Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/nKTKSfFOBmdMjN18InpiGpaYTZk.roa
File: nKTKSfFOBmdMjN18InpiGpaYTZk.roa (raw, json)
Hash identifier: iJbXbq01HqfjGCHZgrThIX4Q7/LbiTlytoQgzEpS2J4=
Subject key identifier: 9C:A4:CA:49:F1:4E:06:67:4C:8C:DD:7C:22:7A:62:1A:96:98:4D:99
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019427B3DB4079CA7CCF11FEF7F1C7C38FEC
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/nKTKSfFOBmdMjN18InpiGpaYTZk.roa
Signing time: Thu 02 Jan 2025 15:48:06 +0000
ROA not before: Thu 02 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132399
IP address blocks: 57.191.64.0/22 maxlen: 24
57.191.95.0/24 maxlen: 24
57.191.96.0/19 maxlen: 24
57.191.160.0/19 maxlen: 24
57.250.49.0/24 maxlen: 24
57.250.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:db:40:79:ca:7c:cf:11:fe:f7:f1:c7:c3:8f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ca4ca49f14e06674c8cdd7c227a621a96984d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d3:43:f9:5c:5e:05:8c:83:8e:b7:ff:63:6b:
d5:06:50:53:ec:6b:8c:c5:a8:da:b5:2e:03:4e:1b:
89:e8:d3:96:12:62:81:a8:de:ab:b7:93:01:0b:f2:
ad:11:3b:35:88:12:5f:a7:49:c6:86:f7:d2:20:8b:
19:cc:5c:3e:96:83:32:6b:42:58:df:9c:6c:83:a3:
5f:99:dc:1b:6c:63:96:ac:7a:f5:6e:8f:8b:52:1b:
38:cf:87:28:74:ca:be:84:ba:58:66:25:13:8b:c8:
43:98:49:41:e2:11:57:46:83:59:8e:a6:45:ee:e4:
16:11:66:11:ab:03:cb:51:50:ff:ce:45:56:dd:c7:
95:d3:44:a3:d6:af:0e:6c:71:30:22:39:8b:ea:94:
a4:78:54:63:f7:68:fb:79:e5:df:59:1c:26:a5:b6:
c7:ef:f5:b6:22:b4:4c:9a:fd:ff:d8:06:ad:ae:81:
3d:fa:29:20:38:68:71:ec:8d:d2:d5:20:60:62:27:
75:f6:a9:8f:6b:ce:e4:7f:77:c2:32:b3:55:38:8d:
a9:fc:5d:ae:64:c5:07:8f:8b:67:c4:c0:5b:c1:57:
d7:4a:88:0d:1b:7a:2a:30:1f:2e:2c:9d:10:f0:4f:
9d:e1:d9:b2:bf:d5:32:e5:af:7a:b7:57:10:4d:31:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A4:CA:49:F1:4E:06:67:4C:8C:DD:7C:22:7A:62:1A:96:98:4D:99
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/nKTKSfFOBmdMjN18InpiGpaYTZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.64.0/22
57.191.95.0-57.191.127.255
57.191.160.0/19
57.250.49.0/24
57.250.51.0/24
Signature Algorithm: sha256WithRSAEncryption
85:69:dc:20:f2:4c:d2:e9:43:ee:69:7b:1a:07:9c:52:59:8a:
27:7b:fe:ed:be:5e:2f:15:b7:74:17:74:70:34:07:b8:13:6e:
e0:bd:23:98:73:a0:0f:4f:56:30:a7:49:b8:33:fe:ae:ad:90:
c7:b0:72:9d:27:9f:34:0e:96:c3:40:7c:48:22:45:7a:52:c0:
db:1c:89:2c:2f:f1:86:92:7b:a7:e5:d6:6d:d9:d5:98:5b:ed:
2d:ca:f6:fe:08:aa:a5:56:37:8f:21:d8:f1:c3:c4:a0:d0:c1:
28:39:65:f3:a9:3d:e0:c8:06:b0:a8:1a:cb:76:6d:59:cb:ec:
e8:73:f5:b6:fe:fa:a6:d7:4e:df:53:34:2b:b3:da:05:45:18:
08:8a:4b:53:c8:b0:4a:54:84:fd:46:1a:3f:65:a5:47:98:65:
c7:55:12:db:bc:1a:5a:ef:6b:a4:64:ff:bc:9b:b4:08:a7:d9:
b3:02:f8:2a:47:46:8d:fd:99:ed:9b:5e:28:e9:bc:fd:7a:bc:
ed:b9:0d:5d:c6:3f:2d:12:a3:fe:11:36:f6:ff:1e:22:f9:04:
91:43:3a:6e:05:a3:a2:13:14:10:d1:62:74:e2:2c:f1:f0:a7:
1e:71:d5:60:70:1d:8d:f1:cd:5f:f6:68:71:ed:32:d2:99:ad:
8a:37:e8:6a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQns9tAecp8zxH+9/HHw4/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwMTAyMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E0Y2E0OWYxNGUwNjY3NGM4Y2RkN2MyMjdhNjIxYTk2OTg0ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdND+VxeBYyDjrf/Y2vVBlBT7GuM
xajatS4DThuJ6NOWEmKBqN6rt5MBC/KtETs1iBJfp0nGhvfSIIsZzFw+loMya0JY
35xsg6NfmdwbbGOWrHr1bo+LUhs4z4codMq+hLpYZiUTi8hDmElB4hFXRoNZjqZF
7uQWEWYRqwPLUVD/zkVW3ceV00Sj1q8ObHEwIjmL6pSkeFRj92j7eeXfWRwmpbbH
7/W2IrRMmv3/2AatroE9+ikgOGhx7I3S1SBgYid19qmPa87kf3fCMrNVOI2p/F2u
ZMUHj4tnxMBbwVfXSogNG3oqMB8uLJ0Q8E+d4dmyv9Uy5a96t1cQTTFlEQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJykyknxTgZnTIzdfCJ6YhqWmE2ZMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvbktUS1NmRk9CbWRNak4xOElucGlHcGFZVFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCOb9AMAwD
BAA5v18DBAc5vwADBAU5v6ADBAA5+jEDBAA5+jMwDQYJKoZIhvcNAQELBQADggEB
AIVp3CDyTNLpQ+5pexoHnFJZiid7/u2+Xi8Vt3QXdHA0B7gTbuC9I5hzoA9PVjCn
Sbgz/q6tkMewcp0nnzQOlsNAfEgiRXpSwNsciSwv8YaSe6fl1m3Z1Zhb7S3K9v4I
qqVWN48h2PHDxKDQwSg5ZfOpPeDIBrCoGst2bVnL7Ohz9bb++qbXTt9TNCuz2gVF
GAiKS1PIsEpUhP1GGj9lpUeYZcdVEtu8Glrva6Rk/7ybtAin2bMC+CpHRo39me2b
XijpvP16vO25DV3GPy0So/4RNvb/HiL5BJFDOm4Fo6ITFBDRYnTiLPHwpx5x1WBw
HY3xzV/2aHHtMtKZrYo36Go=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:21:57 2025 by rpki-client