Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/NSkwSBoUS9oQNPC1FerSWasgFaI.roa
File: NSkwSBoUS9oQNPC1FerSWasgFaI.roa (raw, json)
Hash identifier: gD9FfI8opiPJvI24LTtEa8ULeTFpoddEe7WTM1PZNEo=
Subject key identifier: 35:29:30:48:1A:14:4B:DA:10:34:F0:B5:15:EA:D2:59:AB:20:15:A2
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 018831CD8BB9CF47C0508E8FF5EBD8E48883
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/NSkwSBoUS9oQNPC1FerSWasgFaI.roa
Signing time: Fri 19 May 2023 02:18:54 +0000
ROA not before: Fri 19 May 2023 02:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 45.156.223.0/24 maxlen: 24
45.156.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:31:cd:8b:b9:cf:47:c0:50:8e:8f:f5:eb:d8:e4:88:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: May 19 02:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=352930481a144bda1034f0b515ead259ab2015a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:13:5c:26:95:85:14:a1:8b:c5:27:3e:2c:
b1:a9:bb:e5:12:1a:15:d6:e3:10:79:dd:68:f3:3d:
d7:7c:0f:98:a1:26:e3:0c:ab:38:ff:77:7d:ef:8d:
03:9b:1f:d0:46:f2:fa:dd:96:29:1c:55:32:25:81:
29:f9:a6:21:01:28:d3:2d:eb:a5:91:d8:b9:0a:d3:
f3:da:b3:9b:13:96:57:ad:0c:7e:5c:62:ff:ee:23:
93:d0:b7:49:2e:8f:bc:92:d0:9f:aa:c9:c7:f7:bf:
2f:23:36:ef:c8:02:31:1d:f7:fd:03:e8:9d:c2:b5:
33:af:e7:49:79:33:55:6c:44:38:f2:ed:85:73:7d:
13:28:91:a6:28:27:23:2c:d1:24:f0:a3:f0:5b:d1:
6f:91:ad:09:a5:90:92:8d:bf:73:66:08:72:b2:39:
ad:71:da:71:fa:32:e2:39:95:57:47:08:a9:d9:5e:
a2:17:8c:46:23:4c:ca:19:46:fe:65:47:10:04:53:
af:e1:f3:14:ab:7f:79:31:3d:ed:fe:a9:72:8d:c6:
53:3a:11:3a:13:ab:7b:e5:b3:c8:17:a8:8a:08:84:
18:19:99:bf:a7:5e:b9:02:56:e7:87:18:13:71:c2:
0f:64:74:19:85:b7:f1:05:8e:23:37:3a:23:d7:f4:
4a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:30:48:1A:14:4B:DA:10:34:F0:B5:15:EA:D2:59:AB:20:15:A2
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/NSkwSBoUS9oQNPC1FerSWasgFaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.221.0/24
45.156.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:87:a4:11:ca:e9:1a:1b:fe:b2:a6:e7:78:5a:8b:f8:4b:62:
97:25:65:fc:69:21:41:cc:48:dd:ad:42:5e:31:1b:c9:bb:2e:
27:a2:c3:69:da:9b:f0:69:e5:28:ad:9a:55:4d:ed:84:6a:7c:
c8:ba:c0:84:fe:65:c8:04:6c:8a:3e:b0:c4:00:d7:c7:f9:9a:
ce:be:ff:52:73:8e:a8:94:1f:b4:e7:87:87:22:48:a3:70:aa:
d6:59:48:57:91:b9:c9:82:0a:cd:f3:f3:fe:4c:a2:79:aa:4e:
37:16:f2:d8:6a:dd:af:22:40:f5:a2:8c:fd:1c:ba:cd:2f:e4:
ff:18:e1:5e:f3:ca:c1:8b:b4:11:c6:b0:19:09:35:3d:49:44:
06:c4:53:8a:1f:b1:b3:12:d7:50:ed:d4:2c:c2:e3:3d:ef:cb:
cd:59:f5:35:34:50:46:75:4c:67:cb:23:ee:85:4d:a9:d9:b7:
8d:2b:a3:c4:9a:c7:24:5d:64:f2:21:f7:74:4d:43:db:9a:a0:
c5:ec:5c:8f:0c:52:e8:86:2a:c3:67:3b:d1:66:e5:8d:49:5f:
6e:25:b5:af:a0:6a:eb:f1:b0:3a:55:c5:03:cf:db:5b:72:da:
cd:24:95:e7:dc:48:e1:33:09:20:66:56:b2:78:74:18:78:46:
a7:fb:11:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgxzYu5z0fAUI6P9evY5IiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwNTE5MDIxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI5MzA0ODFhMTQ0YmRhMTAzNGYwYjUxNWVhZDI1OWFiMjAxNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtcTXCaVhRShi8UnPiyxqbvlEhoV
1uMQed1o8z3XfA+YoSbjDKs4/3d9740Dmx/QRvL63ZYpHFUyJYEp+aYhASjTLeul
kdi5CtPz2rObE5ZXrQx+XGL/7iOT0LdJLo+8ktCfqsnH978vIzbvyAIxHff9A+id
wrUzr+dJeTNVbEQ48u2Fc30TKJGmKCcjLNEk8KPwW9Fvka0JpZCSjb9zZghysjmt
cdpx+jLiOZVXRwip2V6iF4xGI0zKGUb+ZUcQBFOv4fMUq395MT3t/qlyjcZTOhE6
E6t75bPIF6iKCIQYGZm/p165AlbnhxgTccIPZHQZhbfxBY4jNzoj1/RKfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUpMEgaFEvaEDTwtRXq0lmrIBWiMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvTlNrd1NCb1VTOW9RTlBDMUZlclNXYXNnRmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZzdAwQA
LZzfMA0GCSqGSIb3DQEBCwUAA4IBAQBdh6QRyukaG/6ypud4Wov4S2KXJWX8aSFB
zEjdrUJeMRvJuy4nosNp2pvwaeUorZpVTe2EanzIusCE/mXIBGyKPrDEANfH+ZrO
vv9Sc46olB+054eHIkijcKrWWUhXkbnJggrN8/P+TKJ5qk43FvLYat2vIkD1ooz9
HLrNL+T/GOFe88rBi7QRxrAZCTU9SUQGxFOKH7GzEtdQ7dQswuM978vNWfU1NFBG
dUxnyyPuhU2p2beNK6PEmsckXWTyIfd0TUPbmqDF7FyPDFLohirDZzvRZuWNSV9u
JbWvoGrr8bA6VcUDz9tbctrNJJXn3EjhMwkgZlayeHQYeEan+xGL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:20 2025 by rpki-client