Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4db93d-fc87-4e16-9b3b-79453b474e2e/1/nAGjUH3BeWIEK9-k8ffw9jMuhWs.roa
File: nAGjUH3BeWIEK9-k8ffw9jMuhWs.roa (raw, json)
Hash identifier: N9b9YD5gQ9tOvsi0VtQodQ64t3uD6Y7lDV2UpiLAUsQ=
Subject key identifier: 9C:01:A3:50:7D:C1:79:62:04:2B:DF:A4:F1:F7:F0:F6:33:2E:85:6B
Certificate issuer: /CN=d4b0c11e6666cfc1b7f1b6994e0f437329adec04
Certificate serial: 019420686C64EC80BB13A8039575AA37B873
Authority key identifier: D4:B0:C1:1E:66:66:CF:C1:B7:F1:B6:99:4E:0F:43:73:29:AD:EC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LDBHmZmz8G38baZTg9Dcymt7AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4db93d-fc87-4e16-9b3b-79453b474e2e/1/nAGjUH3BeWIEK9-k8ffw9jMuhWs.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 176.124.254.0/23 maxlen: 32
2001:678:dc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6c:64:ec:80:bb:13:a8:03:95:75:aa:37:b8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b0c11e6666cfc1b7f1b6994e0f437329adec04
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c01a3507dc17962042bdfa4f1f7f0f6332e856b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6b:4f:6f:4f:95:26:65:f3:24:14:43:03:27:
92:b2:1d:91:93:ab:1b:92:9b:ba:60:a1:18:af:db:
ad:70:dc:31:9d:e0:55:7c:ba:1a:8a:7e:e5:32:23:
98:c7:90:c3:6c:5f:95:be:85:28:33:56:f1:e6:37:
35:cc:5c:7e:e3:23:57:ad:c4:be:b8:96:00:14:81:
61:c0:7e:ab:77:1f:69:27:6b:cc:be:0f:02:3d:b7:
e6:d0:71:22:43:c4:c2:7f:7d:be:55:25:45:9d:ff:
db:a9:23:a1:cd:13:6e:85:10:a3:6c:15:c0:99:70:
9e:41:39:be:f2:60:fa:77:3d:ea:24:58:cc:4c:d7:
66:f7:9e:12:10:c6:3c:e3:99:73:bb:71:08:c1:b2:
70:09:ac:6c:48:e4:f5:8f:3f:44:41:96:c3:7d:73:
d2:5b:95:8d:f5:d3:64:02:92:71:d3:bd:83:59:e0:
9e:47:4d:e3:67:6b:84:50:28:aa:d5:39:c1:cb:b6:
10:8f:0a:c5:a2:16:4f:b8:e1:87:9f:8f:da:2a:b6:
89:cc:56:6a:1a:fe:cf:f3:cb:2d:76:90:8e:78:ed:
3b:e0:0e:2a:0f:e2:5f:4a:e6:c1:eb:63:a6:b0:b5:
b0:a3:d8:c5:0f:29:11:8e:90:eb:dd:0a:01:d8:98:
fc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:01:A3:50:7D:C1:79:62:04:2B:DF:A4:F1:F7:F0:F6:33:2E:85:6B
X509v3 Authority Key Identifier:
keyid:D4:B0:C1:1E:66:66:CF:C1:B7:F1:B6:99:4E:0F:43:73:29:AD:EC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LDBHmZmz8G38baZTg9Dcymt7AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4db93d-fc87-4e16-9b3b-79453b474e2e/1/nAGjUH3BeWIEK9-k8ffw9jMuhWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4db93d-fc87-4e16-9b3b-79453b474e2e/1/1LDBHmZmz8G38baZTg9Dcymt7AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.254.0/23
IPv6:
2001:678:dc::/48
