Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8808bc-976d-4212-ad2f-1a8f23e2cebb/1/NtOWsHokBD2D-h9w2vIY6AqcxW0.roa
File: NtOWsHokBD2D-h9w2vIY6AqcxW0.roa (raw, json)
Hash identifier: NgvfZzRezTm/iHnWAmu436qovNykwseNE0VLXLqNwzo=
Subject key identifier: 36:D3:96:B0:7A:24:04:3D:83:FA:1F:70:DA:F2:18:E8:0A:9C:C5:6D
Certificate issuer: /CN=edd13d3741e4b3f3a3a3e34721f1246e4b27c7a6
Certificate serial: 019422FC01A9936467A3441299FFF01D4E22
Authority key identifier: ED:D1:3D:37:41:E4:B3:F3:A3:A3:E3:47:21:F1:24:6E:4B:27:C7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7dE9N0Hks_Ojo-NHIfEkbksnx6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8808bc-976d-4212-ad2f-1a8f23e2cebb/1/NtOWsHokBD2D-h9w2vIY6AqcxW0.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35268
IP address blocks: 195.60.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:01:a9:93:64:67:a3:44:12:99:ff:f0:1d:4e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edd13d3741e4b3f3a3a3e34721f1246e4b27c7a6
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d396b07a24043d83fa1f70daf218e80a9cc56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:48:13:b3:a0:c0:2a:ab:5f:66:ff:c6:2b:
25:5b:ab:f0:46:68:09:29:f7:5c:7c:88:41:0b:e2:
f1:69:05:51:40:61:e2:b5:56:89:ca:73:00:6c:c4:
f0:be:47:74:e9:03:69:24:64:bf:60:1f:bc:85:69:
60:59:fc:c1:8c:0f:61:44:bf:c0:fc:8e:9c:dd:44:
3c:63:9d:a6:47:62:8e:00:ad:bf:10:66:66:b6:80:
6f:03:74:34:e6:1f:b1:08:ab:76:9e:40:fd:a0:90:
6b:bf:1a:df:8f:15:6e:8c:35:8b:14:42:60:29:0e:
aa:2c:cf:97:52:a3:87:e7:45:82:f8:1d:b9:e9:f9:
b4:ee:49:97:3d:34:88:4e:a3:d7:ed:f1:01:0a:98:
c9:2a:f3:fb:75:cc:86:f2:e5:9f:8d:95:f6:cc:25:
58:14:23:4b:10:40:89:d6:1f:3e:63:b4:f9:9f:93:
a9:79:e4:87:bd:8a:3e:bd:5e:71:c2:63:53:88:90:
b3:44:4d:cd:16:48:25:18:d4:50:c2:80:50:29:7a:
49:27:35:32:4c:08:f4:d7:c4:16:09:47:33:d1:0e:
00:98:35:3c:fb:19:df:4f:d6:1d:98:de:7a:ef:16:
fb:e2:20:31:43:94:f0:51:1e:55:72:13:f3:01:d0:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D3:96:B0:7A:24:04:3D:83:FA:1F:70:DA:F2:18:E8:0A:9C:C5:6D
X509v3 Authority Key Identifier:
keyid:ED:D1:3D:37:41:E4:B3:F3:A3:A3:E3:47:21:F1:24:6E:4B:27:C7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7dE9N0Hks_Ojo-NHIfEkbksnx6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8808bc-976d-4212-ad2f-1a8f23e2cebb/1/NtOWsHokBD2D-h9w2vIY6AqcxW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8808bc-976d-4212-ad2f-1a8f23e2cebb/1/7dE9N0Hks_Ojo-NHIfEkbksnx6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.74.0/24
