Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/N4k_Nhd_zGNh0NcjpaNA1_JaOFU.roa
File: N4k_Nhd_zGNh0NcjpaNA1_JaOFU.roa (raw, json)
Hash identifier: hmqvI+DAzSPeoDmkuTYHzM1aTWOLZonA6rur19qwekI=
Subject key identifier: 37:89:3F:36:17:7F:CC:63:61:D0:D7:23:A5:A3:40:D7:F2:5A:38:55
Certificate issuer: /CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Certificate serial: 019424B3F8122A50295467F71E611F12EFB9
Authority key identifier: 1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/N4k_Nhd_zGNh0NcjpaNA1_JaOFU.roa
Signing time: Thu 02 Jan 2025 01:49:21 +0000
ROA not before: Thu 02 Jan 2025 01:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210771
IP address blocks: 185.252.5.0/24 maxlen: 24
185.252.6.0/24 maxlen: 24
185.252.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f8:12:2a:50:29:54:67:f7:1e:61:1f:12:ef:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Validity
Not Before: Jan 2 01:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37893f36177fcc6361d0d723a5a340d7f25a3855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:66:d2:bd:b5:38:e2:05:17:52:b0:da:ab:7f:
d5:1d:a7:12:29:0a:c8:30:48:8a:da:53:19:42:5f:
26:20:5b:07:ef:0e:06:e0:16:82:ab:20:c7:6b:ae:
27:c7:cb:c7:43:fe:00:b2:10:5c:92:36:c9:77:27:
8d:ee:2e:ef:44:39:d8:f0:72:c0:0e:34:29:ad:25:
83:17:4f:2a:1c:27:ae:c4:ea:cd:1d:22:be:b2:7a:
5f:ea:b1:cc:09:8a:8f:f1:98:35:0f:0b:39:66:04:
e8:c6:49:d5:54:09:0b:bd:b0:2c:b3:a6:e3:5a:a8:
dd:3d:a7:25:ba:d3:6a:cf:13:c0:58:40:13:9e:32:
bb:d0:18:14:a7:e6:47:6b:71:06:1d:93:40:75:18:
48:99:dd:82:ec:b9:0d:b6:95:69:44:07:3d:f4:cf:
8b:ed:f3:30:7c:4d:15:8d:8e:63:68:ee:d9:d8:89:
fd:95:05:86:a0:e3:68:6b:e2:79:17:32:a5:9e:8e:
8f:ab:7e:05:0c:6d:45:e0:c9:54:a8:78:8a:d4:8a:
e4:92:b6:3e:cc:41:29:5f:01:63:7b:63:26:33:6b:
fa:49:73:1f:ab:94:83:59:63:2e:6c:76:31:de:8f:
0a:5c:8c:aa:05:4b:1e:9c:05:ca:92:28:1a:a3:37:
95:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:89:3F:36:17:7F:CC:63:61:D0:D7:23:A5:A3:40:D7:F2:5A:38:55
X509v3 Authority Key Identifier:
keyid:1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/N4k_Nhd_zGNh0NcjpaNA1_JaOFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.5.0-185.252.7.255
Signature Algorithm: sha256WithRSAEncryption
bb:21:01:fe:dc:42:52:91:72:6b:ed:c2:4b:00:c1:54:a4:7c:
81:89:ec:7a:0e:a8:a1:c3:5e:1a:5e:d3:88:af:7b:fc:a4:02:
0b:c2:61:c4:73:2f:08:a2:04:8c:ce:ff:d5:0c:7e:20:46:14:
cd:83:b0:5a:1d:68:1f:4b:c7:f0:20:4e:b6:dd:57:80:31:9d:
2d:66:30:a4:49:0f:c8:37:e5:a5:4e:a9:4a:17:c5:70:4c:9a:
4d:cd:58:38:70:cf:b5:54:86:37:d2:a0:25:6b:74:d2:75:07:
6d:a3:dd:20:bd:96:c3:53:8c:df:98:36:1d:f5:77:30:35:0d:
3c:c6:a2:42:b6:41:89:1a:e1:a0:b1:2f:0f:26:51:7c:20:b5:
25:47:03:55:27:22:59:b9:13:d8:f1:41:42:80:e1:0f:34:1e:
70:8b:d4:22:b9:c0:b5:64:b8:7c:40:29:ea:39:ed:2c:8b:09:
61:7d:f1:50:3c:55:98:f0:ed:0f:05:a6:c8:ce:a8:2e:6c:ef:
36:5a:7d:e6:1e:39:4f:44:7f:c6:6b:3b:90:90:75:ea:62:88:
bd:4e:95:e4:bb:4f:d5:ca:da:42:d3:8e:06:e6:d5:d8:d7:b9:
42:7b:9e:f6:c6:10:30:fd:b4:0d:c7:56:85:51:5b:40:4f:d1:
72:b3:c2:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQks/gSKlApVGf3HmEfEu+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTBhMzI4YzZmZTBmMWJjYTVlNjU5OTA0MmRmZjU5ZTUx
M2IyNWQwHhcNMjUwMTAyMDE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzg5M2YzNjE3N2ZjYzYzNjFkMGQ3MjNhNWEzNDBkN2YyNWEzODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWbSvbU44gUXUrDaq3/VHacSKQrI
MEiK2lMZQl8mIFsH7w4G4BaCqyDHa64nx8vHQ/4AshBckjbJdyeN7i7vRDnY8HLA
DjQprSWDF08qHCeuxOrNHSK+snpf6rHMCYqP8Zg1Dws5ZgToxknVVAkLvbAss6bj
WqjdPaclutNqzxPAWEATnjK70BgUp+ZHa3EGHZNAdRhImd2C7LkNtpVpRAc99M+L
7fMwfE0VjY5jaO7Z2In9lQWGoONoa+J5FzKlno6Pq34FDG1F4MlUqHiK1IrkkrY+
zEEpXwFje2MmM2v6SXMfq5SDWWMubHYx3o8KXIyqBUsenAXKkigaozeVTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDeJPzYXf8xjYdDXI6WjQNfyWjhVMB8GA1UdIwQY
MBaAFBqgoyjG/g8byl5lmQQt/1nlE7JdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUt
MzhlODQ2MTQ4Yzc4LzEvTjRrX05oZF96R05oME5janBhTkExX0phT0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUtMzhlODQ2MTQ4Yzc4
LzEvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5/AUD
BAO5/AAwDQYJKoZIhvcNAQELBQADggEBALshAf7cQlKRcmvtwksAwVSkfIGJ7HoO
qKHDXhpe04ive/ykAgvCYcRzLwiiBIzO/9UMfiBGFM2DsFodaB9Lx/AgTrbdV4Ax
nS1mMKRJD8g35aVOqUoXxXBMmk3NWDhwz7VUhjfSoCVrdNJ1B22j3SC9lsNTjN+Y
Nh31dzA1DTzGokK2QYka4aCxLw8mUXwgtSVHA1UnIlm5E9jxQUKA4Q80HnCL1CK5
wLVkuHxAKeo57SyLCWF98VA8VZjw7Q8FpsjOqC5s7zZafeYeOU9Ef8ZrO5CQdepi
iL1OleS7T9XK2kLTjgbm1djXuUJ7nvbGEDD9tA3HVoVRW0BP0XKzwqk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:30:33 2025 by rpki-client