Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/37b627-b6b7-4179-8f36-57505b049c68/1/NKB75SgScMM_XXNvHFxveIWhFoY.roa
File: NKB75SgScMM_XXNvHFxveIWhFoY.roa (raw, json)
Hash identifier: uF0/9zfliXl8CQJax2lSAj3s4F+LNOMJ9D/bSM9BvkY=
Subject key identifier: 34:A0:7B:E5:28:12:70:C3:3F:5D:73:6F:1C:5C:6F:78:85:A1:16:86
Certificate issuer: /CN=187cb647a4739142f9c05162c83a644fd085e994
Certificate serial: 01D02C
Authority key identifier: 18:7C:B6:47:A4:73:91:42:F9:C0:51:62:C8:3A:64:4F:D0:85:E9:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GHy2R6RzkUL5wFFiyDpkT9CF6ZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/37b627-b6b7-4179-8f36-57505b049c68/1/NKB75SgScMM_XXNvHFxveIWhFoY.roa
Signing time: Tue 28 Jun 2022 15:55:02 +0000
ROA not before: Tue 28 Jun 2022 15:55:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 148.135.208.0/20 maxlen: 24
148.135.0.0/20 maxlen: 24
148.135.224.0/20 maxlen: 24
148.135.16.0/20 maxlen: 24
148.135.240.0/20 maxlen: 24
148.135.32.0/20 maxlen: 24
148.135.160.0/20 maxlen: 24
148.135.176.0/20 maxlen: 24
148.135.192.0/20 maxlen: 24
148.135.96.0/20 maxlen: 24
148.135.112.0/20 maxlen: 24
148.135.128.0/20 maxlen: 24
148.135.144.0/20 maxlen: 24
148.135.48.0/20 maxlen: 24
148.135.64.0/20 maxlen: 24
148.135.80.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118828 (0x1d02c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=187cb647a4739142f9c05162c83a644fd085e994
Validity
Not Before: Jun 28 15:55:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a07be5281270c33f5d736f1c5c6f7885a11686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:37:36:5e:60:67:03:c1:e4:6d:b5:78:40:
e0:47:76:5c:17:8e:59:23:76:0a:bf:d1:0d:8a:db:
5e:97:ba:46:eb:db:2e:bc:9c:24:72:a9:e7:96:ca:
98:8b:dd:1a:81:27:38:5a:c7:8e:32:74:cc:4e:6b:
41:9f:90:d6:d8:34:c0:88:a6:f4:bb:1c:a5:bf:6f:
0d:49:ff:f8:0a:69:8a:06:fc:d6:29:ac:15:bd:91:
06:e1:83:c3:72:b8:27:62:c2:55:66:1d:50:37:19:
a9:53:c1:72:bc:4d:ab:cc:66:71:1c:f6:6d:d5:af:
c6:4c:62:ee:55:db:e3:d3:42:a3:f4:2d:4f:19:73:
b5:76:e5:b2:3e:a4:0b:41:cd:70:c8:b4:b5:ae:6f:
4e:7c:97:d9:80:91:3a:7f:63:7d:50:30:62:7d:14:
0b:5c:1b:4b:33:0d:97:b1:9d:c6:2d:f9:9f:21:f4:
7a:81:12:eb:8a:b0:a3:17:23:9c:f9:b0:e9:db:f8:
ad:1b:24:b4:3d:e8:66:ab:e3:22:d5:24:a6:e7:8d:
e4:51:be:84:40:16:e0:39:82:0d:d7:27:bf:a8:2c:
59:ac:e4:a6:d2:c8:24:68:db:86:63:b6:28:0f:82:
d5:dd:43:6b:78:0c:29:e5:cb:25:01:c6:8d:ee:a4:
d7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A0:7B:E5:28:12:70:C3:3F:5D:73:6F:1C:5C:6F:78:85:A1:16:86
X509v3 Authority Key Identifier:
