Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/3c293a-1591-4685-8769-a8f90d45ea67/1/NQ1K-9XIHqQJwtN4074dlf3XMz8.roa
File: NQ1K-9XIHqQJwtN4074dlf3XMz8.roa (raw, json)
Hash identifier: vM/pIxk1nyw8ZAVigG02xXVdjyCX5kUlIgX1S1etmX8=
Subject key identifier: 35:0D:4A:FB:D5:C8:1E:A4:09:C2:D3:78:D3:BE:1D:95:FD:D7:33:3F
Certificate issuer: /CN=b918a5f4815526e1e92510d3648ebda0cdbbc2ac
Certificate serial: 019426D9BE5A67871D3B30075EA64D33719D
Authority key identifier: B9:18:A5:F4:81:55:26:E1:E9:25:10:D3:64:8E:BD:A0:CD:BB:C2:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRil9IFVJuHpJRDTZI69oM27wqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/3c293a-1591-4685-8769-a8f90d45ea67/1/NQ1K-9XIHqQJwtN4074dlf3XMz8.roa
Signing time: Thu 02 Jan 2025 11:49:51 +0000
ROA not before: Thu 02 Jan 2025 11:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 195.191.112.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:be:5a:67:87:1d:3b:30:07:5e:a6:4d:33:71:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b918a5f4815526e1e92510d3648ebda0cdbbc2ac
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=350d4afbd5c81ea409c2d378d3be1d95fdd7333f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2e:32:81:52:fb:44:02:f3:b5:21:82:43:7d:
00:c1:39:0c:0a:44:9d:21:9e:91:b1:fa:d8:37:aa:
f7:2a:71:4a:10:58:6f:26:75:a2:34:af:77:0e:59:
ae:e7:15:bc:69:9d:a2:d4:3b:2e:18:c2:7e:60:29:
c1:a3:51:34:f6:50:01:a2:59:8f:86:6b:3c:4a:e8:
64:b1:75:82:d6:f9:26:45:38:31:5e:43:24:c2:61:
ad:09:d9:e2:67:82:f6:d0:3f:6f:c3:05:9c:28:68:
b2:08:06:8e:d7:57:55:8c:be:88:d4:8e:f9:90:d4:
bc:03:73:be:90:74:28:47:70:1f:d2:b3:5a:72:b5:
f9:6e:1a:f3:da:e2:e3:cc:63:f3:b9:2c:ca:f4:2a:
07:c4:0b:25:5b:f4:e2:8b:3d:ec:a9:40:b1:32:32:
ae:55:aa:4a:26:5b:7d:81:51:41:7f:28:a9:c2:1c:
39:ae:eb:d3:24:92:a6:c9:5e:e9:44:c3:ee:43:62:
51:6f:1c:0c:35:13:b6:f2:8d:d8:7b:49:7e:49:be:
06:20:f7:e0:09:c2:64:77:1c:00:d1:e8:a9:60:2a:
99:70:7b:45:ef:1c:34:21:cc:e6:14:ad:52:78:6c:
f5:d0:4f:4b:84:8a:a1:b8:46:8b:ea:20:2e:03:1e:
34:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:4A:FB:D5:C8:1E:A4:09:C2:D3:78:D3:BE:1D:95:FD:D7:33:3F
X509v3 Authority Key Identifier:
keyid:B9:18:A5:F4:81:55:26:E1:E9:25:10:D3:64:8E:BD:A0:CD:BB:C2:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRil9IFVJuHpJRDTZI69oM27wqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/3c293a-1591-4685-8769-a8f90d45ea67/1/NQ1K-9XIHqQJwtN4074dlf3XMz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/3c293a-1591-4685-8769-a8f90d45ea67/1/uRil9IFVJuHpJRDTZI69oM27wqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.112.0/23
