82:27:d4:ba:73:be:8e:22:6f:1e:62:a8:
7c:ae:37:70:e1:fd:a2:d9:35:a3:ed:a6:00:80:b3:10:74:96:
5d:b8:6b:c0:04:44:bf:7a:32:05:92:c5:b1:05:9d:f3:c5:9d:
1b:55:2e:99:48:30:76:85:eb:cf:aa:0e:c5:78:cc:41:db:ec:
1b:9d:43:5d:74:3e:80:19:5b:2c:76:ed:b7:0f:c3:3d:91:94:
bc:fe:9f:54:7d:32:81:89:9c:07:cb:c9:23:38:cd:a1:3a:06:
3f:4f:c3:4c:d4:1a:eb:bd:0e:6e:9e:92:b4:44:2b:62:5d:64:
8c:2f:45:83:63:05:d5:ef:d8:47:02:4a:ed:86:1e:c7:ac:b1:
8b:33:33:fe:52:a3:a2:f8:c4:8c:16:b1:b4:31:d1:2e:4d:0b:
6c:ad:92:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSN74O3hvOnF+huttykbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk2ZWM4ZDE0ZTgwMTY0YjQwOTU3YzJhMTRmMTFkMmZmYzZmMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA194P+TcOH/EfeQElatup1Ry002C1
xRnLDm4smppk7S0yNWXHfgHqn8GIsH2lYgTUcjmT8QRSpPcQ1giDARSvDOEcUvd8
URT141GUsoOCnNN4a64V9HXJsxONJHgF0sVm+cn7PCTIQmvgcFZuDGhodBtPWJOF
VBHVlpVbkdYw2A+KDqirpI72XHiv4JRn90iWE3yW3dMMxtCaQqNOO6hR3M31zxYT
dhQRCIVl8TXoNNMoLnQ8ZjcqJ5S0ijJBueJq5iiSheo/AW0+1SBIjex2T0tAYDmq
JEkuX+DZAN3O98RA6ukMkOFclEMwBsjkcA/oNVXivGKXhkhzYOJCY2KdIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSW7I0U6AFktAlXwqFPEdL/xvBxMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvTkpic2pSVG9BV1MwQ1ZmQ29VOFIwdl9HOEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0EAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKfQyh7u/WxVFWW2VD8AdNiNlsbPOvsir+NPjKQBut
KyobGEXo2mD0c/E89XOmdhQA+ofpPc1I/xXp7Xv/sAa3CzpJkYWJsPxcWEEo3qvb
kqnDNQ4EFQ5okiGACTMM2leCJ9S6c76OIm8eYqh8rjdw4f2i2TWj7aYAgLMQdJZd
uGvABES/ejIFksWxBZ3zxZ0bVS6ZSDB2hevPqg7FeMxB2+wbnUNddD6AGVssdu23
D8M9kZS8/p9UfTKBiZwHy8kjOM2hOgY/T8NM1BrrvQ5unpK0RCtiXWSML0WDYwXV
79hHAkrthh7HrLGLMzP+UqOi+MSMFrG0MdEuTQtsrZKC
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:27:21 2025 by rpki-client