Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NGUX_wUecUWqzbndlWjKyvgn_L8.roa
File: NGUX_wUecUWqzbndlWjKyvgn_L8.roa (raw, json)
Hash identifier: 17HMuISkbpyzncjWQXNjl1zx9g2Y5g9g+2mcpzxaFWE=
Subject key identifier: 34:65:17:FF:05:1E:71:45:AA:CD:B9:DD:95:68:CA:CA:F8:27:FC:BF
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 01942826D1742FB452BD4D5A84A9A68F915B
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NGUX_wUecUWqzbndlWjKyvgn_L8.roa
Signing time: Thu 02 Jan 2025 17:53:40 +0000
ROA not before: Thu 02 Jan 2025 17:53:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200780
IP address blocks: 5.42.200.0/24 maxlen: 24
45.9.104.0/22 maxlen: 24
45.85.132.0/22 maxlen: 24
45.155.228.0/22 maxlen: 24
45.156.188.0/22 maxlen: 24
46.19.104.0/21 maxlen: 24
77.236.98.0/23 maxlen: 24
88.218.32.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
91.227.36.0/22 maxlen: 24
91.234.104.0/22 maxlen: 24
93.177.69.0/24 maxlen: 24
93.177.70.0/23 maxlen: 24
95.178.108.0/22 maxlen: 24
185.40.102.0/23 maxlen: 24
185.73.204.0/22 maxlen: 24
185.73.204.0/24 maxlen: 24
185.144.24.0/22 maxlen: 24
194.11.255.0/24 maxlen: 24
194.13.1.0/24 maxlen: 24
194.13.64.0/24 maxlen: 24
194.13.67.0/24 maxlen: 24
194.106.208.0/23 maxlen: 24
195.35.96.0/24 maxlen: 24
195.133.148.0/22 maxlen: 24
2a05:46c0::/29 maxlen: 29
2a10:780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:d1:74:2f:b4:52:bd:4d:5a:84:a9:a6:8f:91:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jan 2 17:53:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=346517ff051e7145aacdb9dd9568cacaf827fcbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:f2:27:85:1e:c4:4b:f2:01:38:88:e8:25:
37:e8:30:cc:59:d8:62:b7:91:4a:95:a9:e6:e8:d2:
24:8b:98:7d:5c:c5:11:2e:fa:49:60:cf:78:d4:f7:
52:aa:70:4e:4b:79:fc:2e:50:f4:45:b5:b4:ab:d0:
42:ae:49:65:67:db:15:af:33:f3:bd:1a:a5:36:ac:
5f:e4:cb:c8:7a:33:a8:69:51:76:bb:f9:01:6d:20:
8e:bb:ac:ce:56:38:42:e6:5c:85:6c:e4:dc:13:9a:
ed:6e:8f:8f:7f:b9:f2:f3:4b:d8:e0:32:cc:8c:0d:
87:91:25:81:aa:ab:fe:f1:c7:72:cb:ec:e1:d7:ff:
90:98:1c:d9:82:42:18:84:86:e2:7e:b4:b4:e3:7d:
56:b7:a3:d6:3b:db:f1:b2:e2:e5:cd:f9:e1:62:9a:
64:6c:67:a7:c9:ea:bc:0b:96:91:ba:56:26:c2:de:
92:28:96:e4:a7:a1:92:99:9c:fc:2c:da:44:0b:ed:
f6:df:8d:ef:95:11:b4:aa:43:02:2f:89:68:bb:1f:
f6:4b:df:8c:b5:8e:df:a0:23:61:66:be:e3:39:4e:
98:5f:47:df:19:b8:4c:a1:cf:b6:c2:92:1c:51:cd:
cc:db:3f:a3:e2:ea:79:99:0e:84:db:a5:77:3b:ef:
98:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:65:17:FF:05:1E:71:45:AA:CD:B9:DD:95:68:CA:CA:F8:27:FC:BF
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NGUX_wUecUWqzbndlWjKyvgn_L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.200.0/24
45.9.104.0/22
45.85.132.0/22
45.155.228.0/22
