Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d8ed41-71f6-4bb7-a3ee-a0bb140a596e/1/NgMUQ0h4d6oIArcMJtSW703L-Zc.roa
File: NgMUQ0h4d6oIArcMJtSW703L-Zc.roa (raw, json)
Hash identifier: TJW4OaMrgaRj7E3uX9xVvPrYH4h+lcuQwLF2jUPlChA=
Subject key identifier: 36:03:14:43:48:78:77:AA:08:02:B7:0C:26:D4:96:EF:4D:CB:F9:97
Certificate issuer: /CN=55d5dc9e220112a27c152bc32389038974ae4572
Certificate serial: 01941FFA136F20E495017B9CFE13DF3B50B3
Authority key identifier: 55:D5:DC:9E:22:01:12:A2:7C:15:2B:C3:23:89:03:89:74:AE:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VdXcniIBEqJ8FSvDI4kDiXSuRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d8ed41-71f6-4bb7-a3ee-a0bb140a596e/1/NgMUQ0h4d6oIArcMJtSW703L-Zc.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25091
IP address blocks: 94.100.138.0/23 maxlen: 23
2a01:6780:12::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:13:6f:20:e4:95:01:7b:9c:fe:13:df:3b:50:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55d5dc9e220112a27c152bc32389038974ae4572
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36031443487877aa0802b70c26d496ef4dcbf997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:02:7d:0b:5e:f0:00:18:4c:b3:e0:06:6a:96:
9e:8d:e8:0c:c8:16:57:48:df:97:cb:fb:88:23:73:
b7:9d:9c:26:98:3f:02:20:38:25:63:a3:e3:b6:44:
c8:52:03:84:d7:df:9f:11:34:79:02:47:ee:36:16:
00:a2:d0:59:50:3d:7d:57:44:c0:03:2e:33:86:24:
20:c9:b9:33:b4:f1:8c:64:f0:93:7a:64:67:94:2f:
f6:c1:fd:80:ae:85:dd:fd:27:a0:f6:57:ba:c6:a9:
b9:17:d8:9e:84:64:0e:ae:05:d7:1f:9b:12:57:56:
fd:7b:8d:2b:58:d6:f1:49:b1:9e:dd:a2:f9:fa:e7:
bc:68:6d:d4:19:85:55:6c:60:6d:1f:e7:95:6f:25:
9c:2f:33:35:0c:6c:e4:25:6d:ab:ae:c3:19:cb:b6:
c0:a5:3d:34:58:94:d7:f4:c6:63:75:f8:47:3e:ba:
96:8f:28:cf:91:8b:26:82:d1:93:21:4c:e1:e4:1e:
54:00:48:80:a2:6d:41:39:c1:d1:4a:4c:39:e7:36:
71:b3:3d:68:8c:14:84:81:53:a5:f4:79:1f:4f:54:
6d:24:5d:0a:22:22:2b:06:8e:ba:dd:bd:ad:61:11:
c4:a4:76:fa:46:b0:d8:1f:a7:61:71:4e:49:48:d7:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:03:14:43:48:78:77:AA:08:02:B7:0C:26:D4:96:EF:4D:CB:F9:97
X509v3 Authority Key Identifier:
keyid:55:D5:DC:9E:22:01:12:A2:7C:15:2B:C3:23:89:03:89:74:AE:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VdXcniIBEqJ8FSvDI4kDiXSuRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d8ed41-71f6-4bb7-a3ee-a0bb140a596e/1/NgMUQ0h4d6oIArcMJtSW703L-Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d8ed41-71f6-4bb7-a3ee-a0bb140a596e/1/VdXcniIBEqJ8FSvDI4kDiXSuRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.138.0/23
IPv6:
