Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/NEq6MArjlQuQ-WIB1VyRrErjAd0.roa
File: NEq6MArjlQuQ-WIB1VyRrErjAd0.roa (raw, json)
Hash identifier: MidMhTk3ASBcuW3/c0/stqSyljlKyQu+afJNZt4dhek=
Subject key identifier: 34:4A:BA:30:0A:E3:95:0B:90:F9:62:01:D5:5C:91:AC:4A:E3:01:DD
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 019425FC6A2055AD00E2211081870B7F7F02
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/NEq6MArjlQuQ-WIB1VyRrErjAd0.roa
Signing time: Thu 02 Jan 2025 07:48:06 +0000
ROA not before: Thu 02 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207422
IP address blocks: 31.129.244.0/24 maxlen: 24
31.129.245.0/24 maxlen: 24
31.129.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:6a:20:55:ad:00:e2:21:10:81:87:0b:7f:7f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 2 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=344aba300ae3950b90f96201d55c91ac4ae301dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ab:3c:97:b7:64:8b:9d:bc:23:75:e3:59:a2:
0f:3e:24:b5:9c:8e:1c:7f:3e:c2:03:bb:c7:56:98:
90:de:79:b2:2d:a4:fa:cb:d4:92:a1:17:89:48:7a:
9c:28:ce:1b:c7:93:2a:e8:2b:31:8b:04:e0:d6:33:
7a:0c:31:6f:7f:ec:b1:d4:dc:41:73:3a:13:f0:aa:
0c:bb:d6:81:e6:35:b1:64:ef:9c:36:cd:ba:34:ee:
6c:ca:90:35:01:d3:02:86:7e:4c:af:e5:b1:1f:c1:
5b:43:d2:2f:0d:b9:ee:e6:d1:1e:af:7b:4d:ce:08:
b0:2a:aa:eb:04:6a:c7:02:f4:1a:7f:2e:8f:20:8d:
9d:80:44:f6:a0:0a:c5:a2:38:2b:53:43:37:ae:61:
a6:c1:27:22:e3:bd:39:9c:73:c5:c1:22:14:f0:75:
e8:62:30:18:6e:78:55:07:65:49:e9:8b:c7:88:13:
12:f3:93:ec:6a:a8:ff:7c:03:6a:52:69:76:18:09:
c3:3a:fa:ad:c5:ba:7f:8d:b0:32:62:e9:90:9d:13:
f7:2f:dc:9a:ce:28:aa:6c:3a:f4:5f:65:74:0e:94:
76:1c:11:56:98:a0:5b:56:92:6f:8c:b2:ca:9b:68:
1a:d2:67:34:dd:5a:f7:91:b9:25:b8:8e:05:95:b6:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4A:BA:30:0A:E3:95:0B:90:F9:62:01:D5:5C:91:AC:4A:E3:01:DD
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/NEq6MArjlQuQ-WIB1VyRrErjAd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.244.0-31.129.246.255
Signature Algorithm: sha256WithRSAEncryption
6d:a6:ae:83:40:67:de:fd:67:dc:fb:b0:49:e4:a1:02:20:36:
79:a0:05:28:3d:3a:1f:54:3c:c8:35:39:22:a3:ed:04:c5:58:
c5:36:5e:e6:2e:e8:e2:12:41:ef:00:94:45:35:cc:ca:7c:ff:
af:40:61:11:b6:0a:29:79:db:43:82:e8:86:6a:11:36:e8:8e:
72:6d:a0:5f:43:7a:64:19:70:25:93:2d:f4:42:33:6e:5f:1e:
69:c5:b2:c0:d7:af:07:5a:da:f4:42:61:d9:9e:8e:99:29:01:
1a:bf:49:9b:ec:62:fd:3e:59:3f:82:2f:9a:4e:7f:6f:ec:f7:
49:fd:14:9e:75:af:04:19:18:85:b6:10:35:7f:db:59:ec:59:
4b:5c:37:c5:44:fa:8f:48:52:8d:78:91:1e:82:bb:16:d3:57:
df:dd:e0:b4:f3:fb:a0:4c:7a:d3:4f:c2:1e:ef:25:20:9f:3c:
46:ec:e0:21:00:50:e2:fe:de:44:3e:d5:da:a9:bd:c8:32:cc:
48:dc:57:ae:e0:31:c6:ce:91:2b:55:c1:b8:ee:54:d4:d2:ea:
e5:b4:39:be:49:29:db:01:b2:74:fe:e5:c4:a5:7f:17:db:18:
a0:d3:ef:28:c7:bb:1e:6e:b4:90:b9:0e:cc:ab:62:18:df:e5:
0d:b5:31:45
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/GogVa0A4iEQgYcLf38CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjUwMTAyMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDRhYmEzMDBhZTM5NTBiOTBmOTYyMDFkNTVjOTFhYzRhZTMwMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKs8l7dki528I3XjWaIPPiS1nI4c
fz7CA7vHVpiQ3nmyLaT6y9SSoReJSHqcKM4bx5Mq6CsxiwTg1jN6DDFvf+yx1NxB
czoT8KoMu9aB5jWxZO+cNs26NO5sypA1AdMChn5Mr+WxH8FbQ9IvDbnu5tEer3tN
zgiwKqrrBGrHAvQafy6PII2dgET2oArFojgrU0M3rmGmwSci4705nHPFwSIU8HXo
YjAYbnhVB2VJ6YvHiBMS85Psaqj/fANqUml2GAnDOvqtxbp/jbAyYumQnRP3L9ya
ziiqbDr0X2V0DpR2HBFWmKBbVpJvjLLKm2ga0mc03Vr3kbkluI4FlbbzGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDRKujAK45ULkPliAdVckaxK4wHdMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvTkVxNk1BcmpsUXVRLVdJQjFWeVJyRXJqQWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIfgfQD
BAAfgfYwDQYJKoZIhvcNAQELBQADggEBAG2mroNAZ979Z9z7sEnkoQIgNnmgBSg9
Oh9UPMg1OSKj7QTFWMU2XuYu6OISQe8AlEU1zMp8/69AYRG2Cil520OC6IZqETbo
jnJtoF9DemQZcCWTLfRCM25fHmnFssDXrwda2vRCYdmejpkpARq/SZvsYv0+WT+C
L5pOf2/s90n9FJ51rwQZGIW2EDV/21nsWUtcN8VE+o9IUo14kR6CuxbTV9/d4LTz
+6BMetNPwh7vJSCfPEbs4CEAUOL+3kQ+1dqpvcgyzEjcV67gMcbOkStVwbjuVNTS
6uW0Ob5JKdsBsnT+5cSlfxfbGKDT7yjHux5utJC5DsyrYhjf5Q21MUU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:09 2025 by rpki-client