45.156.188.0/22
46.19.104.0/21
77.236.98.0/23
88.218.32.0/23
89.40.220.0/23
91.227.36.0/22
91.234.104.0/22
93.177.69.0-93.177.71.255
95.178.108.0/22
185.40.102.0/23
185.73.204.0/22
185.144.24.0/22
194.11.255.0/24
194.13.1.0/24
194.13.64.0/24
194.13.67.0/24
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a05:46c0::/29
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
46:99:08:4a:db:98:a7:61:97:db:a4:2d:18:c1:5a:fd:ea:07:
6b:53:29:f3:7b:58:14:9f:1b:2b:87:ee:2e:d8:79:9a:21:9d:
1d:83:75:15:8f:9f:bc:45:55:3d:09:f9:e6:f3:7f:1c:02:d6:
4b:81:fb:6b:d5:56:36:aa:d6:61:ed:bd:bc:f2:9b:0c:50:b9:
e6:f5:35:17:7a:87:6f:4a:94:8f:d2:6f:7c:6c:f5:db:cb:89:
3c:45:8a:86:da:5b:2e:9d:01:ee:89:dc:26:b8:3e:50:9b:38:
2e:05:d2:b5:48:e5:ad:aa:f3:4b:83:ea:f2:9f:e4:d8:35:af:
e5:0c:3e:a0:97:86:14:da:7a:a9:ff:d0:d6:82:4f:75:1b:c3:
3d:07:48:63:c8:5a:ae:a9:ba:32:00:bb:b6:c9:a7:db:80:38:
99:df:b6:22:4b:df:f9:5b:ce:aa:70:1e:fa:72:4f:16:a5:8a:
48:62:86:21:5e:d6:ce:02:72:58:28:12:58:8e:13:a8:c4:9e:
47:da:2b:55:06:41:4c:65:0a:18:a1:39:6a:c0:a0:74:8d:83:
53:f9:7c:21:8e:84:95:41:d2:93:aa:f3:02:5f:ce:34:96:44:
d4:f2:1e:08:bd:57:4a:37:db:09:bb:10:e7:6a:23:4d:a1:d0:
a3:37:94:61
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZQoJtF0L7RSvU1ahKmmj5FbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUwMTAyMTc1MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY1MTdmZjA1MWU3MTQ1YWFjZGI5ZGQ5NTY4Y2FjYWY4MjdmY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt47yJ4UexEvyATiI6CU36DDMWdhi
t5FKlanm6NIki5h9XMURLvpJYM941PdSqnBOS3n8LlD0RbW0q9BCrkllZ9sVrzPz
vRqlNqxf5MvIejOoaVF2u/kBbSCOu6zOVjhC5lyFbOTcE5rtbo+Pf7ny80vY4DLM
jA2HkSWBqqv+8cdyy+zh1/+QmBzZgkIYhIbifrS0431Wt6PWO9vxsuLlzfnhYppk
bGenyeq8C5aRulYmwt6SKJbkp6GSmZz8LNpEC+32343vlRG0qkMCL4loux/2S9+M
tY7foCNhZr7jOU6YX0ffGbhMoc+2wpIcUc3M2z+j4up5mQ6E26V3O++YVwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFDRlF/8FHnFFqs253ZVoysr4J/y/MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvTkdVWF93VWVjVVdxemJuZGxXakt5dmduX0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBmQQCAAEwgZIDBAAF
KsgDBAItCWgDBAItVYQDBAItm+QDBAItnLwDBAMuE2gDBAFN7GIDBAFY2iADBAFZ
KNwDBAJb4yQDBAJb6mgwDAMEAF2xRQMEA12xQAMEAl+ybAMEAbkoZgMEArlJzAME
ArmQGAMEAMIL/wMEAMINAQMEAMINQAMEAMINQwMEAcJq0AMEAMMjYAMEAsOFlDAU
BAIAAjAOAwUDKgVGwAMFACoQB4AwDQYJKoZIhvcNAQELBQADggEBAEaZCErbmKdh
l9ukLRjBWv3qB2tTKfN7WBSfGyuH7i7YeZohnR2DdRWPn7xFVT0J+ebzfxwC1kuB
+2vVVjaq1mHtvbzymwxQueb1NRd6h29KlI/Sb3xs9dvLiTxFiobaWy6dAe6J3Ca4
PlCbOC4F0rVI5a2q80uD6vKf5Ng1r+UMPqCXhhTaeqn/0NaCT3Ubwz0HSGPIWq6p
ujIAu7bJp9uAOJnftiJL3/lbzqpwHvpyTxalikhihiFe1s4CclgoEliOE6jEnkfa
K1UGQUxlChihOWrAoHSNg1P5fCGOhJVB0pOq8wJfzjSWRNTyHgi9V0o32wm7EOdq
I02h0KM3lGE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:07:39 2025 by rpki-client