2a01:6780:12::/48
Signature Algorithm: sha256WithRSAEncryption
4a:5f:1e:55:eb:68:9f:47:2a:8f:db:ef:e2:ee:04:fb:77:e1:
c8:7b:d1:f7:7d:a7:9b:f8:89:16:a7:d6:de:cc:d6:61:fe:c3:
59:4c:40:04:c0:63:3e:ce:84:16:d9:f5:59:b6:d0:1e:51:c0:
19:58:e7:1e:c4:34:1b:6c:c9:47:86:bf:d6:d4:be:d1:c5:35:
82:67:d8:91:80:39:67:5d:54:c3:90:67:90:65:8c:d2:d9:c5:
9c:d6:91:bf:90:ec:ee:d1:b9:e5:e2:b0:79:9a:bb:ef:11:6d:
98:14:ce:ae:66:c8:ef:ad:ae:91:4a:71:6f:af:a7:82:bf:79:
8d:96:50:a9:5c:14:c9:91:01:a0:4b:1a:50:dc:9d:cc:e9:81:
6d:7b:e3:9c:2c:d6:96:5e:3b:63:f5:a1:bf:82:e3:80:9e:32:
c5:1c:63:e1:da:eb:ed:f8:d1:ff:ac:2e:67:95:e8:08:75:1c:
9a:62:6d:4d:a6:99:93:3f:67:06:a3:22:60:ab:09:50:c2:94:
1b:b0:e3:36:ef:4e:a1:fd:8d:ee:e4:84:1d:db:51:db:5d:ce:
35:58:6a:04:bc:94:c4:df:78:bb:a6:b2:9b:33:3a:69:cd:c0:
0e:c3:04:3d:6e:66:70:4b:45:be:7d:a7:d8:82:56:00:dd:6a:
e7:8b:85:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+hNvIOSVAXuc/hPfO1CzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZDVkYzllMjIwMTEyYTI3YzE1MmJjMzIzODkwMzg5NzRh
ZTQ1NzIwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjAzMTQ0MzQ4Nzg3N2FhMDgwMmI3MGMyNmQ0OTZlZjRkY2JmOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQJ9C17wABhMs+AGapaejegMyBZX
SN+Xy/uII3O3nZwmmD8CIDglY6PjtkTIUgOE19+fETR5AkfuNhYAotBZUD19V0TA
Ay4zhiQgybkztPGMZPCTemRnlC/2wf2AroXd/Seg9le6xqm5F9iehGQOrgXXH5sS
V1b9e40rWNbxSbGe3aL5+ue8aG3UGYVVbGBtH+eVbyWcLzM1DGzkJW2rrsMZy7bA
pT00WJTX9MZjdfhHPrqWjyjPkYsmgtGTIUzh5B5UAEiAom1BOcHRSkw55zZxsz1o
jBSEgVOl9HkfT1RtJF0KIiIrBo663b2tYRHEpHb6RrDYH6dhcU5JSNcjfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYDFENIeHeqCAK3DCbUlu9Ny/mXMB8GA1UdIwQY
MBaAFFXV3J4iARKifBUrwyOJA4l0rkVyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmRYY25pSUJFcUo4RlN2REk0a0RpWFN1UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kOGVkNDEtNzFmNi00YmI3LWEzZWUt
YTBiYjE0MGE1OTZlLzEvTmdNVVEwaDRkNm9JQXJjTUp0U1c3MDNMLVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kOGVkNDEtNzFmNi00YmI3LWEzZWUtYTBiYjE0MGE1OTZl
LzEvVmRYY25pSUJFcUo4RlN2REk0a0RpWFN1UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBXmSKMA8E
AgACMAkDBwAqAWeAABIwDQYJKoZIhvcNAQELBQADggEBAEpfHlXraJ9HKo/b7+Lu
BPt34ch70fd9p5v4iRan1t7M1mH+w1lMQATAYz7OhBbZ9Vm20B5RwBlY5x7ENBts
yUeGv9bUvtHFNYJn2JGAOWddVMOQZ5BljNLZxZzWkb+Q7O7RueXisHmau+8RbZgU
zq5myO+trpFKcW+vp4K/eY2WUKlcFMmRAaBLGlDcnczpgW1745ws1pZeO2P1ob+C
44CeMsUcY+Ha6+340f+sLmeV6Ah1HJpibU2mmZM/ZwajImCrCVDClBuw4zbvTqH9
je7khB3bUdtdzjVYagS8lMTfeLumspszOmnNwA7DBD1uZnBLRb59p9iCVgDdaueL
hf0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:16 2025 by rpki-client