Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/ncpFqRxHnrtXcnG07MkUeVPiBLk.roa
File: ncpFqRxHnrtXcnG07MkUeVPiBLk.roa (raw, json)
Hash identifier: rCTMXzcEfp3k0DVvLIS1CZbIpXzVTq0WOtp4KHtJM00=
Subject key identifier: 9D:CA:45:A9:1C:47:9E:BB:57:72:71:B4:EC:C9:14:79:53:E2:04:B9
Certificate issuer: /CN=5e717627f7b2fcc56f0d7be469a13171607d2427
Certificate serial: 018DCB98CAB66B8C29D4F3E3E2ED2500A9D7
Authority key identifier: 5E:71:76:27:F7:B2:FC:C5:6F:0D:7B:E4:69:A1:31:71:60:7D:24:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XnF2J_ey_MVvDXvkaaExcWB9JCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/ncpFqRxHnrtXcnG07MkUeVPiBLk.roa
Signing time: Wed 21 Feb 2024 12:16:44 +0000
ROA not before: Wed 21 Feb 2024 12:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47750
IP address blocks: 195.254.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:98:ca:b6:6b:8c:29:d4:f3:e3:e2:ed:25:00:a9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e717627f7b2fcc56f0d7be469a13171607d2427
Validity
Not Before: Feb 21 12:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dca45a91c479ebb577271b4ecc9147953e204b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:0b:88:d4:ce:72:93:22:97:33:13:18:a7:
a7:ff:f1:f9:5a:b2:2f:f3:c6:1e:56:9b:a8:d2:c2:
d6:ff:23:15:c2:78:53:c0:89:ec:98:21:4e:63:61:
4d:9a:c8:5d:fe:41:cb:62:ad:86:83:b5:92:14:12:
03:55:2e:ec:f6:09:80:af:82:3b:0f:77:5e:07:f7:
f4:9a:f9:66:51:b9:d1:40:dc:a7:8b:59:77:e8:cc:
49:93:1e:38:e8:5b:66:bc:40:f2:2b:e9:3c:97:81:
22:ba:bc:85:9f:3b:1b:d0:05:66:7f:31:92:17:7e:
53:5a:87:1e:65:23:12:f8:1a:30:04:0d:82:d3:e8:
48:21:dd:3a:0e:20:e9:2b:07:0b:f9:e8:7e:84:aa:
a2:0e:f1:c1:68:e6:cf:0a:a4:5b:09:80:6f:a3:f6:
64:fe:6c:ac:59:b4:3f:c1:13:fa:9e:d0:c9:76:8f:
ad:b2:a7:0b:e3:13:32:8f:63:43:c1:aa:1a:11:cb:
36:fe:83:ba:6c:db:ca:8e:1c:05:38:3f:bb:8a:6d:
0a:3a:fe:6c:58:c5:26:6e:76:15:4f:aa:4b:d3:a2:
83:69:6a:aa:59:fb:73:bc:c1:9e:e3:3b:0f:43:6d:
ee:61:12:7f:0e:cf:93:c9:5f:09:a8:f9:90:95:f5:
30:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CA:45:A9:1C:47:9E:BB:57:72:71:B4:EC:C9:14:79:53:E2:04:B9
X509v3 Authority Key Identifier:
keyid:5E:71:76:27:F7:B2:FC:C5:6F:0D:7B:E4:69:A1:31:71:60:7D:24:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XnF2J_ey_MVvDXvkaaExcWB9JCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/ncpFqRxHnrtXcnG07MkUeVPiBLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/XnF2J_ey_MVvDXvkaaExcWB9JCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.165.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e3:c3:7c:04:e6:be:b3:69:62:5e:9e:76:de:90:b3:a0:9e:
