Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NXol7SZB4X_GW_hCCTdw6JKpUF0.roa
File: NXol7SZB4X_GW_hCCTdw6JKpUF0.roa (raw, json)
Hash identifier: WDRDla9Xxb/t3AgUbLUd9VJFPn/ukq4OJiTvjgkOT6w=
Subject key identifier: 35:7A:25:ED:26:41:E1:7F:C6:5B:F8:42:09:37:70:E8:92:A9:50:5D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746BD5054BDBC5C65C1085B604CA083
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NXol7SZB4X_GW_hCCTdw6JKpUF0.roa
Signing time: Thu 02 Jan 2025 13:48:54 +0000
ROA not before: Thu 02 Jan 2025 13:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214907
IP address blocks: 188.132.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:bd:50:54:bd:bc:5c:65:c1:08:5b:60:4c:a0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=357a25ed2641e17fc65bf842093770e892a9505d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d9:7a:78:6c:cb:f2:67:e7:6b:b0:01:7c:e2:
09:36:88:06:58:24:44:4b:ba:de:67:f2:df:28:b7:
7e:05:14:95:53:0a:85:d1:22:98:28:cd:65:ba:e8:
83:30:02:c5:bf:54:12:47:fe:ea:24:3e:38:49:ea:
a6:22:82:31:94:70:eb:3b:82:12:0b:3a:e6:34:d2:
b3:28:00:36:2e:e3:be:8f:1e:36:8e:db:ae:1b:d6:
55:cb:94:0b:46:7e:ad:89:1c:a4:d1:1e:1e:00:ac:
ce:d5:94:9b:dc:8c:04:ff:11:5b:e0:32:d9:f0:c5:
74:6c:b5:c4:50:0d:32:91:01:41:d8:14:be:05:98:
43:8e:19:58:84:e0:93:77:df:93:02:98:29:55:60:
2c:86:61:cf:22:83:af:4a:a0:31:95:56:0a:a7:5c:
06:a6:ca:4d:f7:52:35:be:44:8c:b0:c9:e8:4a:9c:
e4:71:3c:cc:5e:ea:ae:ee:18:e4:5b:33:89:ff:dc:
80:55:90:1b:fd:2b:99:91:5d:9c:25:1f:1f:c4:30:
dc:7a:d6:3c:87:05:c1:79:06:92:30:74:29:cc:1c:
20:e6:5a:30:da:56:bd:48:7c:9a:ea:3d:d4:8e:2b:
ea:9d:86:42:3d:ee:f2:64:42:97:f9:4e:65:c1:c7:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7A:25:ED:26:41:E1:7F:C6:5B:F8:42:09:37:70:E8:92:A9:50:5D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NXol7SZB4X_GW_hCCTdw6JKpUF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:96:a6:b8:8c:17:73:c7:58:24:e2:ab:be:c2:d3:29:73:eb:
62:68:87:2a:80:a3:0e:1a:86:b5:64:0f:29:58:99:9f:8b:19:
c8:d5:c0:4b:08:46:e8:64:09:fe:14:9d:07:02:91:f2:08:8b:
be:01:2f:fc:ae:e4:d3:0e:13:c3:49:ea:32:6b:eb:63:7b:60:
43:32:73:94:b4:5a:a0:96:20:fe:ec:cc:af:c4:14:f2:26:be:
2b:f1:79:34:7d:57:15:ef:af:b2:b6:e7:75:11:13:e8:f6:db:
25:d4:bb:a6:3d:42:f7:1d:48:85:5f:df:27:d3:4b:6c:d5:cd:
18:32:df:d0:c1:67:b9:2c:9a:dd:f5:77:3b:76:e2:cb:39:45:
5c:db:d0:65:ee:21:64:48:9c:8f:a0:0b:6e:3e:f4:32:c4:09:
b1:52:0a:47:64:41:8c:bc:df:0a:e6:3e:30:b2:be:3a:22:ec:
ef:6b:f0:00:9f:92:af:42:88:ee:b6:04:de:55:70:e3:e5:f3:
84:9f:72:5e:41:1f:b9:67:2d:55:52:ce:92:8c:9c:40:7f:5f:
2b:67:a6:fe:02:04:a8:f4:6d:72:bd:7c:3d:7d:13:86:91:5e:
06:fd:87:81:16:60:3e:6e:6c:84:ce:f1:d2:08:18:91:07:a7:
f7:d0:d5:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRr1QVL28XGXBCFtgTKCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdhMjVlZDI2NDFlMTdmYzY1YmY4NDIwOTM3NzBlODkyYTk1MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tl6eGzL8mfna7ABfOIJNogGWCRE
S7reZ/LfKLd+BRSVUwqF0SKYKM1luuiDMALFv1QSR/7qJD44SeqmIoIxlHDrO4IS
CzrmNNKzKAA2LuO+jx42jtuuG9ZVy5QLRn6tiRyk0R4eAKzO1ZSb3IwE/xFb4DLZ
8MV0bLXEUA0ykQFB2BS+BZhDjhlYhOCTd9+TApgpVWAshmHPIoOvSqAxlVYKp1wG
pspN91I1vkSMsMnoSpzkcTzMXuqu7hjkWzOJ/9yAVZAb/SuZkV2cJR8fxDDcetY8
hwXBeQaSMHQpzBwg5low2la9SHya6j3UjivqnYZCPe7yZEKX+U5lwcepAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV6Je0mQeF/xlv4Qgk3cOiSqVBdMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTlhvbDdTWkI0WF9HV19oQ0NUZHc2SktwVUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITQMA0G
CSqGSIb3DQEBCwUAA4IBAQBflqa4jBdzx1gk4qu+wtMpc+tiaIcqgKMOGoa1ZA8p
WJmfixnI1cBLCEboZAn+FJ0HApHyCIu+AS/8ruTTDhPDSeoya+tje2BDMnOUtFqg
liD+7MyvxBTyJr4r8Xk0fVcV76+ytud1ERPo9tsl1LumPUL3HUiFX98n00ts1c0Y
Mt/QwWe5LJrd9Xc7duLLOUVc29Bl7iFkSJyPoAtuPvQyxAmxUgpHZEGMvN8K5j4w
sr46Iuzva/AAn5KvQojutgTeVXDj5fOEn3JeQR+5Zy1VUs6SjJxAf18rZ6b+AgSo
9G1yvXw9fROGkV4G/YeBFmA+bmyEzvHSCBiRB6f30NVa
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:11:06 2025 by rpki-client