Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/nGPZ_NATggl_6nfv7Xs72s2omBg.roa
File: nGPZ_NATggl_6nfv7Xs72s2omBg.roa (raw, json)
Hash identifier: Ctlvy2xSgma+HOqaqZwfMsyO5ZwXHLYT1LbAR4ndsm4=
Subject key identifier: 9C:63:D9:FC:D0:13:82:09:7F:EA:77:EF:ED:7B:3B:DA:CD:A8:98:18
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 0195CC160464510BAC6B201940E816C89485
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/nGPZ_NATggl_6nfv7Xs72s2omBg.roa
Signing time: Tue 25 Mar 2025 06:55:49 +0000
ROA not before: Tue 25 Mar 2025 06:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213346
IP address blocks: 2a10:b9c7:10::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:16:04:64:51:0b:ac:6b:20:19:40:e8:16:c8:94:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Mar 25 06:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c63d9fcd01382097fea77efed7b3bdacda89818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:90:3e:bf:06:0b:69:ae:e7:4c:07:e9:af:
fc:1b:34:16:01:e0:64:5d:06:7c:b0:9a:bb:8e:19:
b9:e8:29:f4:31:3c:ed:3c:74:03:e4:2a:bb:29:8e:
53:8f:f8:f1:f3:ff:63:90:d8:d6:27:7b:09:fe:57:
07:36:a6:3b:61:14:b3:a4:e3:c8:26:8d:25:9f:fa:
16:2c:23:af:d9:d7:6b:14:e2:98:39:e1:fa:15:a3:
6c:eb:fe:db:4c:43:db:28:28:6b:2d:ed:e9:b6:ac:
b6:1b:c4:4b:3b:de:b4:32:25:6b:8a:ea:46:9b:0e:
90:7e:c2:a3:8f:11:62:81:df:8c:68:90:f2:17:1e:
67:fc:5a:75:c8:3e:e4:6d:50:31:1f:78:1a:70:30:
27:d4:be:a3:78:75:92:da:9f:f7:d0:42:5e:3b:60:
72:b3:b0:da:bc:26:21:4b:fd:2f:54:d8:ed:75:f0:
3e:fb:d5:8d:ad:0e:97:3b:ce:c4:b8:7e:41:d3:79:
22:4b:15:fb:23:b8:3c:16:2c:f8:e1:8b:90:0f:c1:
6e:29:ca:7b:a6:ea:1a:36:95:c9:3e:2a:5c:78:80:
51:ef:82:fe:43:94:e8:ac:15:92:08:b3:83:01:d7:
58:41:32:3a:4a:f9:9a:03:90:84:54:0a:3f:a6:13:
63:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:63:D9:FC:D0:13:82:09:7F:EA:77:EF:ED:7B:3B:DA:CD:A8:98:18
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/nGPZ_NATggl_6nfv7Xs72s2omBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b9c7:10::/44
Signature Algorithm: sha256WithRSAEncryption
58:bc:40:d8:d9:d8:da:39:d1:6f:1e:37:ea:be:d9:1e:b4:f8:
f7:e7:35:93:1d:82:2f:66:a8:3e:04:58:d5:21:8c:90:a7:ea:
fa:e6:96:04:bf:97:6c:b8:1e:4f:c6:37:dc:b5:72:e0:49:98:
e1:d3:3b:4f:20:6a:fb:f1:e3:44:10:30:79:39:4c:a9:34:ec:
ac:1d:e9:ec:f5:e5:ff:b9:1d:e1:cd:41:d3:91:c3:a2:53:b3:
a8:c2:d9:03:37:3d:62:f3:45:0b:0d:44:4d:e3:87:60:0b:6b:
a7:7f:92:e3:ae:6d:6d:5b:4a:f4:f8:9d:34:26:4c:bb:38:05:
11:b0:1b:b4:89:66:a6:73:28:77:09:18:4c:08:39:54:ec:10:
8e:69:1d:6b:95:0a:4d:e7:0e:28:f7:3a:37:e5:df:dc:b9:0d:
7c:04:46:a9:69:95:b1:1c:e1:28:53:89:51:44:1e:15:53:98:
69:a2:5b:1a:19:6e:44:f0:a8:e1:d2:47:3b:a9:c1:22:d6:f8:
50:04:89:a7:03:33:85:33:82:20:fc:03:3b:02:6e:df:23:42:
1d:70:ba:a4:61:c4:52:c3:fa:cc:68:21:fc:7c:6f:9a:d3:37:
fa:d9:0a:6f:ef:90:5f:3a:dd:18:17:9a:d8:12:14:5f:47:ae:
d2:0b:49:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZXMFgRkUQusayAZQOgWyJSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2Y0ZjhhYzhjYTczNDNlZDFiNGZmMTJjZTI3NjMxOGI2
OWQxMGUwHhcNMjUwMzI1MDY1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYzZDlmY2QwMTM4MjA5N2ZlYTc3ZWZlZDdiM2JkYWNkYTg5ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxECQPr8GC2mu50wH6a/8GzQWAeBk
XQZ8sJq7jhm56Cn0MTztPHQD5Cq7KY5Tj/jx8/9jkNjWJ3sJ/lcHNqY7YRSzpOPI
Jo0ln/oWLCOv2ddrFOKYOeH6FaNs6/7bTEPbKChrLe3ptqy2G8RLO960MiVriupG
mw6QfsKjjxFigd+MaJDyFx5n/Fp1yD7kbVAxH3gacDAn1L6jeHWS2p/30EJeO2By
s7DavCYhS/0vVNjtdfA++9WNrQ6XO87EuH5B03kiSxX7I7g8Fiz44YuQD8FuKcp7
puoaNpXJPipceIBR74L+Q5TorBWSCLODAddYQTI6SvmaA5CEVAo/phNj6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJxj2fzQE4IJf+p37+17O9rNqJgYMB8GA1UdIwQY
MBaAFEp/T4rIynND7RtP8SzidjGLadEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4Mzkt
OWVjN2FkZDBlYjY4LzEvbkdQWl9OQVRnZ2xfNm5mdjdYczcyczJvbUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4MzktOWVjN2FkZDBlYjY4
LzEvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC5xwAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBYvEDY2djaOdFvHjfqvtketPj35zWTHYIvZqg+
BFjVIYyQp+r65pYEv5dsuB5PxjfctXLgSZjh0ztPIGr78eNEEDB5OUypNOysHens
9eX/uR3hzUHTkcOiU7OowtkDNz1i80ULDURN44dgC2unf5Ljrm1tW0r0+J00Jky7
OAURsBu0iWamcyh3CRhMCDlU7BCOaR1rlQpN5w4o9zo35d/cuQ18BEapaZWxHOEo
U4lRRB4VU5hpolsaGW5E8Kjh0kc7qcEi1vhQBImnAzOFM4Ig/AM7Am7fI0IdcLqk
YcRSw/rMaCH8fG+a0zf62Qpv75BfOt0YF5rYEhRfR67SC0k/
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:03:07 2025 by rpki-client