Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ngSMXjgJFL2K19sCMyeRx71vwYc.roa
File: ngSMXjgJFL2K19sCMyeRx71vwYc.roa (raw, json)
Hash identifier: 21C3bYe56499tpDFxzCmZRWMnl5AZ9V32RAeAc+U52g=
Subject key identifier: 9E:04:8C:5E:38:09:14:BD:8A:D7:DB:02:33:27:91:C7:BD:6F:C1:87
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747DE78044D4785D84B45D3989FD08B
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ngSMXjgJFL2K19sCMyeRx71vwYc.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8734
IP address blocks: 95.43.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:de:78:04:4d:47:85:d8:4b:45:d3:98:9f:d0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e048c5e380914bd8ad7db02332791c7bd6fc187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:73:6a:ac:1a:10:8e:04:3b:c1:ea:84:a2:
5a:57:b3:44:d4:fd:40:9b:59:92:e5:4c:4f:bc:7f:
84:48:e6:aa:68:a3:d2:37:98:07:20:ff:f5:13:47:
d3:05:25:91:34:6d:5b:20:67:72:39:2a:b0:d7:12:
80:26:51:b5:be:5e:8f:27:9f:51:72:83:18:f6:a1:
13:26:57:d5:d6:f7:f2:0f:f3:da:da:47:99:5d:37:
3b:5c:c1:e4:01:75:0a:0e:6c:ed:a0:5d:ac:ae:f0:
a4:3f:74:7c:40:2a:f9:d5:29:59:6b:e3:4a:1a:82:
f1:9c:b0:ba:0e:ca:e9:a9:eb:68:95:4c:d7:f4:78:
c2:08:a9:ac:97:66:d7:b5:34:9b:a1:ce:b6:21:81:
70:ac:8c:90:43:33:a7:2e:c4:a4:67:4c:0a:90:5a:
71:5b:0e:a9:04:7d:0e:dc:8c:59:dd:8b:74:21:81:
b2:74:9f:c0:95:d2:b0:f8:1b:87:fc:36:37:34:8e:
ff:bb:05:ee:dc:f9:e1:df:69:3c:b0:63:45:e3:8e:
f6:54:0b:a5:42:3a:c1:0c:83:93:66:e1:ad:a3:f8:
e4:b9:7c:6d:6f:94:d9:62:d4:9f:84:ef:cf:04:7a:
26:c4:b8:53:ba:8b:5f:57:6b:d4:7d:4d:25:42:59:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:04:8C:5E:38:09:14:BD:8A:D7:DB:02:33:27:91:C7:BD:6F:C1:87
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ngSMXjgJFL2K19sCMyeRx71vwYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:7e:66:dc:b7:f1:c1:67:0e:38:a3:f5:c7:3e:47:fa:3f:d2:
80:e9:5f:76:f2:dc:8f:e3:b6:1d:1a:71:41:38:08:6f:9f:a1:
71:ec:a9:c0:c4:b3:8f:b7:bb:e0:1c:6c:b1:f6:fc:1d:c9:17:
08:55:20:61:35:e1:44:df:03:07:f3:72:25:81:64:e3:ca:e3:
d9:8c:66:6d:05:72:dc:a2:27:ab:fe:87:ef:a1:12:37:9b:b1:
43:a5:22:f6:bc:77:87:3c:60:e6:c0:88:0b:e3:35:f0:95:e0:
ea:e6:49:ec:b8:02:09:6c:71:ce:b3:f6:71:a4:61:12:d5:5e:
f3:8f:d7:23:0b:ea:2c:24:98:50:4d:06:fc:b7:86:2c:1b:a0:
56:5f:21:91:0a:54:2d:1b:ad:c9:e0:32:5d:19:1a:f0:62:51:
02:39:36:b4:ee:ff:96:4b:81:a1:4f:cd:85:be:ad:fb:d9:f8:
9a:08:47:70:09:7c:e4:95:99:ce:55:4a:97:19:46:4b:b0:0f:
ae:4c:d8:b1:67:e8:85:6b:64:17:ed:e9:27:33:c2:e3:f8:1a:
e1:c9:2b:b1:85:c2:f6:bd:22:61:34:33:da:2f:14:91:c2:6e:
e1:9b:e4:02:a9:ea:69:b3:9d:33:d4:b9:36:37:1f:ca:99:b1:
d1:de:2a:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR954BE1HhdhLRdOYn9CLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA0OGM1ZTM4MDkxNGJkOGFkN2RiMDIzMzI3OTFjN2JkNmZjMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNhzaqwaEI4EO8HqhKJaV7NE1P1A
m1mS5UxPvH+ESOaqaKPSN5gHIP/1E0fTBSWRNG1bIGdyOSqw1xKAJlG1vl6PJ59R
coMY9qETJlfV1vfyD/Pa2keZXTc7XMHkAXUKDmztoF2srvCkP3R8QCr51SlZa+NK
GoLxnLC6DsrpqetolUzX9HjCCKmsl2bXtTSboc62IYFwrIyQQzOnLsSkZ0wKkFpx
Ww6pBH0O3IxZ3Yt0IYGydJ/AldKw+BuH/DY3NI7/uwXu3Pnh32k8sGNF4472VAul
QjrBDIOTZuGto/jkuXxtb5TZYtSfhO/PBHomxLhTuotfV2vUfU0lQlk+AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4EjF44CRS9itfbAjMnkce9b8GHMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvbmdTTVhqZ0pGTDJLMTlzQ015ZVJ4NzF2d1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXyvOMA0G
CSqGSIb3DQEBCwUAA4IBAQCjfmbct/HBZw44o/XHPkf6P9KA6V928tyP47YdGnFB
OAhvn6Fx7KnAxLOPt7vgHGyx9vwdyRcIVSBhNeFE3wMH83IlgWTjyuPZjGZtBXLc
oier/ofvoRI3m7FDpSL2vHeHPGDmwIgL4zXwleDq5knsuAIJbHHOs/ZxpGES1V7z
j9cjC+osJJhQTQb8t4YsG6BWXyGRClQtG63J4DJdGRrwYlECOTa07v+WS4GhT82F
vq372fiaCEdwCXzklZnOVUqXGUZLsA+uTNixZ+iFa2QX7eknM8Lj+BrhySuxhcL2
vSJhNDPaLxSRwm7hm+QCqepps50z1Lk2Nx/KmbHR3ipG
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:45:56 2025 by rpki-client