Signature Algorithm: sha256WithRSAEncryption
30:10:ef:19:2e:a1:00:5a:8d:18:51:4c:b7:02:ef:f1:2d:4d:
f3:54:3d:0c:54:80:49:bf:6b:d7:50:97:ad:66:12:46:f8:51:
01:e8:f9:fa:1f:d3:c3:42:d7:4e:09:24:37:53:15:c6:08:e1:
b1:0c:3a:27:0d:a6:72:21:df:db:59:da:12:e4:f2:0b:ce:0f:
0f:fa:95:e2:31:e0:95:82:0e:ed:db:51:42:dd:85:14:e9:8f:
e7:9a:db:78:59:d4:4a:97:57:17:20:86:0d:ed:b9:8c:24:62:
6c:d5:9f:62:87:fe:ba:52:97:af:af:ed:41:f7:3d:7c:0e:35:
37:d6:d6:65:16:81:ae:82:58:bf:5f:50:c7:f4:d5:88:88:fd:
4c:1e:0c:17:1a:7c:2c:30:b6:53:05:d5:ae:a7:ba:93:0c:05:
51:35:8b:f9:6c:54:95:30:1d:7a:d1:43:bd:a2:80:c3:f3:5a:
45:fb:34:00:da:93:42:33:c2:8c:bd:fe:20:4d:0d:d8:d4:cd:
a1:4c:ee:21:26:9a:1d:5a:47:59:ac:7d:7b:27:bf:a0:ec:80:
86:16:d1:c4:4c:01:23:3a:bf:24:9e:74:10:3d:a4:47:1e:54:
9a:15:e6:c7:62:51:0e:83:32:b2:c2:cf:71:23:9d:69:0f:21:
f1:7a:08:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AGpk2Rno0QSmf/wHU4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZDEzZDM3NDFlNGIzZjNhM2EzZTM0NzIxZjEyNDZlNGIy
N2M3YTYwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQzOTZiMDdhMjQwNDNkODNmYTFmNzBkYWYyMThlODBhOWNjNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg9IE7OgwCqrX2b/xislW6vwRmgJ
KfdcfIhBC+LxaQVRQGHitVaJynMAbMTwvkd06QNpJGS/YB+8hWlgWfzBjA9hRL/A
/I6c3UQ8Y52mR2KOAK2/EGZmtoBvA3Q05h+xCKt2nkD9oJBrvxrfjxVujDWLFEJg
KQ6qLM+XUqOH50WC+B256fm07kmXPTSITqPX7fEBCpjJKvP7dcyG8uWfjZX2zCVY
FCNLEECJ1h8+Y7T5n5OpeeSHvYo+vV5xwmNTiJCzRE3NFkglGNRQwoBQKXpJJzUy
TAj018QWCUcz0Q4AmDU8+xnfT9YdmN567xb74iAxQ5TwUR5VchPzAdCOnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbTlrB6JAQ9g/ofcNryGOgKnMVtMB8GA1UdIwQY
MBaAFO3RPTdB5LPzo6PjRyHxJG5LJ8emMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2RFOU4wSGtzX09qby1OSElmRWtia3NueDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ODA4YmMtOTc2ZC00MjEyLWFkMmYt
MWE4ZjIzZTJjZWJiLzEvTnRPV3NIb2tCRDJELWg5dzJ2SVk2QXFjeFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ODA4YmMtOTc2ZC00MjEyLWFkMmYtMWE4ZjIzZTJjZWJi
LzEvN2RFOU4wSGtzX09qby1OSElmRWtia3NueDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxKMA0G
CSqGSIb3DQEBCwUAA4IBAQAwEO8ZLqEAWo0YUUy3Au/xLU3zVD0MVIBJv2vXUJet
ZhJG+FEB6Pn6H9PDQtdOCSQ3UxXGCOGxDDonDaZyId/bWdoS5PILzg8P+pXiMeCV
gg7t21FC3YUU6Y/nmtt4WdRKl1cXIIYN7bmMJGJs1Z9ih/66Upevr+1B9z18DjU3
1tZlFoGugli/X1DH9NWIiP1MHgwXGnwsMLZTBdWup7qTDAVRNYv5bFSVMB160UO9
ooDD81pF+zQA2pNCM8KMvf4gTQ3Y1M2hTO4hJpodWkdZrH17J7+g7ICGFtHETAEj
Or8knnQQPaRHHlSaFebHYlEOgzKyws9xI51pDyHxegir
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:08:19 2025 by rpki-client