Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/NhnMYjAslLVa-AUlcKz__rn95zo.roa
File: NhnMYjAslLVa-AUlcKz__rn95zo.roa (raw, json)
Hash identifier: tZEX0EAU3kMvQjAQCJnIAbh87GSUNy8524Ozv2q7nvE=
Subject key identifier: 36:19:CC:62:30:2C:94:B5:5A:F8:05:25:70:AC:FF:FE:B9:FD:E7:3A
Certificate issuer: /CN=faa5ac5d22ad9078a72e136996287247e9f1e131
Certificate serial: 019422FB9496AC84B421A128D6E436031189
Authority key identifier: FA:A5:AC:5D:22:AD:90:78:A7:2E:13:69:96:28:72:47:E9:F1:E1:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qWsXSKtkHinLhNplihyR-nx4TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/NhnMYjAslLVa-AUlcKz__rn95zo.roa
Signing time: Wed 01 Jan 2025 17:48:20 +0000
ROA not before: Wed 01 Jan 2025 17:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207729
IP address blocks: 185.15.139.0/24 maxlen: 24
2a0f:cfc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:94:96:ac:84:b4:21:a1:28:d6:e4:36:03:11:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa5ac5d22ad9078a72e136996287247e9f1e131
Validity
Not Before: Jan 1 17:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3619cc62302c94b55af8052570acfffeb9fde73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:3d:8f:74:f7:cf:21:72:46:a1:fa:42:d3:
26:9f:c2:71:78:f3:88:20:02:a5:de:01:1e:5c:5e:
43:66:94:d0:e0:f1:57:60:d4:c8:59:04:76:27:e2:
c7:ab:aa:00:42:09:61:04:e4:8e:80:62:79:ef:25:
d8:74:63:0f:49:83:53:81:7c:ea:6d:27:f0:27:58:
44:c6:3d:59:a2:61:7c:4b:96:fa:9e:79:ad:fb:4c:
86:72:ca:09:f4:39:59:cd:bb:0b:d0:8f:97:40:15:
cd:ea:e7:36:79:21:1b:c3:79:dc:2f:b4:9a:89:6d:
d2:ef:fb:fc:29:ea:e2:02:b1:e7:31:03:18:d1:18:
28:3b:a5:7a:48:bd:5c:22:d2:41:a6:6b:07:bd:86:
a4:f4:b2:74:70:a0:a6:d7:e7:bd:d4:fb:9f:4b:68:
b5:07:9e:85:ac:12:70:0f:f6:b9:1b:f4:85:11:fe:
ca:ce:e5:09:82:ff:27:79:1d:69:bb:27:82:c2:9b:
36:78:30:de:cc:00:17:0f:81:11:e2:1d:57:fd:b4:
a3:55:f6:30:d7:58:fd:63:79:78:c2:91:41:af:04:
41:6b:57:ff:92:bc:0d:9b:53:de:dd:f0:b8:80:10:
bb:5d:25:7b:55:e1:04:a9:65:3f:1c:c0:e2:cd:ad:
8c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:19:CC:62:30:2C:94:B5:5A:F8:05:25:70:AC:FF:FE:B9:FD:E7:3A
X509v3 Authority Key Identifier:
keyid:FA:A5:AC:5D:22:AD:90:78:A7:2E:13:69:96:28:72:47:E9:F1:E1:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qWsXSKtkHinLhNplihyR-nx4TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/NhnMYjAslLVa-AUlcKz__rn95zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/1-qWsXSKtkHinLhNplihyR-nx4TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.139.0/24
IPv6:
2a0f:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:19:38:8b:bf:04:43:4c:90:a2:b1:d1:e8:f6:96:5b:d4:7f:
8c:64:53:e2:17:cc:7e:1d:3c:39:ce:ca:1f:07:b3:f3:2b:32:
95:c2:86:a4:f3:ca:4b:03:b5:a5:f7:24:95:d1:7c:85:c5:33:
01:75:c4:0b:81:4b:38:c3:54:d8:7a:95:4c:02:de:28:2f:44:
ef:e4:c5:93:17:a6:8d:d8:8a:14:8a:e1:3f:16:80:c3:c3:91:
ef:a6:b0:d2:3e:8c:ba:5c:e4:4b:9e:41:32:3c:aa:9f:ee:51:
08:ed:74:c9:f5:7c:3e:d3:99:68:f4:d9:27:75:40:4e:1a:9a:
e8:4a:d3:16:51:fc:eb:b2:bc:09:49:59:33:9f:b8:72:f2:56:
40:5b:2b:34:94:b0:72:eb:e3:ac:84:58:49:85:2d:4f:d0:3f:
3f:b5:71:f0:b7:c7:f0:f4:b6:ce:f1:fe:89:5c:59:86:2d:b8:
09:90:9e:ce:23:d1:3e:44:0f:cb:13:6c:13:5b:f1:6d:da:d3:
2b:85:c0:fb:98:8a:82:1f:30:ea:64:ce:b3:ad:68:d2:a3:78:
ef:c8:80:4c:97:6e:62:fa:62:db:6c:fd:08:e8:71:7e:63:3d:
4c:8e:44:8f:bd:16:5d:0b:7b:b9:c8:38:97:05:c9:93:b2:26:
bd:a1:15:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi+5SWrIS0IaEo1uQ2AxGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTVhYzVkMjJhZDkwNzhhNzJlMTM2OTk2Mjg3MjQ3ZTlm
MWUxMzEwHhcNMjUwMTAxMTc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjE5Y2M2MjMwMmM5NGI1NWFmODA1MjU3MGFjZmZmZWI5ZmRlNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR09j3T3zyFyRqH6QtMmn8JxePOI
IAKl3gEeXF5DZpTQ4PFXYNTIWQR2J+LHq6oAQglhBOSOgGJ57yXYdGMPSYNTgXzq
bSfwJ1hExj1ZomF8S5b6nnmt+0yGcsoJ9DlZzbsL0I+XQBXN6uc2eSEbw3ncL7Sa
iW3S7/v8KeriArHnMQMY0RgoO6V6SL1cItJBpmsHvYak9LJ0cKCm1+e91PufS2i1
B56FrBJwD/a5G/SFEf7KzuUJgv8neR1puyeCwps2eDDezAAXD4ER4h1X/bSjVfYw
11j9Y3l4wpFBrwRBa1f/krwNm1Pe3fC4gBC7XSV7VeEEqWU/HMDiza2MJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYZzGIwLJS1WvgFJXCs//65/ec6MB8GA1UdIwQY
MBaAFPqlrF0irZB4py4TaZYockfp8eExMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xV3NYU0t0a0hpbkxoTnBsaWh5Ui1ueDRURS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvYjU1YzA0LTZkNGEtNDk0OS1hYWE4
LTZlZTFhNzAwYjIxOS8xL05obk1ZakFzbExWYS1BVWxjS3pfX3JuOTV6by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjkvYjU1YzA0LTZkNGEtNDk0OS1hYWE4LTZlZTFhNzAwYjIx
OS8xLzEtcVdzWFNLdGtIaW5MaE5wbGloeVItbng0VEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5D4sw
DQQCAAIwBwMFACoPz8AwDQYJKoZIhvcNAQELBQADggEBAAoZOIu/BENMkKKx0ej2
llvUf4xkU+IXzH4dPDnOyh8Hs/MrMpXChqTzyksDtaX3JJXRfIXFMwF1xAuBSzjD
VNh6lUwC3igvRO/kxZMXpo3YihSK4T8WgMPDke+msNI+jLpc5EueQTI8qp/uUQjt
dMn1fD7TmWj02Sd1QE4amuhK0xZR/OuyvAlJWTOfuHLyVkBbKzSUsHLr46yEWEmF
LU/QPz+1cfC3x/D0ts7x/olcWYYtuAmQns4j0T5ED8sTbBNb8W3a0yuFwPuYioIf
MOpkzrOtaNKjeO/IgEyXbmL6Ytts/QjocX5jPUyORI+9Fl0Le7nIOJcFyZOyJr2h
FRI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:50:02 2025 by rpki-client