Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/NFHPImufF3uRqUgALoiOKsyNAWY.roa
File: NFHPImufF3uRqUgALoiOKsyNAWY.roa (raw, json)
Hash identifier: P38WvGerxAQEhXHw97XFuU4GA9ZzpqGUq811jnutzZs=
Subject key identifier: 34:51:CF:22:6B:9F:17:7B:91:A9:48:00:2E:88:8E:2A:CC:8D:01:66
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 0194206875F94EC8774A763FB21DADC3686E
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/NFHPImufF3uRqUgALoiOKsyNAWY.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48329
IP address blocks: 185.159.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:75:f9:4e:c8:77:4a:76:3f:b2:1d:ad:c3:68:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3451cf226b9f177b91a948002e888e2acc8d0166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:44:09:66:e1:89:24:2e:30:ac:45:59:f0:
d9:1d:41:a8:a9:b1:65:06:ba:f1:f9:be:b4:66:57:
2d:77:59:0b:a2:48:55:93:91:f6:c4:aa:bb:ae:9f:
d4:b9:c4:df:07:d6:83:e0:16:ae:1d:4c:43:82:a6:
f6:9c:77:33:ee:ed:05:d2:8e:e6:c8:3e:d5:9e:63:
5a:33:d4:af:12:8f:98:ee:a4:77:06:c5:84:a6:9b:
66:85:4d:f7:e5:7f:4f:55:2c:70:e5:ec:d8:99:d8:
be:8e:26:33:2d:80:93:e9:1e:a5:03:62:94:23:06:
fa:c5:6b:46:4a:f6:c5:d0:bf:cd:50:da:29:91:64:
9e:82:80:5d:39:79:08:a0:ca:2b:dc:82:2a:37:a9:
cd:e7:44:0e:3a:fa:2e:e5:e4:ed:7e:e2:b2:10:96:
16:0f:cd:f9:b8:7b:56:34:dd:76:44:4f:f9:4a:54:
35:f5:1f:96:f8:9d:a6:41:a8:40:98:22:0c:4e:5b:
3a:76:4a:ce:fa:2f:05:10:12:2e:60:50:41:10:fc:
b7:0a:d5:ac:d0:2a:b1:12:70:44:46:b0:b6:fd:a0:
e5:dd:ad:55:54:d6:87:04:8f:9b:ef:0a:39:3c:f8:
2a:03:35:2f:21:f7:11:85:d3:60:7e:1a:47:42:18:
29:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:51:CF:22:6B:9F:17:7B:91:A9:48:00:2E:88:8E:2A:CC:8D:01:66
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/NFHPImufF3uRqUgALoiOKsyNAWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:a8:e4:82:c1:bd:a7:5b:03:ae:5a:b8:e3:0f:89:20:bf:fc:
2b:86:fc:88:ea:ca:e5:f4:38:00:5c:3e:b9:b2:da:a0:36:e7:
85:89:22:fb:da:be:d5:29:ce:ce:5d:0a:77:a5:38:cd:50:4c:
30:bf:58:a0:98:22:7b:0d:af:87:83:20:8a:11:de:99:31:4e:
a2:6e:37:26:63:00:e7:7c:c9:a0:29:51:1d:07:50:dd:44:f4:
77:c4:ac:16:aa:fc:ec:e0:16:8a:d5:b5:26:7b:6f:8d:2c:da:
24:b2:ff:0b:82:b7:8f:f1:ce:6e:e1:fa:2d:ba:76:ea:63:29:
16:91:79:25:7f:fe:85:88:55:7c:92:7f:13:08:fa:77:69:13:
19:a4:58:26:f1:29:87:ff:15:94:1d:8e:66:b4:ba:a4:ca:91:
8b:cc:ee:9b:67:8b:3f:10:b3:ed:b9:70:9f:bb:37:20:77:cb:
a8:db:8a:3a:6c:5a:f8:a4:3a:58:fc:26:96:c2:82:18:56:a6:
4d:c4:16:3e:8e:4c:25:a6:03:6e:33:62:a2:98:bd:19:6a:a8:
7b:22:87:f7:99:63:73:cf:6b:a0:03:d7:9a:ee:d2:46:aa:b6:
4a:37:6c:9a:4f:22:62:48:e4:3a:65:3a:0f:da:1f:18:b8:09:
8c:d2:f8:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHX5Tsh3SnY/sh2tw2huMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDUxY2YyMjZiOWYxNzdiOTFhOTQ4MDAyZTg4OGUyYWNjOGQwMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9ZECWbhiSQuMKxFWfDZHUGoqbFl
Brrx+b60Zlctd1kLokhVk5H2xKq7rp/UucTfB9aD4BauHUxDgqb2nHcz7u0F0o7m
yD7VnmNaM9SvEo+Y7qR3BsWEpptmhU335X9PVSxw5ezYmdi+jiYzLYCT6R6lA2KU
Iwb6xWtGSvbF0L/NUNopkWSegoBdOXkIoMor3IIqN6nN50QOOvou5eTtfuKyEJYW
D835uHtWNN12RE/5SlQ19R+W+J2mQahAmCIMTls6dkrO+i8FEBIuYFBBEPy3CtWs
0CqxEnBERrC2/aDl3a1VVNaHBI+b7wo5PPgqAzUvIfcRhdNgfhpHQhgp2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRRzyJrnxd7kalIAC6IjirMjQFmMB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvTkZIUEltdWZGM3VScVVnQUxvaU9Lc3lOQVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9WMA0G
CSqGSIb3DQEBCwUAA4IBAQC2qOSCwb2nWwOuWrjjD4kgv/wrhvyI6srl9DgAXD65
stqgNueFiSL72r7VKc7OXQp3pTjNUEwwv1igmCJ7Da+HgyCKEd6ZMU6ibjcmYwDn
fMmgKVEdB1DdRPR3xKwWqvzs4BaK1bUme2+NLNoksv8LgreP8c5u4fotunbqYykW
kXklf/6FiFV8kn8TCPp3aRMZpFgm8SmH/xWUHY5mtLqkypGLzO6bZ4s/ELPtuXCf
uzcgd8uo24o6bFr4pDpY/CaWwoIYVqZNxBY+jkwlpgNuM2KimL0Zaqh7Iof3mWNz
z2ugA9ea7tJGqrZKN2yaTyJiSOQ6ZToP2h8YuAmM0vgb
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:45 2025 by rpki-client