Signature Algorithm: sha256WithRSAEncryption
2b:43:a7:33:2b:b8:94:2a:47:4b:ab:c5:4a:db:92:f1:d3:f6:
68:bb:eb:ae:d7:74:c8:b3:74:0f:8f:61:02:f3:77:37:33:6f:
80:a3:30:46:d0:fc:de:d6:c9:1d:e9:84:dc:28:26:df:4d:37:
f3:10:7b:e8:58:09:a9:01:77:52:68:ab:d3:60:07:1f:44:8c:
c1:c3:bf:fa:17:3d:b8:b9:c0:4e:e6:54:ed:46:5f:a7:c0:36:
84:08:ca:f2:90:d0:ca:d9:6f:01:f4:b5:15:d4:23:b0:b4:ed:
09:42:25:29:47:d1:13:19:dd:e8:27:e3:1c:df:94:8d:62:54:
a8:a7:fb:0d:0a:10:c0:2a:84:e8:d1:51:31:bc:65:30:a3:fc:
fb:29:38:1a:d5:fb:eb:88:40:a3:53:49:82:27:d5:f6:57:cf:
06:d1:5d:94:e6:b7:9c:2a:00:29:5b:ed:03:c9:52:d6:40:8b:
fc:6a:8f:e8:5b:47:55:3b:c0:33:2e:62:ff:04:36:48:40:60:
ea:15:d6:42:e0:67:2f:98:f5:5c:af:3e:81:16:1f:d5:dd:39:
2e:c5:90:a1:af:c7:84:55:db:a8:29:86:fc:6d:78:e4:a1:65:
17:c6:36:c0:f7:c3:53:bd:dc:2c:83:cb:b2:a3:63:47:6d:22:
cb:4a:d6:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaGxk7IC7E6gDlXWqN7hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YjBjMTFlNjY2NmNmYzFiN2YxYjY5OTRlMGY0MzczMjlh
ZGVjMDQwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAxYTM1MDdkYzE3OTYyMDQyYmRmYTRmMWY3ZjBmNjMzMmU4NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2tPb0+VJmXzJBRDAyeSsh2Rk6sb
kpu6YKEYr9utcNwxneBVfLoain7lMiOYx5DDbF+VvoUoM1bx5jc1zFx+4yNXrcS+
uJYAFIFhwH6rdx9pJ2vMvg8CPbfm0HEiQ8TCf32+VSVFnf/bqSOhzRNuhRCjbBXA
mXCeQTm+8mD6dz3qJFjMTNdm954SEMY845lzu3EIwbJwCaxsSOT1jz9EQZbDfXPS
W5WN9dNkApJx072DWeCeR03jZ2uEUCiq1TnBy7YQjwrFohZPuOGHn4/aKraJzFZq
Gv7P88stdpCOeO074A4qD+JfSubB62OmsLWwo9jFDykRjpDr3QoB2Jj8yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwBo1B9wXliBCvfpPH38PYzLoVrMB8GA1UdIwQY
MBaAFNSwwR5mZs/Bt/G2mU4PQ3MprewEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxEQkhtWm16OEczOGJhWlRnOURjeW10N0FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80ZGI5M2QtZmM4Ny00ZTE2LTliM2It
Nzk0NTNiNDc0ZTJlLzEvbkFHalVIM0JlV0lFSzktazhmZnc5ak11aFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80ZGI5M2QtZmM4Ny00ZTE2LTliM2ItNzk0NTNiNDc0ZTJl
LzEvMUxEQkhtWm16OEczOGJhWlRnOURjeW10N0FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHz+MA8E
AgACMAkDBwAgAQZ4ANwwDQYJKoZIhvcNAQELBQADggEBACtDpzMruJQqR0urxUrb
kvHT9mi7667XdMizdA+PYQLzdzczb4CjMEbQ/N7WyR3phNwoJt9NN/MQe+hYCakB
d1Joq9NgBx9EjMHDv/oXPbi5wE7mVO1GX6fANoQIyvKQ0MrZbwH0tRXUI7C07QlC
JSlH0RMZ3egn4xzflI1iVKin+w0KEMAqhOjRUTG8ZTCj/PspOBrV++uIQKNTSYIn
1fZXzwbRXZTmt5wqAClb7QPJUtZAi/xqj+hbR1U7wDMuYv8ENkhAYOoV1kLgZy+Y
9VyvPoEWH9XdOS7FkKGvx4RV26gphvxteOShZRfGNsD3w1O93CyDy7KjY0dtIstK
1mk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:38 2025 by rpki-client