Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nlW2BhzbrhZqQt_kjdeJrjsFzqg.roa
File: nlW2BhzbrhZqQt_kjdeJrjsFzqg.roa (raw, json)
Hash identifier: isLx6NhOWvsktPKmSuP99hPtTj1m+Qrqe7ue+9WegW8=
Subject key identifier: 9E:55:B6:06:1C:DB:AE:16:6A:42:DF:E4:8D:D7:89:AE:3B:05:CE:A8
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0194ACA86D329C414C6496E4AEC406F3FDFA
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nlW2BhzbrhZqQt_kjdeJrjsFzqg.roa
Signing time: Tue 28 Jan 2025 11:25:06 +0000
ROA not before: Tue 28 Jan 2025 11:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49665
IP address blocks: 5.189.215.0/24 maxlen: 24
85.140.95.0/24 maxlen: 24
178.155.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:a8:6d:32:9c:41:4c:64:96:e4:ae:c4:06:f3:fd:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 28 11:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e55b6061cdbae166a42dfe48dd789ae3b05cea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:15:f5:d0:6d:0b:29:ff:67:41:4b:94:b1:
b8:70:24:a6:45:f9:58:16:8b:98:59:32:20:cd:50:
dc:0e:14:22:c5:f6:31:c2:64:1b:ac:1e:91:13:2c:
8a:41:3a:71:27:71:55:7b:d2:d1:1e:c5:6d:a1:39:
49:9c:b9:26:4d:bd:6c:a3:84:a5:3b:1d:d1:e2:f9:
13:99:07:f8:cf:e2:da:22:23:6c:92:33:93:a6:9a:
05:57:c5:78:db:ae:2a:34:d8:84:e5:ea:0c:3c:5e:
c0:b4:62:e4:79:fe:06:38:35:13:54:b1:a4:0c:44:
b2:bc:2f:90:af:3b:bc:85:30:1f:ce:82:14:6e:2f:
06:4e:6e:b5:0b:43:98:c6:67:c9:6c:03:c8:92:a2:
5c:e7:53:5d:c5:fc:67:31:99:e0:b2:e6:3c:ba:04:
4c:d4:7d:5d:d9:77:94:46:1f:90:34:7f:4f:48:9b:
20:1b:5c:b8:23:3c:45:94:53:61:72:b1:b0:bc:47:
c2:c6:04:d6:2e:7d:1e:b4:8a:76:1d:43:aa:03:f5:
e0:4d:46:fa:dd:17:d6:10:f1:24:54:c5:bd:ee:c7:
bb:ab:96:3c:53:be:9f:04:2b:1d:77:92:7f:cb:28:
18:10:0e:0b:df:48:c9:19:b4:58:87:6b:93:41:69:
a6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:55:B6:06:1C:DB:AE:16:6A:42:DF:E4:8D:D7:89:AE:3B:05:CE:A8
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nlW2BhzbrhZqQt_kjdeJrjsFzqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.189.215.0/24
85.140.95.0/24
178.155.52.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3e:a4:d7:e0:63:9c:ae:0d:0d:a9:76:c4:92:c2:c7:c0:64:
66:8a:12:35:50:58:07:9f:a5:e4:1c:cb:ca:9b:ab:ee:e6:21:
cc:d5:fb:ed:63:6f:76:05:b6:91:da:05:9e:a7:07:17:db:6a:
6a:86:49:5d:3d:18:d6:89:5b:fe:7e:99:59:13:8b:96:2f:83:
e5:0b:00:1f:44:23:f9:b3:bf:fe:a3:49:36:1c:21:c6:cb:67:
61:06:97:33:ce:79:6e:b5:f4:41:74:d1:ed:a0:ef:ab:5b:36:
e9:9e:d8:69:68:4b:9e:b3:e7:60:ed:e9:3d:28:b3:4b:d9:2c:
e9:ae:9e:81:44:5c:40:c9:88:4b:3c:44:b4:c5:f3:51:38:98:
73:b2:54:45:a0:56:b5:25:db:46:8c:d8:d6:85:94:48:fd:04:
38:3e:3c:b8:b3:f2:50:de:1e:17:b9:5a:77:8b:47:cc:77:0e:
9a:e0:15:b0:f1:df:09:a5:cc:b3:5e:0f:28:86:b2:19:33:e3:
c5:ef:81:59:d8:c5:9d:a1:b2:c0:8b:ba:88:65:16:7f:76:7f:
16:07:78:fa:e6:08:ce:7e:ff:48:09:d9:8b:85:9a:b2:45:51:
a1:67:06:89:a8:cc:25:73:e5:80:9e:fd:fb:c7:af:20:5c:da:
c0:54:34:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSsqG0ynEFMZJbkrsQG8/36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTI4MTEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU1YjYwNjFjZGJhZTE2NmE0MmRmZTQ4ZGQ3ODlhZTNiMDVjZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs08V9dBtCyn/Z0FLlLG4cCSmRflY
FouYWTIgzVDcDhQixfYxwmQbrB6REyyKQTpxJ3FVe9LRHsVtoTlJnLkmTb1so4Sl
Ox3R4vkTmQf4z+LaIiNskjOTppoFV8V4264qNNiE5eoMPF7AtGLkef4GODUTVLGk
DESyvC+Qrzu8hTAfzoIUbi8GTm61C0OYxmfJbAPIkqJc51NdxfxnMZngsuY8ugRM
1H1d2XeURh+QNH9PSJsgG1y4IzxFlFNhcrGwvEfCxgTWLn0etIp2HUOqA/XgTUb6
3RfWEPEkVMW97se7q5Y8U76fBCsdd5J/yygYEA4L30jJGbRYh2uTQWmmxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ5VtgYc264WakLf5I3Xia47Bc6oMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbmxXMkJoemJyaFpxUXRfa2pkZUpyanNGenFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABb3XAwQA
VYxfAwQAsps0MA0GCSqGSIb3DQEBCwUAA4IBAQAcPqTX4GOcrg0NqXbEksLHwGRm
ihI1UFgHn6XkHMvKm6vu5iHM1fvtY292BbaR2gWepwcX22pqhkldPRjWiVv+fplZ
E4uWL4PlCwAfRCP5s7/+o0k2HCHGy2dhBpczznlutfRBdNHtoO+rWzbpnthpaEue
s+dg7ek9KLNL2Szprp6BRFxAyYhLPES0xfNROJhzslRFoFa1JdtGjNjWhZRI/QQ4
Pjy4s/JQ3h4XuVp3i0fMdw6a4BWw8d8JpcyzXg8ohrIZM+PF74FZ2MWdobLAi7qI
ZRZ/dn8WB3j65gjOfv9ICdmLhZqyRVGhZwaJqMwlc+WAnv37x68gXNrAVDQq
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:42 2025 by rpki-client