Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/NJmmW764rdnW_zIUswA3g-8-n2M.roa
File: NJmmW764rdnW_zIUswA3g-8-n2M.roa (raw, json)
Hash identifier: uNbv9sZggt1kjUfoR4Ji7KAa4WT9RRySZVjN33ZdWTA=
Subject key identifier: 34:99:A6:5B:BE:B8:AD:D9:D6:FF:32:14:B3:00:37:83:EF:3E:9F:63
Certificate issuer: /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial: 019424453C4C48E259A1B076A34DCC5CC3BD
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/NJmmW764rdnW_zIUswA3g-8-n2M.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42053
IP address blocks: 45.152.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3c:4c:48:e2:59:a1:b0:76:a3:4d:cc:5c:c3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3499a65bbeb8add9d6ff3214b3003783ef3e9f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:9c:76:ee:06:3e:a5:13:84:e7:69:50:e1:
f7:39:d2:8f:2a:b2:d9:ad:cb:f8:f6:34:d3:f2:fe:
8e:9b:7f:aa:7b:91:46:a6:1a:79:be:c1:fe:d1:b2:
32:66:12:5c:6b:56:8e:1d:76:fc:0b:a1:9c:3d:98:
e9:32:b4:de:ed:69:65:c5:75:e9:e1:db:cc:24:b9:
7c:7f:d0:09:25:c2:4f:7a:cf:95:d1:0c:50:cf:bd:
65:27:37:64:2f:7a:c5:f1:c7:cd:25:46:4a:54:68:
f1:c9:cd:ba:5b:fb:42:09:35:30:f3:e6:d0:ee:e4:
8d:c8:a9:76:ab:99:b0:2e:b5:24:91:76:9b:e7:a1:
1c:20:e8:ff:d6:3b:ed:3f:4b:24:a0:e7:60:92:dd:
c7:c9:b1:a1:fc:9e:83:70:c1:81:4a:ba:cd:24:76:
ca:1f:bd:cf:f6:71:46:24:c3:50:75:af:0f:38:5c:
67:93:5f:4c:5f:c3:95:31:6a:10:cb:39:b8:3f:c8:
2b:6c:6d:c7:3c:75:a2:a9:61:ee:81:1e:6a:ae:11:
12:b1:56:71:68:23:85:8e:a2:de:3b:4a:39:27:31:
42:01:9b:86:b1:b8:ee:7d:84:50:ae:3a:15:7a:70:
1e:27:18:45:21:e2:72:d8:b6:88:b4:95:a0:76:c6:
af:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:99:A6:5B:BE:B8:AD:D9:D6:FF:32:14:B3:00:37:83:EF:3E:9F:63
X509v3 Authority Key Identifier:
keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/NJmmW764rdnW_zIUswA3g-8-n2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:a9:45:3f:2b:f9:85:13:f1:07:d7:27:8d:de:f9:4a:74:4a:
be:36:94:52:4d:9e:58:79:7d:1b:db:ab:b2:19:58:fc:78:d3:
75:1a:da:eb:41:50:0a:72:0f:0f:c4:5b:c5:7d:d7:cb:b2:6c:
39:99:45:16:92:2d:7b:4a:9f:ef:79:d1:da:4e:4f:56:1e:53:
cf:f5:89:e2:2d:f8:4e:0c:2e:10:b4:5f:0f:d6:5b:67:c5:80:
08:58:01:2e:83:65:1a:c6:33:d2:78:ea:26:31:64:e8:37:6b:
63:2f:36:d4:b4:8d:b7:19:4f:29:e1:48:40:1f:df:1c:50:cd:
af:aa:39:77:83:81:27:c9:32:e6:48:4b:f7:2f:b0:f4:be:f8:
d0:11:a9:71:54:be:c8:9d:60:77:07:06:0a:62:a9:01:12:aa:
7f:af:64:19:4f:cc:57:8e:b1:e2:c8:b0:6e:dc:24:63:6d:3b:
67:ec:38:7b:f8:8b:f0:58:d0:57:6d:59:33:e4:ed:ed:b6:8c:
d1:02:b2:dc:45:a8:5d:bf:cc:5c:24:40:dd:20:51:8f:77:76:
49:72:28:17:fd:da:58:07:d0:ee:99:ca:9e:92:15:f6:a2:57:
26:36:53:f5:58:c1:ad:0e:b7:63:84:bd:8a:5e:65:6f:9e:bb:
e5:6d:87:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRTxMSOJZobB2o03MXMO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk5YTY1YmJlYjhhZGQ5ZDZmZjMyMTRiMzAwMzc4M2VmM2U5ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeecdu4GPqUThOdpUOH3OdKPKrLZ
rcv49jTT8v6Om3+qe5FGphp5vsH+0bIyZhJca1aOHXb8C6GcPZjpMrTe7WllxXXp
4dvMJLl8f9AJJcJPes+V0QxQz71lJzdkL3rF8cfNJUZKVGjxyc26W/tCCTUw8+bQ
7uSNyKl2q5mwLrUkkXab56EcIOj/1jvtP0skoOdgkt3HybGh/J6DcMGBSrrNJHbK
H73P9nFGJMNQda8POFxnk19MX8OVMWoQyzm4P8grbG3HPHWiqWHugR5qrhESsVZx
aCOFjqLeO0o5JzFCAZuGsbjufYRQrjoVenAeJxhFIeJy2LaItJWgdsavQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSZplu+uK3Z1v8yFLMAN4PvPp9jMB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvTkptbVc3NjRyZG5XX3pJVXN3QTNnLTgtbjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZhcMA0G
CSqGSIb3DQEBCwUAA4IBAQAPqUU/K/mFE/EH1yeN3vlKdEq+NpRSTZ5YeX0b26uy
GVj8eNN1GtrrQVAKcg8PxFvFfdfLsmw5mUUWki17Sp/vedHaTk9WHlPP9YniLfhO
DC4QtF8P1ltnxYAIWAEug2UaxjPSeOomMWToN2tjLzbUtI23GU8p4UhAH98cUM2v
qjl3g4EnyTLmSEv3L7D0vvjQEalxVL7InWB3BwYKYqkBEqp/r2QZT8xXjrHiyLBu
3CRjbTtn7Dh7+IvwWNBXbVkz5O3ttozRArLcRahdv8xcJEDdIFGPd3ZJcigX/dpY
B9DumcqekhX2olcmNlP1WMGtDrdjhL2KXmVvnrvlbYdD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:51 2025 by rpki-client