Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/NEGIHLIxAEpQ6XNAADA1l4nq2uc.roa
File: NEGIHLIxAEpQ6XNAADA1l4nq2uc.roa (raw, json)
Hash identifier: xeh+5IN+Iv4MXHqYmSx7fOcmzEAV688D6WxUsxLqh4g=
Subject key identifier: 34:41:88:1C:B2:31:00:4A:50:E9:73:40:00:30:35:97:89:EA:DA:E7
Certificate issuer: /CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Certificate serial: 01856D662F8B02E0C5618CF9518B220EAC0C
Authority key identifier: AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/NEGIHLIxAEpQ6XNAADA1l4nq2uc.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 195.128.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2f:8b:02:e0:c5:61:8c:f9:51:8b:22:0e:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3441881cb231004a50e973400030359789eadae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:34:e6:a7:a6:98:b2:be:83:ef:89:4a:78:40:
05:7c:ed:80:f4:da:1e:fc:14:c0:3d:e9:b9:e9:7e:
19:1d:ff:bc:6f:eb:2f:d3:c4:93:f4:9f:17:44:1e:
24:e7:16:f7:e1:ac:23:55:df:82:08:52:12:e3:49:
dc:91:08:67:8a:9e:79:49:f3:b3:b3:2a:4c:e2:3b:
cf:c4:78:0c:78:7d:10:f4:13:76:a7:d9:1e:24:6d:
ed:b1:ef:ba:b5:c5:0c:66:04:8a:34:a8:91:72:a3:
c6:8d:58:68:38:63:3a:fd:3c:00:45:85:07:62:c4:
a8:be:8b:56:7b:0a:35:48:53:08:06:33:bc:01:14:
e3:15:64:75:66:fa:89:76:15:e0:b8:cb:4a:6f:32:
cd:9f:d1:21:a5:7e:6a:13:e8:2e:b7:2f:2c:ae:6e:
a5:33:b9:8c:b8:af:c3:77:8d:c5:2f:2a:7e:1b:ec:
5e:33:32:1a:80:6a:ea:a8:50:4a:62:6d:ed:3a:69:
9d:36:c2:5e:22:82:38:64:50:5c:60:39:4c:1a:46:
d1:9c:b8:a7:54:07:83:19:dd:cc:e3:93:a8:c2:ae:
4f:0f:6d:0f:04:14:2a:8b:15:88:4c:2e:6c:dd:20:
86:95:d7:97:6f:35:18:33:a1:da:49:2d:ef:5b:6f:
f4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:41:88:1C:B2:31:00:4A:50:E9:73:40:00:30:35:97:89:EA:DA:E7
X509v3 Authority Key Identifier:
keyid:AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/NEGIHLIxAEpQ6XNAADA1l4nq2uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/r0xUNskUirOfO5CXDiwycrLgxsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2e:d5:16:06:ba:4c:f5:72:01:0f:65:f9:1b:31:0d:bb:fc:
e7:20:66:ca:6e:2f:87:a2:20:7e:f0:3e:21:a8:d6:95:bb:5b:
9a:3d:96:c2:dc:55:86:07:76:9d:e8:4d:d2:17:95:0e:0c:be:
81:9b:00:b3:69:2e:e5:75:33:84:a6:d4:08:db:22:7d:6b:ff:
41:f3:2c:ef:87:d1:be:2a:d9:48:14:bb:9d:e9:71:a2:8c:ac:
fa:fd:fd:01:fc:63:6f:7e:fd:4c:f8:ea:10:ed:55:77:14:97:
e4:3e:b6:cc:aa:61:12:49:5d:c8:6a:e2:92:28:6b:8b:bb:c3:
25:b0:01:d0:3a:08:e6:2c:3b:94:d1:44:36:dd:57:d7:32:b9:
fb:c4:5b:fa:7e:f2:19:4b:dc:d2:2e:1c:43:af:0f:fb:50:5a:
87:2a:ac:9b:e4:2e:c1:f1:32:3a:ae:21:00:9c:d5:3c:83:be:
44:1b:bb:9a:b8:ca:ee:d2:58:d8:57:ec:da:23:c2:a9:4d:05:
7d:cb:0f:f6:b2:ae:23:92:88:94:38:32:83:c3:c8:1b:eb:a1:
fa:5d:52:d0:bb:b7:b8:a7:b0:39:2c:33:e7:45:a0:6c:90:7a:
b4:4a:0b:e9:61:e0:34:d1:6d:53:60:f0:d9:b7:c6:7b:d7:3f:
cf:5e:58:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZi+LAuDFYYz5UYsiDqwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGM1NDM2YzkxNDhhYjM5ZjNiOTA5NzBlMmMzMjcyYjJl
MGM2YzIwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQxODgxY2IyMzEwMDRhNTBlOTczNDAwMDMwMzU5Nzg5ZWFkYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjTmp6aYsr6D74lKeEAFfO2A9Noe
/BTAPem56X4ZHf+8b+sv08ST9J8XRB4k5xb34awjVd+CCFIS40nckQhnip55SfOz
sypM4jvPxHgMeH0Q9BN2p9keJG3tse+6tcUMZgSKNKiRcqPGjVhoOGM6/TwARYUH
YsSovotWewo1SFMIBjO8ARTjFWR1ZvqJdhXguMtKbzLNn9EhpX5qE+guty8srm6l
M7mMuK/Dd43FLyp+G+xeMzIagGrqqFBKYm3tOmmdNsJeIoI4ZFBcYDlMGkbRnLin
VAeDGd3M45Oowq5PD20PBBQqixWITC5s3SCGldeXbzUYM6HaSS3vW2/0qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRBiByyMQBKUOlzQAAwNZeJ6trnMB8GA1UdIwQY
MBaAFK9MVDbJFIqznzuQlw4sMnKy4MbCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEt
N2U3MGZmMjE0ODcxLzEvTkVHSUhMSXhBRXBRNlhOQUFEQTFsNG5xMnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEtN2U3MGZmMjE0ODcx
LzEvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CXMA0G
CSqGSIb3DQEBCwUAA4IBAQA+LtUWBrpM9XIBD2X5GzENu/znIGbKbi+HoiB+8D4h
qNaVu1uaPZbC3FWGB3ad6E3SF5UODL6BmwCzaS7ldTOEptQI2yJ9a/9B8yzvh9G+
KtlIFLud6XGijKz6/f0B/GNvfv1M+OoQ7VV3FJfkPrbMqmESSV3IauKSKGuLu8Ml
sAHQOgjmLDuU0UQ23VfXMrn7xFv6fvIZS9zSLhxDrw/7UFqHKqyb5C7B8TI6riEA
nNU8g75EG7uauMru0ljYV+zaI8KpTQV9yw/2sq4jkoiUODKDw8gb66H6XVLQu7e4
p7A5LDPnRaBskHq0SgvpYeA00W1TYPDZt8Z71z/PXlhb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:25 2025 by rpki-client