Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/nvaE9UFaThv5EGdM389VTw00Bwo.roa
File: nvaE9UFaThv5EGdM389VTw00Bwo.roa (raw, json)
Hash identifier: ccYXu7sX/tPCcm2hfCgVP53gbsSq28RcYWwYvD50CbY=
Subject key identifier: 9E:F6:84:F5:41:5A:4E:1B:F9:10:67:4C:DF:CF:55:4F:0D:34:07:0A
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 01894E797C6668714E69AAC37396F36747DD
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/nvaE9UFaThv5EGdM389VTw00Bwo.roa
Signing time: Thu 13 Jul 2023 08:58:51 +0000
ROA not before: Thu 13 Jul 2023 08:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.156.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:79:7c:66:68:71:4e:69:aa:c3:73:96:f3:67:47:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jul 13 08:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ef684f5415a4e1bf910674cdfcf554f0d34070a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:8d:73:ac:0b:18:15:e5:6f:70:2b:7a:2b:
c3:9d:99:a9:e4:2b:3c:db:ed:21:c0:4f:2a:55:a4:
d9:69:cf:4b:cf:9c:aa:8c:5a:76:18:26:17:4b:d3:
de:23:35:7d:51:74:09:ab:54:3a:62:e2:24:45:63:
6c:33:13:5a:79:64:ca:45:b1:97:87:71:b2:43:a5:
5b:c8:cb:52:1d:24:5f:67:60:e5:1b:48:2c:63:47:
cc:fe:0d:9e:a5:da:95:ed:c3:8c:4a:74:5f:44:37:
89:98:e9:81:2f:8f:17:1c:88:48:fa:ce:fe:35:e1:
63:c1:87:fc:15:fc:1e:c9:51:2d:55:96:56:36:69:
b3:76:d6:2a:4d:b8:50:0a:8b:3c:73:a3:c3:d9:7f:
21:e6:f5:51:13:0a:06:33:5b:4a:52:6c:43:dd:50:
bf:0d:11:a9:ad:01:40:9f:5c:d3:a4:d0:7c:fb:01:
60:57:26:69:10:c0:75:79:ee:29:fd:af:61:1e:38:
ba:bc:34:79:65:f8:5a:2c:9f:17:b0:00:90:33:97:
f8:8e:30:dc:d8:e2:3c:4f:63:95:00:23:67:98:01:
41:08:8a:0a:ad:35:9d:24:24:0b:95:d6:00:0b:0f:
e6:6c:18:80:b0:43:cf:74:f4:19:93:e8:00:84:bc:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F6:84:F5:41:5A:4E:1B:F9:10:67:4C:DF:CF:55:4F:0D:34:07:0A
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/nvaE9UFaThv5EGdM389VTw00Bwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.147.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:89:81:65:2e:4a:d8:72:8b:aa:a9:4b:e4:e0:5b:47:e7:f1:
0b:c7:af:32:05:0c:fa:bd:5c:76:46:ef:57:2e:ab:3b:ba:a3:
8a:a5:1f:63:59:37:0c:52:06:f1:d8:6d:4d:59:4a:f9:c1:7a:
d0:9e:9f:4c:26:57:74:3a:8e:43:01:54:04:31:49:f8:2f:e4:
41:3f:00:20:93:c0:cd:5b:ed:fb:c6:5c:b0:a7:d4:0e:30:f1:
e3:b4:3f:f6:3e:86:56:66:87:05:4b:77:3f:a8:76:ea:2c:c3:
df:3f:ee:ed:8c:a9:4b:67:24:c6:82:98:c1:53:cc:77:e0:55:
0f:19:70:1b:a8:c6:4f:73:8e:ff:2f:9b:d7:84:b4:38:37:1d:
c4:99:f4:f2:c3:83:6e:af:8e:dc:d0:bc:4f:92:0d:7e:6f:9a:
2a:2f:81:c3:33:8c:01:f8:fb:fb:4d:e6:3a:a0:e8:f7:53:0e:
b0:ac:cd:fe:f7:e5:d5:17:3b:49:0a:c1:2f:43:27:b2:7d:43:
bf:a0:3d:60:18:8c:64:25:4f:92:ba:7d:7c:75:9b:be:18:8d:
fb:01:50:9f:10:69:c7:cb:b4:cd:97:f5:a5:8e:d7:e1:b1:c3:
b8:bd:63:b2:3e:0e:37:c1:b9:61:95:86:9c:5a:d2:2f:ac:28:
0e:53:6e:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlOeXxmaHFOaarDc5bzZ0fdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwNzEzMDg1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWY2ODRmNTQxNWE0ZTFiZjkxMDY3NGNkZmNmNTU0ZjBkMzQwNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpGNc6wLGBXlb3AreivDnZmp5Cs8
2+0hwE8qVaTZac9Lz5yqjFp2GCYXS9PeIzV9UXQJq1Q6YuIkRWNsMxNaeWTKRbGX
h3GyQ6VbyMtSHSRfZ2DlG0gsY0fM/g2epdqV7cOMSnRfRDeJmOmBL48XHIhI+s7+
NeFjwYf8FfweyVEtVZZWNmmzdtYqTbhQCos8c6PD2X8h5vVREwoGM1tKUmxD3VC/
DRGprQFAn1zTpNB8+wFgVyZpEMB1ee4p/a9hHji6vDR5ZfhaLJ8XsACQM5f4jjDc
2OI8T2OVACNnmAFBCIoKrTWdJCQLldYACw/mbBiAsEPPdPQZk+gAhLyd2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ72hPVBWk4b+RBnTN/PVU8NNAcKMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvbnZhRTlVRmFUaHY1RUdkTTM4OVZUdzAwQndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyTMA0G
CSqGSIb3DQEBCwUAA4IBAQCdiYFlLkrYcouqqUvk4FtH5/ELx68yBQz6vVx2Ru9X
Lqs7uqOKpR9jWTcMUgbx2G1NWUr5wXrQnp9MJld0Oo5DAVQEMUn4L+RBPwAgk8DN
W+37xlywp9QOMPHjtD/2PoZWZocFS3c/qHbqLMPfP+7tjKlLZyTGgpjBU8x34FUP
GXAbqMZPc47/L5vXhLQ4Nx3EmfTyw4Nur47c0LxPkg1+b5oqL4HDM4wB+Pv7TeY6
oOj3Uw6wrM3+9+XVFztJCsEvQyeyfUO/oD1gGIxkJU+Sun18dZu+GI37AVCfEGnH
y7TNl/WljtfhscO4vWOyPg43wblhlYacWtIvrCgOU25Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:15:01 2025 by rpki-client