Signature Algorithm: sha256WithRSAEncryption
12:0c:85:77:fc:a8:e1:5a:e7:a4:15:17:a7:f3:96:ad:21:fa:
d3:7e:34:1a:29:af:cd:88:d9:08:24:5c:17:22:1a:dd:cb:d6:
ac:29:83:68:41:26:f0:de:f2:12:02:84:b1:69:1e:ed:a6:4d:
84:40:66:79:10:d2:eb:30:a1:d6:52:6f:04:6f:56:21:1c:b7:
9d:89:4a:f1:83:22:73:89:cd:a1:e6:95:27:aa:e2:dd:7a:a1:
20:8e:bf:1f:04:6a:dc:b5:33:64:5c:9f:c0:90:03:d8:6e:9c:
1d:fc:b0:91:da:d7:a6:26:00:b0:da:06:be:81:46:c1:27:fe:
73:a8:4c:92:51:9f:e9:71:57:78:b0:ba:1a:c5:1e:40:2d:b9:
cf:3e:de:d9:13:5d:eb:61:46:da:e4:20:55:a1:c0:81:18:fa:
9b:f0:11:95:0b:8a:d1:77:bb:c0:52:c9:98:38:7d:ee:fa:03:
f0:5d:53:70:73:64:7c:dc:f1:6b:53:29:cc:d3:da:e3:5c:d6:
bc:10:15:6d:84:8b:e3:01:d0:94:e9:81:00:b0:d2:f4:12:4d:
ea:ed:55:a6:6f:54:8e:9c:a3:ef:76:78:c3:10:59:96:27:e7:
2f:85:6f:87:66:39:e8:98:73:85:58:30:c3:1a:95:e2:b6:f1:
88:f6:fd:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2b5aZ4cdOzAHXqZNM3GdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MThhNWY0ODE1NTI2ZTFlOTI1MTBkMzY0OGViZGEwY2Ri
YmMyYWMwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkNGFmYmQ1YzgxZWE0MDljMmQzNzhkM2JlMWQ5NWZkZDczMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyS4ygVL7RALztSGCQ30AwTkMCkSd
IZ6RsfrYN6r3KnFKEFhvJnWiNK93Dlmu5xW8aZ2i1DsuGMJ+YCnBo1E09lABolmP
hms8SuhksXWC1vkmRTgxXkMkwmGtCdniZ4L20D9vwwWcKGiyCAaO11dVjL6I1I75
kNS8A3O+kHQoR3Af0rNacrX5bhrz2uLjzGPzuSzK9CoHxAslW/Tiiz3sqUCxMjKu
VapKJlt9gVFBfyipwhw5ruvTJJKmyV7pRMPuQ2JRbxwMNRO28o3Ye0l+Sb4GIPfg
CcJkdxwA0eipYCqZcHtF7xw0IczmFK1SeGz10E9LhIqhuEaL6iAuAx40UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUNSvvVyB6kCcLTeNO+HZX91zM/MB8GA1UdIwQY
MBaAFLkYpfSBVSbh6SUQ02SOvaDNu8KsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJpbDlJRlZKdUhwSlJEVFpJNjlvTTI3d3F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8zYzI5M2EtMTU5MS00Njg1LTg3Njkt
YThmOTBkNDVlYTY3LzEvTlExSy05WElIcVFKd3RONDA3NGRsZjNYTXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8zYzI5M2EtMTU5MS00Njg1LTg3NjktYThmOTBkNDVlYTY3
LzEvdVJpbDlJRlZKdUhwSlJEVFpJNjlvTTI3d3F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw79wMA0G
CSqGSIb3DQEBCwUAA4IBAQASDIV3/KjhWuekFRen85atIfrTfjQaKa/NiNkIJFwX
Ihrdy9asKYNoQSbw3vISAoSxaR7tpk2EQGZ5ENLrMKHWUm8Eb1YhHLediUrxgyJz
ic2h5pUnquLdeqEgjr8fBGrctTNkXJ/AkAPYbpwd/LCR2temJgCw2ga+gUbBJ/5z
qEySUZ/pcVd4sLoaxR5ALbnPPt7ZE13rYUba5CBVocCBGPqb8BGVC4rRd7vAUsmY
OH3u+gPwXVNwc2R83PFrUynM09rjXNa8EBVthIvjAdCU6YEAsNL0Ek3q7VWmb1SO
nKPvdnjDEFmWJ+cvhW+HZjnomHOFWDDDGpXitvGI9v1H
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:24:20 2025 by rpki-client