Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/NqcS3iBK8U8flvef0Nqw2TVfi60.roa
File: NqcS3iBK8U8flvef0Nqw2TVfi60.roa (raw, json)
Hash identifier: j8yFbIlyMimvTa7T3CseeI21D35WgrPORHectZm7+m8=
Subject key identifier: 36:A7:12:DE:20:4A:F1:4F:1F:96:F7:9F:D0:DA:B0:D9:35:5F:8B:AD
Certificate issuer: /CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Certificate serial: 019428243519D5ED6524645811DFFCC1422E
Authority key identifier: A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/NqcS3iBK8U8flvef0Nqw2TVfi60.roa
Signing time: Thu 02 Jan 2025 17:50:48 +0000
ROA not before: Thu 02 Jan 2025 17:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136778
IP address blocks: 45.157.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:35:19:d5:ed:65:24:64:58:11:df:fc:c1:42:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Validity
Not Before: Jan 2 17:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36a712de204af14f1f96f79fd0dab0d9355f8bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:08:db:86:22:b3:f2:48:b6:7b:36:58:56:04:
e0:d9:ce:8e:3b:07:ed:b0:b8:40:8c:41:94:08:e7:
16:a4:8c:9b:52:eb:62:04:6e:3c:bc:2b:e0:e9:ec:
82:50:c7:67:64:67:9f:1c:a8:3c:bf:cb:ad:02:87:
bc:67:d7:56:1e:61:a9:55:ef:bc:b6:39:0e:65:67:
e9:94:10:5b:90:7c:94:2c:02:38:f6:c8:2d:d0:bb:
6f:ea:2f:8c:94:4e:10:59:34:86:10:d8:29:a7:74:
74:63:0b:f7:76:03:74:8a:70:f4:34:41:40:e6:bf:
14:15:1c:df:17:1f:72:ce:06:1a:5e:9f:8c:99:76:
87:42:8a:d8:92:c0:3c:9a:9f:3c:1f:41:33:5d:a6:
4a:52:ee:c8:a6:19:8b:c0:88:5c:0b:c6:53:59:5e:
eb:01:60:2b:81:1e:fd:eb:94:5d:8e:17:c7:50:93:
0a:54:48:55:a4:ff:c6:04:43:d1:8f:8e:bf:95:a5:
79:23:df:c8:0d:1d:54:d9:aa:04:48:13:8e:b0:2d:
fd:52:4e:05:1c:67:69:94:1c:6b:8f:73:18:8a:bc:
f8:cc:92:05:21:2a:77:94:1c:12:d2:b5:f5:35:f1:
40:e3:7b:99:66:65:ee:37:9b:21:e4:29:c9:7e:4e:
a4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A7:12:DE:20:4A:F1:4F:1F:96:F7:9F:D0:DA:B0:D9:35:5F:8B:AD
X509v3 Authority Key Identifier:
keyid:A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/NqcS3iBK8U8flvef0Nqw2TVfi60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/odAxU3OwmwYapZ8SnVkuq_ezqu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.68.0/24
Signature Algorithm: sha256WithRSAEncryption
97:58:e0:e4:2b:07:ad:d3:8f:f3:93:87:7c:1c:2c:f0:99:2f:
67:47:c7:e9:9a:67:c7:0e:89:e6:7a:a1:ec:5e:a5:13:cb:57:
b4:cf:3e:e1:32:d8:45:9e:37:90:0d:43:18:87:22:52:e2:c3:
75:d0:37:d9:2e:35:c5:71:87:6f:e0:e2:0a:3a:ca:28:d1:a9:
6e:7f:b2:6b:74:d7:6c:81:61:2d:04:e3:ea:41:71:a4:27:ef:
96:a8:ab:80:ec:38:be:13:fd:33:53:ff:e0:f0:b1:dd:ba:99:
e6:e4:04:cb:3c:ef:18:ea:6f:97:d4:94:1b:ee:ef:11:81:b5:
08:ec:3d:24:a5:8a:75:90:3b:6b:8f:6b:f9:d4:04:1c:64:e7:
8e:f0:3d:60:17:15:51:55:b3:6f:63:fc:11:c1:c1:51:5a:87:
34:1d:6c:0c:be:1d:87:91:f1:13:8f:03:03:30:30:e9:f1:63:
27:67:77:2b:8b:a0:43:bb:d1:be:37:a3:c7:20:ef:cf:20:ac:
c2:3a:10:2f:d0:84:72:f8:26:92:d3:1c:b9:8d:24:a1:77:62:
94:85:04:4d:27:80:36:6b:57:ad:0f:dc:20:b7:b1:e9:a3:64:
27:99:70:05:44:a5:27:8d:c0:a2:ce:94:27:b1:8d:94:9e:1a:
81:40:c3:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJDUZ1e1lJGRYEd/8wUIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDAzMTUzNzNiMDliMDYxYWE1OWYxMjlkNTkyZWFiZjdi
M2FhZWYwHhcNMjUwMTAyMTc1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmE3MTJkZTIwNGFmMTRmMWY5NmY3OWZkMGRhYjBkOTM1NWY4YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gjbhiKz8ki2ezZYVgTg2c6OOwft
sLhAjEGUCOcWpIybUutiBG48vCvg6eyCUMdnZGefHKg8v8utAoe8Z9dWHmGpVe+8
tjkOZWfplBBbkHyULAI49sgt0Ltv6i+MlE4QWTSGENgpp3R0Ywv3dgN0inD0NEFA
5r8UFRzfFx9yzgYaXp+MmXaHQorYksA8mp88H0EzXaZKUu7IphmLwIhcC8ZTWV7r
AWArgR7965RdjhfHUJMKVEhVpP/GBEPRj46/laV5I9/IDR1U2aoESBOOsC39Uk4F
HGdplBxrj3MYirz4zJIFISp3lBwS0rX1NfFA43uZZmXuN5sh5CnJfk6kkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDanEt4gSvFPH5b3n9DasNk1X4utMB8GA1UdIwQY
MBaAFKHQMVNzsJsGGqWfEp1ZLqv3s6rvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMt
ZGZjYmRmM2IxMDU4LzEvTnFjUzNpQks4VThmbHZlZjBOcXcyVFZmaTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMtZGZjYmRmM2IxMDU4
LzEvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ1EMA0G
CSqGSIb3DQEBCwUAA4IBAQCXWODkKwet04/zk4d8HCzwmS9nR8fpmmfHDonmeqHs
XqUTy1e0zz7hMthFnjeQDUMYhyJS4sN10DfZLjXFcYdv4OIKOsoo0aluf7JrdNds
gWEtBOPqQXGkJ++WqKuA7Di+E/0zU//g8LHdupnm5ATLPO8Y6m+X1JQb7u8RgbUI
7D0kpYp1kDtrj2v51AQcZOeO8D1gFxVRVbNvY/wRwcFRWoc0HWwMvh2HkfETjwMD
MDDp8WMnZ3cri6BDu9G+N6PHIO/PIKzCOhAv0IRy+CaS0xy5jSShd2KUhQRNJ4A2
a1etD9wgt7Hpo2QnmXAFRKUnjcCizpQnsY2UnhqBQMNH
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:55:37 2025 by rpki-client