d1:ae:1a:1b:07:a0:62:00:dd:11:e5:af:44:dd:d9:44:84:a4:
56:db:4d:b7:b3:ce:83:a5:43:61:08:d6:bc:61:ed:47:10:f5:
6a:ba:5d:58:1a:a0:43:f5:27:cf:c5:93:92:49:8e:30:7f:62:
97:31:e8:b8:48:bd:3b:3a:64:76:1c:5a:d1:dc:01:d6:05:94:
d3:ae:b5:ae:3e:7b:18:ec:2d:47:07:17:40:26:30:9a:ae:2a:
74:fe:1a:99:54:6d:78:b0:a9:b0:c5:45:c7:45:40:bd:71:8f:
bb:0b:d0:f4:31:75:ae:ab:7c:86:ca:06:6b:6f:44:d9:95:77:
1b:c3:42:d6:47:66:a9:08:b6:38:ec:e6:43:cd:46:dc:3d:9e:
6f:47:b2:74:a9:00:69:27:15:8a:fc:2d:64:54:f4:7f:f1:21:
2e:bb:34:10:de:56:45:61:2c:cf:6a:8e:d5:37:53:62:e8:84:
f1:d8:c7:c2:57:7a:fe:15:ac:7a:82:97:af:fd:92:ef:b6:e3:
5f:75:83:5f:72:03:30:d5:bd:d1:c8:e7:36:58:c9:a2:32:ff:
ef:3d:24:ad:21:cc:9b:1c:7f:1d:8b:9d:c1:bb:b8:23:90:0f:
f8:55:99:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3LmMq2a4wp1PPj4u0lAKnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzE3NjI3ZjdiMmZjYzU2ZjBkN2JlNDY5YTEzMTcxNjA3
ZDI0MjcwHhcNMjQwMjIxMTIxNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNhNDVhOTFjNDc5ZWJiNTc3MjcxYjRlY2M5MTQ3OTUzZTIwNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxILiNTOcpMilzMTGKen//H5WrIv
88YeVpuo0sLW/yMVwnhTwInsmCFOY2FNmshd/kHLYq2Gg7WSFBIDVS7s9gmAr4I7
D3deB/f0mvlmUbnRQNyni1l36MxJkx446FtmvEDyK+k8l4EiuryFnzsb0AVmfzGS
F35TWoceZSMS+BowBA2C0+hIId06DiDpKwcL+eh+hKqiDvHBaObPCqRbCYBvo/Zk
/mysWbQ/wRP6ntDJdo+tsqcL4xMyj2NDwaoaEcs2/oO6bNvKjhwFOD+7im0KOv5s
WMUmbnYVT6pL06KDaWqqWftzvMGe4zsPQ23uYRJ/Ds+TyV8JqPmQlfUwZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3KRakcR567V3JxtOzJFHlT4gS5MB8GA1UdIwQY
MBaAFF5xdif3svzFbw175GmhMXFgfSQnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5GMkpfZXlfTVZ2RFh2a2FhRXhjV0I5SkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zZDE5NDUtZDYwZS00OGFiLTg4YmMt
OGNmZTRiODE1N2QyLzEvbmNwRnFSeEhucnRYY25HMDdNa1VlVlBpQkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zZDE5NDUtZDYwZS00OGFiLTg4YmMtOGNmZTRiODE1N2Qy
LzEvWG5GMkpfZXlfTVZ2RFh2a2FhRXhjV0I5SkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/6lMA0G
CSqGSIb3DQEBCwUAA4IBAQB648N8BOa+s2liXp523pCzoJ7RrhobB6BiAN0R5a9E
3dlEhKRW2023s86DpUNhCNa8Ye1HEPVqul1YGqBD9SfPxZOSSY4wf2KXMei4SL07
OmR2HFrR3AHWBZTTrrWuPnsY7C1HBxdAJjCarip0/hqZVG14sKmwxUXHRUC9cY+7
C9D0MXWuq3yGygZrb0TZlXcbw0LWR2apCLY47OZDzUbcPZ5vR7J0qQBpJxWK/C1k
VPR/8SEuuzQQ3lZFYSzPao7VN1Ni6ITx2MfCV3r+Fax6gpev/ZLvtuNfdYNfcgMw
1b3RyOc2WMmiMv/vPSStIcybHH8di53Bu7gjkA/4VZnO
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:51:05 2025 by rpki-client