Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NCHltXfytT0MYR3AX8IpGvfs0qM.roa
File: NCHltXfytT0MYR3AX8IpGvfs0qM.roa (raw, json)
Hash identifier: N4UF5JyXYPzw26UIgX+P26h1A8t0mAUDObbN4SaunnY=
Subject key identifier: 34:21:E5:B5:77:F2:B5:3D:0C:61:1D:C0:5F:C2:29:1A:F7:EC:D2:A3
Certificate issuer: /CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Certificate serial: 019424B3AD7D0EFF218E2DEDE04EAAE4B0DD
Authority key identifier: 35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NCHltXfytT0MYR3AX8IpGvfs0qM.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207459
IP address blocks: 46.31.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ad:7d:0e:ff:21:8e:2d:ed:e0:4e:aa:e4:b0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3421e5b577f2b53d0c611dc05fc2291af7ecd2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:de:45:6a:a7:a9:58:9b:d0:50:72:e8:f2:89:
15:ec:a3:f3:6c:e1:ff:30:d4:fb:77:53:33:1a:db:
20:25:3b:d4:4d:b6:0d:ee:cd:71:a9:f8:3f:ee:3b:
e3:de:1d:ca:0f:e2:66:08:04:68:6c:56:37:e9:6d:
c7:f6:91:c1:8a:5a:1b:97:aa:58:aa:55:6b:d5:40:
61:0a:38:79:5a:07:90:b8:6b:34:0b:cf:97:c0:88:
55:ff:04:34:6d:08:a9:98:67:4e:4e:a9:1a:fa:29:
7a:43:3c:f2:ba:07:cd:54:90:1d:cd:82:58:36:c6:
62:32:5d:a6:c5:8e:32:17:9e:73:93:4c:5b:8c:40:
2d:55:b8:de:6a:99:15:b7:ba:3a:d0:54:d3:ec:8e:
1a:61:49:40:f2:10:da:b2:30:5a:1d:16:3d:49:ea:
a0:4a:b8:09:3e:8a:aa:73:1b:34:55:e1:cb:3e:c2:
93:90:55:21:61:71:91:3e:35:b8:bb:b2:61:12:e5:
98:97:e2:36:05:1f:f8:db:b1:38:91:43:f0:26:e8:
85:cd:0d:cd:72:c4:b6:db:15:3f:f6:f9:25:5b:9d:
a7:36:9d:ac:e8:de:35:3a:8c:a8:61:42:f5:e2:29:
52:75:77:97:fa:6a:47:56:98:82:0f:8b:33:87:c7:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:21:E5:B5:77:F2:B5:3D:0C:61:1D:C0:5F:C2:29:1A:F7:EC:D2:A3
X509v3 Authority Key Identifier:
keyid:35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NCHltXfytT0MYR3AX8IpGvfs0qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.78.0/24
Signature Algorithm: sha256WithRSAEncryption
48:0c:a2:cc:76:c1:21:42:80:97:ff:f8:0c:52:1c:e8:23:98:
70:c5:f8:4e:92:4d:cc:98:66:88:a8:0c:74:b6:08:c3:af:97:
5e:42:20:bd:1a:f3:ee:0a:d4:92:60:b1:ce:ed:79:5b:7c:02:
4a:4a:59:e6:d0:23:b0:c1:ad:9d:92:9d:ee:8c:a8:6b:52:4d:
25:f1:77:75:b7:85:c4:fb:c3:88:1b:3b:d6:2c:c2:ea:f6:ec:
4c:08:f0:00:65:c4:e9:1a:72:b6:95:c3:b3:88:48:c7:e5:84:
56:82:14:bc:98:32:50:4e:e6:23:1e:1c:d7:ab:2a:3d:2b:75:
43:23:0e:c3:89:b9:36:74:33:c5:fd:32:72:99:20:0d:ec:d9:
a1:71:f7:b8:b5:44:dd:db:9f:c0:db:55:8f:52:35:05:b1:b9:
b6:69:94:94:94:9a:96:58:51:3c:e7:f2:83:e4:67:3a:da:a4:
67:ad:a9:26:e0:0f:74:ca:e1:41:75:8b:72:1a:2c:14:78:12:
c1:75:5b:11:e4:31:58:1a:92:fb:30:81:ba:9f:0e:df:a0:fe:
28:98:3c:af:ef:04:64:bb:73:f5:34:49:6e:0d:62:b1:6d:c6:
53:ee:9a:51:f0:1e:dc:39:68:51:05:06:55:8f:34:ae:66:e5:
3b:10:b2:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks619Dv8hji3t4E6q5LDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NTZlN2ZiNTc3MmY5NzllZGQ1ZTVjNWFhNjNlYjJiOWMw
ZGRjOGUwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIxZTViNTc3ZjJiNTNkMGM2MTFkYzA1ZmMyMjkxYWY3ZWNkMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN5FaqepWJvQUHLo8okV7KPzbOH/
MNT7d1MzGtsgJTvUTbYN7s1xqfg/7jvj3h3KD+JmCARobFY36W3H9pHBilobl6pY
qlVr1UBhCjh5WgeQuGs0C8+XwIhV/wQ0bQipmGdOTqka+il6QzzyugfNVJAdzYJY
NsZiMl2mxY4yF55zk0xbjEAtVbjeapkVt7o60FTT7I4aYUlA8hDasjBaHRY9Seqg
SrgJPoqqcxs0VeHLPsKTkFUhYXGRPjW4u7JhEuWYl+I2BR/427E4kUPwJuiFzQ3N
csS22xU/9vklW52nNp2s6N41OoyoYUL14ilSdXeX+mpHVpiCD4szh8eaJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQh5bV38rU9DGEdwF/CKRr37NKjMB8GA1UdIwQY
MBaAFDVW5/tXcvl57dXlxapj6yucDdyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZibi0xZHktWG50MWVYRnFtUHJLNXdOM0k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kY2ZhMmEtNzZmNy00NDQzLWE0OTUt
NmJiMzBhODczMGVkLzEvTkNIbHRYZnl0VDBNWVIzQVg4SXBHdmZzMHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kY2ZhMmEtNzZmNy00NDQzLWE0OTUtNmJiMzBhODczMGVk
LzEvTlZibi0xZHktWG50MWVYRnFtUHJLNXdOM0k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh9OMA0G
CSqGSIb3DQEBCwUAA4IBAQBIDKLMdsEhQoCX//gMUhzoI5hwxfhOkk3MmGaIqAx0
tgjDr5deQiC9GvPuCtSSYLHO7XlbfAJKSlnm0COwwa2dkp3ujKhrUk0l8Xd1t4XE
+8OIGzvWLMLq9uxMCPAAZcTpGnK2lcOziEjH5YRWghS8mDJQTuYjHhzXqyo9K3VD
Iw7Dibk2dDPF/TJymSAN7Nmhcfe4tUTd25/A21WPUjUFsbm2aZSUlJqWWFE85/KD
5Gc62qRnrakm4A90yuFBdYtyGiwUeBLBdVsR5DFYGpL7MIG6nw7foP4omDyv7wRk
u3P1NEluDWKxbcZT7ppR8B7cOWhRBQZVjzSuZuU7ELLI
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:26:45 2025 by rpki-client