Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/o-NtXLRHL-S0Y-O2GlCnHQAffNw.roa
File: o-NtXLRHL-S0Y-O2GlCnHQAffNw.roa (raw, json)
Hash identifier: dxc+WfWonf57/frz8JHxuwGakdxRPwah5tbEWGWiZgY=
Subject key identifier: A3:E3:6D:5C:B4:47:2F:E4:B4:63:E3:B6:1A:50:A7:1D:00:1F:7C:DC
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 019420D5DABF202074FBC377C201685DAE10
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/o-NtXLRHL-S0Y-O2GlCnHQAffNw.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34309
IP address blocks: 176.109.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:da:bf:20:20:74:fb:c3:77:c2:01:68:5d:ae:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3e36d5cb4472fe4b463e3b61a50a71d001f7cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bc:ef:d0:24:b9:3d:29:36:4a:b6:89:74:1a:
a1:f6:9b:9e:28:fc:be:f3:92:e8:82:e3:fa:3f:5c:
2b:10:90:18:f1:ca:19:d1:58:7e:af:68:1f:24:1b:
91:62:fb:4d:19:4f:2a:2f:1a:88:3d:08:59:ea:1f:
dc:e2:59:0b:67:56:b2:f2:1a:39:95:88:4b:2c:bd:
ed:ad:cc:e2:48:14:9c:6f:1c:c8:4a:28:2e:1c:9b:
28:6d:2a:47:0b:6a:ac:f2:cc:20:5a:8c:58:83:bc:
10:1e:52:f9:04:e8:8f:78:fa:d4:ae:9e:c7:7b:cb:
fe:04:1f:08:93:d2:d1:53:c2:28:31:8d:c3:6c:ab:
9d:ec:eb:5b:09:67:a0:6f:c8:fe:48:39:2c:c7:d1:
47:4f:83:9f:a0:cd:d4:e1:8b:cc:df:75:13:c1:d0:
cf:eb:6a:c7:29:4a:a5:06:c3:70:2b:52:55:a9:88:
e6:c4:32:04:2e:7a:0e:10:80:14:f5:52:d7:ac:0a:
83:d0:9c:f1:17:94:3e:b3:7d:8f:88:9f:a1:fc:b5:
cd:fd:02:b3:dc:f4:7e:6c:ca:a8:b6:4f:15:65:f7:
91:95:40:ad:67:39:d3:42:20:9f:8c:9c:40:f0:9f:
8e:f3:b8:56:b8:e0:7a:cd:53:49:60:ba:f4:f8:c3:
fe:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E3:6D:5C:B4:47:2F:E4:B4:63:E3:B6:1A:50:A7:1D:00:1F:7C:DC
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/o-NtXLRHL-S0Y-O2GlCnHQAffNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.192.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c3:db:6f:c2:9c:24:34:d2:25:00:19:c3:bc:24:96:cc:70:
e5:e5:cf:9e:76:ba:1c:01:a5:da:19:31:28:94:28:a4:c7:5f:
6f:55:2c:9f:71:10:d3:71:6f:d7:11:e1:fd:a4:e3:a0:5c:b4:
c9:c6:4f:32:0f:fe:37:eb:55:2e:42:12:3b:e4:be:b5:f6:a5:
4f:38:b1:b1:61:81:08:a6:78:66:5e:81:ff:3e:10:6d:e3:cc:
61:ce:c5:f7:41:1f:d8:ea:92:a9:ad:bb:09:8f:83:61:1a:9a:
86:db:88:4a:93:a9:9f:20:d1:be:14:36:f9:95:68:38:77:b5:
98:58:cc:b1:6a:ec:3c:00:67:19:4c:52:bb:61:b0:ca:13:b0:
6a:bb:48:41:5e:2b:81:f6:50:6e:ab:73:3e:b0:33:d6:70:43:
35:ea:19:2a:7a:5e:6d:75:a7:cf:6b:2c:63:22:28:a5:cc:7d:
6c:e0:43:3b:f0:de:ba:45:74:31:a3:b2:13:25:f2:81:d0:2d:
fb:9c:20:17:6e:bb:3c:99:8b:ca:1f:4b:b7:3f:6d:07:8f:78:
a2:0f:8c:e4:78:ff:17:40:d8:12:66:23:46:cc:fa:bc:1d:59:
d2:9f:7e:3c:24:be:8e:59:48:84:fa:18:02:78:3b:13:b3:e0:
25:b6:ec:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dq/ICB0+8N3wgFoXa4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UzNmQ1Y2I0NDcyZmU0YjQ2M2UzYjYxYTUwYTcxZDAwMWY3Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7zv0CS5PSk2SraJdBqh9pueKPy+
85LoguP6P1wrEJAY8coZ0Vh+r2gfJBuRYvtNGU8qLxqIPQhZ6h/c4lkLZ1ay8ho5
lYhLLL3trcziSBScbxzISiguHJsobSpHC2qs8swgWoxYg7wQHlL5BOiPePrUrp7H
e8v+BB8Ik9LRU8IoMY3DbKud7OtbCWegb8j+SDksx9FHT4OfoM3U4YvM33UTwdDP
62rHKUqlBsNwK1JVqYjmxDIELnoOEIAU9VLXrAqD0JzxF5Q+s32PiJ+h/LXN/QKz
3PR+bMqotk8VZfeRlUCtZznTQiCfjJxA8J+O87hWuOB6zVNJYLr0+MP+ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPjbVy0Ry/ktGPjthpQpx0AH3zcMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvby1OdFhMUkhMLVMwWS1PMkdsQ25IUUFmZk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsG3AMA0G
CSqGSIb3DQEBCwUAA4IBAQAiw9tvwpwkNNIlABnDvCSWzHDl5c+edrocAaXaGTEo
lCikx19vVSyfcRDTcW/XEeH9pOOgXLTJxk8yD/4361UuQhI75L619qVPOLGxYYEI
pnhmXoH/PhBt48xhzsX3QR/Y6pKprbsJj4NhGpqG24hKk6mfING+FDb5lWg4d7WY
WMyxauw8AGcZTFK7YbDKE7Bqu0hBXiuB9lBuq3M+sDPWcEM16hkqel5tdafPayxj
IiilzH1s4EM78N66RXQxo7ITJfKB0C37nCAXbrs8mYvKH0u3P20Hj3iiD4zkeP8X
QNgSZiNGzPq8HVnSn348JL6OWUiE+hgCeDsTs+Altuy3
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:40:35 2025 by rpki-client