Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/NO4AW5Gi5epvfnutXf6m_pLoKDw.roa
File: NO4AW5Gi5epvfnutXf6m_pLoKDw.roa (raw, json)
Hash identifier: 1o2hUp8Qay3eqTXCqBb3VcdpmxjfDTdYSgYdj2A3ZP8=
Subject key identifier: 34:EE:00:5B:91:A2:E5:EA:6F:7E:7B:AD:5D:FE:A6:FE:92:E8:28:3C
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 019425204542FFED0C81A5AE27BC35AE7F46
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/NO4AW5Gi5epvfnutXf6m_pLoKDw.roa
Signing time: Thu 02 Jan 2025 03:47:39 +0000
ROA not before: Thu 02 Jan 2025 03:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208909
IP address blocks: 45.15.136.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
162.213.64.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.67.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.132.90.0/24 maxlen: 24
2a01:57a0::/32 maxlen: 32
2a0e:3c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:45:42:ff:ed:0c:81:a5:ae:27:bc:35:ae:7f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 2 03:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34ee005b91a2e5ea6f7e7bad5dfea6fe92e8283c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b5:b9:17:17:34:86:47:d5:87:af:af:04:11:
74:34:f8:b5:8a:e0:71:94:88:20:7d:17:5f:f7:6f:
fe:dc:50:3b:72:cc:7b:b2:e2:76:02:62:03:ec:6f:
ea:7d:68:61:cc:f0:a2:5f:84:83:f7:73:9f:30:28:
76:a3:53:30:aa:0e:ae:08:95:65:ff:31:52:a0:7b:
87:31:99:20:93:72:6d:2c:c6:5b:b9:f5:69:17:2c:
5e:1b:a4:74:2c:e1:c1:d2:f1:90:56:6a:ef:31:ef:
3a:b9:d3:e9:7e:0f:a4:9c:1d:d5:b9:e8:c5:5d:87:
e1:bc:b3:51:d5:7d:ca:90:ac:c3:a2:18:0b:6a:f5:
97:cc:4e:0c:67:9c:af:5d:12:82:be:e7:c2:f0:d1:
46:7e:fc:2c:39:63:7e:ca:f7:67:ee:6a:d2:48:e6:
12:8d:47:d6:f9:71:a9:05:60:18:4f:57:6b:f7:a3:
9c:76:bc:27:c1:d3:a5:c3:db:66:1a:69:9a:8f:66:
2a:36:72:0a:a6:bc:30:25:23:2a:c8:22:ae:e4:64:
4a:83:b5:2e:f3:57:41:86:65:15:b3:d8:aa:9b:a0:
88:8d:aa:79:06:ee:39:67:87:50:d5:39:58:34:e1:
c9:86:65:9f:5a:71:73:36:e4:a4:e9:0f:85:01:cb:
3e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EE:00:5B:91:A2:E5:EA:6F:7E:7B:AD:5D:FE:A6:FE:92:E8:28:3C
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/NO4AW5Gi5epvfnutXf6m_pLoKDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.41.96.0/22
185.132.90.0/24
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
06:87:47:28:ef:d6:3e:8e:9c:d5:a2:9f:43:af:1e:67:3b:31:
a2:4a:b4:a1:60:e7:6a:6d:17:03:cc:2a:92:fa:28:02:5b:08:
9c:ab:62:96:73:45:13:a9:dc:c9:fc:4b:b8:46:b2:ad:e8:95:
2b:34:5e:65:4c:55:42:d6:8e:63:63:4b:67:52:f6:dd:a1:08:
2a:58:c8:d3:28:0f:88:c0:5d:73:21:99:81:74:a6:a6:68:d9:
fe:19:f6:0d:c8:7e:58:b2:7c:e0:9c:bd:be:0b:ec:9b:e3:2a:
96:4b:3f:8b:df:5a:9a:ce:d9:8e:ee:3d:b6:5e:21:1a:bb:ba:
ae:35:74:58:1d:d2:f3:ef:72:2b:b6:31:57:f7:b7:e0:e1:18:
c9:58:0c:15:02:87:9a:f8:3c:47:6d:ab:59:65:6d:b3:43:2b:
f5:c7:2b:7c:45:36:73:26:2d:4a:44:6b:05:e0:dc:e3:1b:34:
01:a0:a5:0e:f6:84:2a:c2:8a:ac:f8:20:a5:ea:74:0b:7a:86:
4f:3b:97:2a:5d:9a:3e:69:68:3a:ca:8c:2c:1d:e7:61:30:41:
93:b2:1e:22:6d:00:33:9e:36:39:9b:18:7d:3f:0c:29:51:71:
cb:cf:73:e3:52:83:cd:e2:92:01:2a:69:39:f7:77:0e:8c:37:
75:c3:2e:f5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQlIEVC/+0MgaWuJ7w1rn9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjUwMTAyMDM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVlMDA1YjkxYTJlNWVhNmY3ZTdiYWQ1ZGZlYTZmZTkyZTgyODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobW5Fxc0hkfVh6+vBBF0NPi1iuBx
lIggfRdf92/+3FA7csx7suJ2AmID7G/qfWhhzPCiX4SD93OfMCh2o1Mwqg6uCJVl
/zFSoHuHMZkgk3JtLMZbufVpFyxeG6R0LOHB0vGQVmrvMe86udPpfg+knB3VuejF
XYfhvLNR1X3KkKzDohgLavWXzE4MZ5yvXRKCvufC8NFGfvwsOWN+yvdn7mrSSOYS
jUfW+XGpBWAYT1dr96OcdrwnwdOlw9tmGmmaj2YqNnIKprwwJSMqyCKu5GRKg7Uu
81dBhmUVs9iqm6CIjap5Bu45Z4dQ1TlYNOHJhmWfWnFzNuSk6Q+FAcs+bQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDTuAFuRouXqb357rV3+pv6S6Cg8MB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvTk80QVc1R2k1ZXB2Zm51dFhmNm1fcExvS0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQ+IAwQC
W8x8AwQCotVAAwQCuSlgAwQAuYRaMBQEAgACMA4DBQAqAVegAwUDKg48gDANBgkq
hkiG9w0BAQsFAAOCAQEABodHKO/WPo6c1aKfQ68eZzsxokq0oWDnam0XA8wqkvoo
AlsInKtilnNFE6ncyfxLuEayreiVKzReZUxVQtaOY2NLZ1L23aEIKljI0ygPiMBd
cyGZgXSmpmjZ/hn2Dch+WLJ84Jy9vgvsm+Mqlks/i99ams7Zju49tl4hGru6rjV0
WB3S8+9yK7YxV/e34OEYyVgMFQKHmvg8R22rWWVts0Mr9ccrfEU2cyYtSkRrBeDc
4xs0AaClDvaEKsKKrPggpep0C3qGTzuXKl2aPmloOsqMLB3nYTBBk7IeIm0AM542
OZsYfT8MKVFxy89z41KDzeKSASppOfd3Dow3dcMu9Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:28:49 2025 by rpki-client