Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/NPk_GHNqq8k7MUydVHIUCQUBAQo.roa
File: NPk_GHNqq8k7MUydVHIUCQUBAQo.roa (raw, json)
Hash identifier: 8i7mapEQ11nmMTFwNuWUxWdEwqzqNv3Aacz7I3tfzMk=
Subject key identifier: 34:F9:3F:18:73:6A:AB:C9:3B:31:4C:9D:54:72:14:09:05:01:01:0A
Certificate issuer: /CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Certificate serial: 0194236A2C6AFB7EC546D9B10517E4DFA19C
Authority key identifier: E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/NPk_GHNqq8k7MUydVHIUCQUBAQo.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 147.252.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2c:6a:fb:7e:c5:46:d9:b1:05:17:e4:df:a1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34f93f18736aabc93b314c9d547214090501010a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:d1:43:14:e4:0c:dc:38:44:a6:70:fd:c5:
49:4d:5a:76:10:8b:f4:96:42:09:93:34:64:e5:0d:
a2:f3:6d:30:6d:1a:8e:6d:c3:be:8c:30:44:94:9f:
f1:fb:bd:be:e2:6c:64:91:18:e6:c4:6d:fa:c1:5c:
62:a9:56:64:b1:a8:95:5f:73:b0:b0:f4:fd:5d:0f:
e7:78:c6:b7:13:1d:2a:5f:f7:17:d3:17:49:76:0c:
a1:6e:7c:ea:13:0f:8c:75:8d:e1:2a:a0:26:10:f2:
09:63:9c:de:9c:f6:d2:f5:3d:37:1c:c3:f3:fa:e4:
cd:47:c3:31:65:e3:dc:16:44:4b:69:a7:c9:40:61:
15:81:33:cd:be:3b:44:a6:07:86:59:6a:7e:58:82:
06:60:4c:6a:75:f0:5c:09:1e:da:4c:93:73:1d:72:
cb:38:e4:34:f9:a9:45:ae:40:be:69:a1:31:0c:73:
3d:ea:e9:b8:93:88:0a:34:69:44:6d:06:ad:f8:21:
fe:90:70:0a:3f:b1:25:e6:4f:30:59:aa:0c:6b:67:
b0:96:e5:a8:51:ef:29:0c:35:6b:1c:69:0c:06:a0:
ac:bf:27:92:c0:01:9f:15:bc:26:b6:55:e8:fb:3d:
bc:34:87:c8:9c:ed:68:a4:41:78:dc:53:80:3a:ea:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F9:3F:18:73:6A:AB:C9:3B:31:4C:9D:54:72:14:09:05:01:01:0A
X509v3 Authority Key Identifier:
keyid:E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/NPk_GHNqq8k7MUydVHIUCQUBAQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/4Vanhb9_5NfEpca3ISFPDpbzrsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.252.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:5c:fb:34:d7:24:22:49:ea:52:98:30:d7:5e:14:f5:f6:b8:
37:be:cc:95:ac:23:27:38:26:9b:d5:8c:63:d9:1d:9c:ce:61:
b6:f3:6b:2b:0f:c6:6a:fb:a9:0f:c5:11:03:45:e3:07:0d:05:
bf:9f:64:8b:0c:3e:98:26:a1:66:f5:8d:80:8b:f7:1d:77:4f:
a5:b7:9e:df:81:21:93:9b:60:2a:46:0f:f7:91:5f:47:c5:5d:
eb:17:e7:17:a2:18:2d:4c:41:82:7d:1d:4d:b8:20:05:16:ad:
7c:65:69:0c:fa:12:a4:e6:ce:8a:58:ab:5e:bd:6b:09:3f:e9:
a1:57:40:8d:b5:a8:2c:43:b0:af:cb:4a:46:bd:a5:bc:fc:ac:
5d:25:11:a9:13:94:37:06:4d:7e:08:ee:d9:f5:3a:f8:28:a9:
9d:41:53:84:80:6c:b7:dc:33:ac:9e:0d:44:4a:1e:d9:a6:0d:
ea:10:f9:1b:5d:48:2e:ee:1d:e3:4b:8d:cc:49:79:33:bd:0e:
2e:36:34:47:4e:67:05:31:72:32:db:d6:70:2c:95:9e:2a:2d:
90:8a:87:96:cb:b4:3c:6f:e8:bc:4d:b7:fd:81:d7:1b:35:c5:
f8:f9:60:66:e3:80:a3:58:8b:66:cc:0e:30:1a:bf:c7:4a:45:
ac:70:34:59
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQjaixq+37FRtmxBRfk36GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTZhNzg1YmY3ZmU0ZDdjNGE1YzZiNzIxMjE0ZjBlOTZm
M2FlYzkwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY5M2YxODczNmFhYmM5M2IzMTRjOWQ1NDcyMTQwOTA1MDEwMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtATRQxTkDNw4RKZw/cVJTVp2EIv0
lkIJkzRk5Q2i820wbRqObcO+jDBElJ/x+72+4mxkkRjmxG36wVxiqVZksaiVX3Ow
sPT9XQ/neMa3Ex0qX/cX0xdJdgyhbnzqEw+MdY3hKqAmEPIJY5zenPbS9T03HMPz
+uTNR8MxZePcFkRLaafJQGEVgTPNvjtEpgeGWWp+WIIGYExqdfBcCR7aTJNzHXLL
OOQ0+alFrkC+aaExDHM96um4k4gKNGlEbQat+CH+kHAKP7El5k8wWaoMa2ewluWo
Ue8pDDVrHGkMBqCsvyeSwAGfFbwmtlXo+z28NIfInO1opEF43FOAOuppawIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDT5PxhzaqvJOzFMnVRyFAkFAQEKMB8GA1UdIwQY
MBaAFOFWp4W/f+TXxKXGtyEhTw6W867JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZhbmhiOV81TmZFcGNhM0lTRlBEcGJ6cnNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMThmMzItNDczYy00ZDllLWFiODUt
N2JkMGNmYTIzOWY2LzEvTlBrX0dITnFxOGs3TVV5ZFZISVVDUVVCQVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMThmMzItNDczYy00ZDllLWFiODUtN2JkMGNmYTIzOWY2
LzEvNFZhbmhiOV81TmZFcGNhM0lTRlBEcGJ6cnNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk/wwDQYJ
KoZIhvcNAQELBQADggEBAJhc+zTXJCJJ6lKYMNdeFPX2uDe+zJWsIyc4JpvVjGPZ
HZzOYbbzaysPxmr7qQ/FEQNF4wcNBb+fZIsMPpgmoWb1jYCL9x13T6W3nt+BIZOb
YCpGD/eRX0fFXesX5xeiGC1MQYJ9HU24IAUWrXxlaQz6EqTmzopYq169awk/6aFX
QI21qCxDsK/LSka9pbz8rF0lEakTlDcGTX4I7tn1OvgoqZ1BU4SAbLfcM6yeDURK
HtmmDeoQ+RtdSC7uHeNLjcxJeTO9Di42NEdOZwUxcjLb1nAslZ4qLZCKh5bLtDxv
6LxNt/2B1xs1xfj5YGbjgKNYi2bMDjAav8dKRaxwNFk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:37 2025 by rpki-client