Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/NRCpNHy40dMPZOalDwCejVjR8V8.roa
File: NRCpNHy40dMPZOalDwCejVjR8V8.roa (raw, json)
Hash identifier: 8IBX15oOhawlVKbp4mSaK606r9ts57TtENsnVZoowqM=
Subject key identifier: 35:10:A9:34:7C:B8:D1:D3:0F:64:E6:A5:0F:00:9E:8D:58:D1:F1:5F
Certificate issuer: /CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Certificate serial: 0188DDFBA5F5486B0041222D77483F63EA4D
Authority key identifier: 9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/NRCpNHy40dMPZOalDwCejVjR8V8.roa
Signing time: Wed 21 Jun 2023 12:43:56 +0000
ROA not before: Wed 21 Jun 2023 12:43:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 176.118.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:fb:a5:f5:48:6b:00:41:22:2d:77:48:3f:63:ea:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Validity
Not Before: Jun 21 12:43:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3510a9347cb8d1d30f64e6a50f009e8d58d1f15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9d:6a:c6:63:3b:33:82:77:69:57:b3:94:ce:
55:f4:09:b3:41:22:e3:42:7b:0d:1a:64:fe:6b:8e:
01:6d:63:9a:92:23:b2:4a:3e:6d:06:c0:a2:ed:32:
90:08:a3:c6:05:75:a3:2e:83:ec:50:da:e4:bf:cc:
38:91:70:af:8f:6d:cc:ea:13:1b:23:ae:78:15:90:
30:bb:39:68:8d:90:1c:df:e6:86:9d:6b:0f:aa:16:
d4:67:71:56:19:0a:cb:34:ec:2b:25:e7:93:ae:90:
c4:d5:87:f7:6b:96:d3:3d:6a:b6:7a:5f:de:f7:a1:
31:8f:38:ea:94:b1:26:6e:d9:32:fa:09:78:7d:22:
a1:83:19:32:0a:94:1a:b0:a9:52:2d:a4:06:6b:b0:
5d:b8:ad:2a:96:b2:c9:7d:35:14:45:64:58:c5:1a:
fe:33:2c:d5:f3:9c:20:33:4d:17:08:e4:e8:e6:ea:
21:5b:f5:9e:12:23:ad:aa:48:da:62:07:23:ad:2f:
47:16:c3:a6:61:4c:b3:da:4f:48:64:e3:c0:15:34:
65:cd:2e:23:73:94:88:21:9b:32:82:ca:b1:a8:41:
72:3a:d2:6a:d1:bf:7e:e3:c5:da:d3:0f:3b:e0:b0:
46:c3:df:c2:8e:17:e2:5c:80:70:8f:b0:ae:ec:79:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:10:A9:34:7C:B8:D1:D3:0F:64:E6:A5:0F:00:9E:8D:58:D1:F1:5F
X509v3 Authority Key Identifier:
keyid:9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/NRCpNHy40dMPZOalDwCejVjR8V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/naqfFPl9Ta2MAEwlOl4c58fdfEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.161.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:09:c3:51:6b:f5:a1:60:86:ac:3d:bb:06:a3:c4:2b:e9:77:
10:a0:c6:0c:34:04:1f:a1:58:72:a4:08:6c:cb:ed:89:28:55:
4f:84:ad:ab:2e:d1:8a:14:17:30:86:6a:6c:99:e9:48:e4:26:
f6:fb:92:70:fa:52:55:10:46:5c:10:01:90:1e:33:63:3c:fa:
83:89:e1:6a:26:ff:1f:1d:df:29:14:6c:83:a9:b5:cf:55:bc:
5f:86:7e:d2:af:16:c5:7d:e9:26:7d:64:eb:eb:c7:f8:99:99:
bc:05:6f:b8:65:c0:0b:45:03:39:5a:45:33:e2:14:b5:53:e4:
2a:75:d2:29:38:ec:4d:fd:95:15:11:66:bf:50:62:55:56:00:
81:1b:3e:e6:96:59:1b:54:a4:7b:3c:ac:67:41:f6:2b:4a:5a:
42:34:6b:e7:72:8e:73:dc:2c:fe:41:93:7d:9d:be:86:16:41:
6b:83:1f:e8:6b:63:93:af:6b:69:9f:1f:be:f4:d9:2f:29:c2:
94:22:0e:3f:86:3f:f7:c2:be:63:74:c6:1e:e1:fb:3a:a8:80:
10:5a:40:d3:a3:8f:3e:a7:f2:7e:18:b1:46:0d:a4:e3:89:b5:
b9:c5:2b:70:bd:4a:cb:41:77:0e:33:e1:d6:1d:39:54:b2:cb:
1b:86:93:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjd+6X1SGsAQSItd0g/Y+pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYWE5ZjE0Zjk3ZDRkYWQ4YzAwNGMyNTNhNWUxY2U3Yzdk
ZDdjNGIwHhcNMjMwNjIxMTI0MzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTEwYTkzNDdjYjhkMWQzMGY2NGU2YTUwZjAwOWU4ZDU4ZDFmMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp1qxmM7M4J3aVezlM5V9AmzQSLj
QnsNGmT+a44BbWOakiOySj5tBsCi7TKQCKPGBXWjLoPsUNrkv8w4kXCvj23M6hMb
I654FZAwuzlojZAc3+aGnWsPqhbUZ3FWGQrLNOwrJeeTrpDE1Yf3a5bTPWq2el/e
96ExjzjqlLEmbtky+gl4fSKhgxkyCpQasKlSLaQGa7BduK0qlrLJfTUURWRYxRr+
MyzV85wgM00XCOTo5uohW/WeEiOtqkjaYgcjrS9HFsOmYUyz2k9IZOPAFTRlzS4j
c5SIIZsygsqxqEFyOtJq0b9+48Xa0w874LBGw9/CjhfiXIBwj7Cu7Hk3MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUQqTR8uNHTD2TmpQ8Ano1Y0fFfMB8GA1UdIwQY
MBaAFJ2qnxT5fU2tjABMJTpeHOfH3XxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2Nzct
NDE0MDEwMDhhNzBjLzEvTlJDcE5IeTQwZE1QWk9hbER3Q2VqVmpSOFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2NzctNDE0MDEwMDhhNzBj
LzEvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHahMA0G
CSqGSIb3DQEBCwUAA4IBAQArCcNRa/WhYIasPbsGo8Qr6XcQoMYMNAQfoVhypAhs
y+2JKFVPhK2rLtGKFBcwhmpsmelI5Cb2+5Jw+lJVEEZcEAGQHjNjPPqDieFqJv8f
Hd8pFGyDqbXPVbxfhn7SrxbFfekmfWTr68f4mZm8BW+4ZcALRQM5WkUz4hS1U+Qq
ddIpOOxN/ZUVEWa/UGJVVgCBGz7mllkbVKR7PKxnQfYrSlpCNGvnco5z3Cz+QZN9
nb6GFkFrgx/oa2OTr2tpnx++9NkvKcKUIg4/hj/3wr5jdMYe4fs6qIAQWkDTo48+
p/J+GLFGDaTjibW5xStwvUrLQXcOM+HWHTlUsssbhpNj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:43 2025 by rpki-client