keyid:18:7C:B6:47:A4:73:91:42:F9:C0:51:62:C8:3A:64:4F:D0:85:E9:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHy2R6RzkUL5wFFiyDpkT9CF6ZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/37b627-b6b7-4179-8f36-57505b049c68/1/NKB75SgScMM_XXNvHFxveIWhFoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/37b627-b6b7-4179-8f36-57505b049c68/1/GHy2R6RzkUL5wFFiyDpkT9CF6ZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:b5:03:4c:d2:78:25:9d:38:a6:8d:25:17:d2:ee:d8:58:8b:
3b:ec:76:53:99:0c:bd:a6:a0:d4:ca:6b:dd:d6:56:b1:8a:cf:
13:b9:c2:c8:10:01:96:a1:64:24:1c:10:a9:22:0f:bf:75:9a:
22:5e:9b:0f:28:fb:84:29:b7:06:84:c0:d1:43:34:ca:9b:9c:
87:15:d4:9f:27:b9:1f:14:0f:78:5c:1e:60:f7:d6:91:37:6d:
8c:80:9a:7f:00:97:80:96:b6:bd:3b:dc:f8:ed:7e:09:59:a9:
f5:e9:a4:12:9a:8a:fd:48:51:b3:86:4c:65:f1:27:bb:9d:a4:
df:6e:55:c8:72:1f:19:15:93:e8:cb:5e:ed:c5:69:19:82:37:
7a:d6:8e:e9:00:f8:35:65:50:97:ce:5c:21:07:68:9b:fc:d4:
04:00:8e:d3:13:2f:68:da:36:bb:39:4b:38:89:88:63:99:33:
16:7b:97:0d:a1:70:42:2b:64:ff:b2:b7:e5:e5:10:d5:f2:cc:
59:1d:ff:d0:5a:d5:d9:c5:90:05:10:67:31:95:84:80:54:13:
43:8c:4d:b0:a0:cf:45:01:c0:50:bc:84:81:cb:d4:27:83:a9:
ac:e6:c3:9a:2f:5c:69:50:fb:3d:08:2b:d2:94:8a:16:94:af:
d4:be:96:fe
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgIDAdAsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE4
N2NiNjQ3YTQ3MzkxNDJmOWMwNTE2MmM4M2E2NDRmZDA4NWU5OTQwHhcNMjIwNjI4
MTU1NTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNGEwN2JlNTI4MTI3
MGMzM2Y1ZDczNmYxYzVjNmY3ODg1YTExNjg2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr903Nl5gZwPB5G21eEDgR3ZcF45ZI3YKv9ENittel7pG69su
vJwkcqnnlsqYi90agSc4WseOMnTMTmtBn5DW2DTAiKb0uxylv28NSf/4CmmKBvzW
KawVvZEG4YPDcrgnYsJVZh1QNxmpU8FyvE2rzGZxHPZt1a/GTGLuVdvj00Kj9C1P
GXO1duWyPqQLQc1wyLS1rm9OfJfZgJE6f2N9UDBifRQLXBtLMw2XsZ3GLfmfIfR6
gRLrirCjFyOc+bDp2/itGyS0Pehmq+Mi1SSm543kUb6EQBbgOYIN1ye/qCxZrOSm
0sgkaNuGY7YoD4LV3UNreAwp5cslAcaN7qTXzwIDAQABo4ICCDCCAgQwHQYDVR0O
BBYEFDSge+UoEnDDP11zbxxcb3iFoRaGMB8GA1UdIwQYMBaAFBh8tkekc5FC+cBR
Ysg6ZE/QhemUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R0h5MlI2UnprVUw1d0ZGaXlEcGtUOUNGNlpRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MS8zN2I2MjctYjZiNy00MTc5LThmMzYtNTc1MDViMDQ5YzY4LzEv
TktCNzVTZ1NjTU1fWFhOdkhGeHZlSVdoRm9ZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8z
N2I2MjctYjZiNy00MTc5LThmMzYtNTc1MDViMDQ5YzY4LzEvR0h5MlI2UnprVUw1
d0ZGaXlEcGtUOUNGNlpRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4G
CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlIcwDQYJKoZIhvcNAQELBQADggEB
AJu1A0zSeCWdOKaNJRfS7thYizvsdlOZDL2moNTKa93WVrGKzxO5wsgQAZahZCQc
EKkiD791miJemw8o+4QptwaEwNFDNMqbnIcV1J8nuR8UD3hcHmD31pE3bYyAmn8A
l4CWtr073PjtfglZqfXppBKaiv1IUbOGTGXxJ7udpN9uVchyHxkVk+jLXu3FaRmC
N3rWjukA+DVlUJfOXCEHaJv81AQAjtMTL2jaNrs5SziJiGOZMxZ7lw2hcEIrZP+y
t+XlENXyzFkd/9Ba1dnFkAUQZzGVhIBUE0OMTbCgz0UBwFC8hIHL1CeDqazmw5ov
XGlQ+z0IK9KUihaUr9S+lv4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:48 2023 by rpki-client on console-ams.rpki-client.org