Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/NGPkgc-gMBPWvfnpR_WESooqffM.roa
File: NGPkgc-gMBPWvfnpR_WESooqffM.roa (raw, json)
Hash identifier: h7f13JmtNSfs0kxRIebuhHcsUGxQLBWtTWJQue5vIeg=
Subject key identifier: 34:63:E4:81:CF:A0:30:13:D6:BD:F9:E9:47:F5:84:4A:8A:2A:7D:F3
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 01942220362D6B555D7A70A70CA35EB07368
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/NGPkgc-gMBPWvfnpR_WESooqffM.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42910
IP address blocks: 185.78.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:36:2d:6b:55:5d:7a:70:a7:0c:a3:5e:b0:73:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3463e481cfa03013d6bdf9e947f5844a8a2a7df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:7f:b5:1c:7b:69:32:80:5c:e4:e0:c0:e4:
66:19:39:f9:7f:66:26:67:5b:41:f2:dd:c9:94:7a:
4a:19:34:49:e2:cf:47:e9:23:14:b4:1b:18:bb:20:
b1:e2:1c:a4:83:cc:c6:10:a9:6b:78:a7:b8:e7:ae:
fe:60:26:a7:23:ff:12:72:03:f6:80:9f:ba:8b:db:
3f:7a:5b:32:43:1b:c9:3e:f1:66:a1:c2:2e:da:a6:
e1:78:56:a2:a0:9b:fc:1a:ae:8d:61:90:81:87:3c:
b8:68:56:09:94:a2:76:df:bb:d4:7c:de:8b:9d:b9:
4a:f5:92:a2:0a:66:87:22:77:48:0e:71:2f:e1:cd:
84:b1:80:83:08:b2:6e:de:ab:ed:2b:9c:2a:d2:ce:
31:3d:b6:0b:5f:10:4c:d7:f0:79:39:4a:d1:f6:03:
02:f1:76:08:5a:ab:b7:47:3e:97:1b:ca:19:76:ec:
4c:2e:89:d4:e2:08:42:c7:1e:7e:55:ad:75:09:83:
67:41:c5:81:3f:b7:36:3e:25:16:4f:47:6b:31:a3:
45:ec:15:4e:34:49:bd:3e:79:1c:00:fb:e2:8a:21:
86:de:2b:40:4c:a0:bc:34:8b:d0:9c:42:cb:ee:56:
ce:6d:f5:9e:af:5e:a8:21:8c:8c:c2:b1:4a:d5:0a:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:63:E4:81:CF:A0:30:13:D6:BD:F9:E9:47:F5:84:4A:8A:2A:7D:F3
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/NGPkgc-gMBPWvfnpR_WESooqffM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.86.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:57:8a:ab:9c:51:9a:bc:26:02:14:ca:6d:fe:f0:9d:a1:82:
a8:b7:61:84:cb:a5:a2:fb:ef:e7:aa:8f:bc:f1:bb:d7:46:c0:
89:7b:de:0f:59:38:eb:fe:44:14:34:56:11:c2:e4:64:c5:df:
f2:57:14:fa:db:2a:85:15:9d:d7:97:11:19:58:af:e6:9a:2d:
e0:c2:7d:5a:4a:c6:e2:e7:13:18:96:31:ce:17:35:38:ec:5b:
9b:3e:26:4e:d5:22:05:35:b4:af:8e:dc:ca:d4:e5:31:a7:6f:
4e:ff:38:8f:03:24:67:9d:18:07:ec:c0:63:3d:56:2e:cb:20:
7b:68:9f:bd:cc:eb:a9:ef:f5:c8:15:44:0a:e9:96:13:19:aa:
fc:3d:3b:17:d2:fe:d2:24:66:88:e6:0d:97:b2:60:ce:a7:45:
dd:9f:8f:80:2f:6c:81:9d:90:17:e1:57:f0:bf:24:66:46:b3:
21:c8:9c:41:d2:7f:f8:07:6b:8f:81:d3:0b:13:ab:fc:f9:14:
e0:0b:5a:04:3a:e9:fd:a3:e9:f3:a9:4a:a8:e0:6f:e0:c0:6a:
0a:bd:59:56:fb:21:47:d3:c7:36:9d:29:5e:ba:22:14:ec:d9:
90:12:cc:f3:8c:a7:ee:ec:e0:f6:63:c1:4e:de:02:a5:0e:82:
84:fa:d9:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDYta1VdenCnDKNesHNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDYzZTQ4MWNmYTAzMDEzZDZiZGY5ZTk0N2Y1ODQ0YThhMmE3ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAd/tRx7aTKAXOTgwORmGTn5f2Ym
Z1tB8t3JlHpKGTRJ4s9H6SMUtBsYuyCx4hykg8zGEKlreKe4567+YCanI/8ScgP2
gJ+6i9s/elsyQxvJPvFmocIu2qbheFaioJv8Gq6NYZCBhzy4aFYJlKJ237vUfN6L
nblK9ZKiCmaHIndIDnEv4c2EsYCDCLJu3qvtK5wq0s4xPbYLXxBM1/B5OUrR9gMC
8XYIWqu3Rz6XG8oZduxMLonU4ghCxx5+Va11CYNnQcWBP7c2PiUWT0drMaNF7BVO
NEm9PnkcAPviiiGG3itATKC8NIvQnELL7lbObfWer16oIYyMwrFK1Qq+EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRj5IHPoDAT1r356Uf1hEqKKn3zMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvTkdQa2djLWdNQlBXdmZucFJfV0VTb29xZmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU5WMA0G
CSqGSIb3DQEBCwUAA4IBAQCgV4qrnFGavCYCFMpt/vCdoYKot2GEy6Wi++/nqo+8
8bvXRsCJe94PWTjr/kQUNFYRwuRkxd/yVxT62yqFFZ3XlxEZWK/mmi3gwn1aSsbi
5xMYljHOFzU47FubPiZO1SIFNbSvjtzK1OUxp29O/ziPAyRnnRgH7MBjPVYuyyB7
aJ+9zOup7/XIFUQK6ZYTGar8PTsX0v7SJGaI5g2XsmDOp0Xdn4+AL2yBnZAX4Vfw
vyRmRrMhyJxB0n/4B2uPgdMLE6v8+RTgC1oEOun9o+nzqUqo4G/gwGoKvVlW+yFH
08c2nSleuiIU7NmQEszzjKfu7OD2Y8FO3gKlDoKE+tm/
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:27:03 2025 by rpki-client