Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/NbFTuntqLK3OnpDZL_sj92Gqq0E.roa
File: NbFTuntqLK3OnpDZL_sj92Gqq0E.roa (raw, json)
Hash identifier: ZgW6aXGIj046OtS4UHcZ1su1UkTaUDDRw1nJ3v/s0ys=
Subject key identifier: 35:B1:53:BA:7B:6A:2C:AD:CE:9E:90:D9:2F:FB:23:F7:61:AA:AB:41
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 0194D5B12FFA560586DC01AA22B6B8CC3B75
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/NbFTuntqLK3OnpDZL_sj92Gqq0E.roa
Signing time: Wed 05 Feb 2025 10:39:06 +0000
ROA not before: Wed 05 Feb 2025 10:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 31.3.208.0/20 maxlen: 20
81.27.64.0/19 maxlen: 19
82.197.72.0/22 maxlen: 22
2001:9d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:b1:2f:fa:56:05:86:dc:01:aa:22:b6:b8:cc:3b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Feb 5 10:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35b153ba7b6a2cadce9e90d92ffb23f761aaab41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:72:f0:40:82:4c:44:19:f8:67:e8:e1:33:a2:
c4:fe:2c:fc:83:75:0b:bb:9b:6b:15:0d:90:2a:49:
c8:da:8f:b0:6a:07:00:70:a9:83:79:c8:38:55:57:
fb:ec:17:cb:03:56:0c:c7:b4:36:c6:97:c7:72:73:
ba:e0:22:2a:1f:6c:06:06:54:3e:a6:b6:28:7f:9f:
b7:88:ea:3b:bd:42:3e:cb:d0:64:76:d6:a3:57:7a:
80:e9:bd:d6:18:76:64:4d:26:aa:3d:30:ce:a8:fc:
8a:05:7f:5a:a2:65:63:1f:e5:99:b1:63:48:60:c7:
f2:b8:63:72:fc:5d:7f:e0:41:ed:ff:00:77:ad:39:
0f:78:af:cb:d3:6f:94:4d:78:bc:7e:0b:aa:38:66:
47:e3:f2:9a:e2:ea:8a:aa:11:ec:5b:fa:1e:f9:e6:
cc:8e:e6:ea:e5:ad:94:1e:ca:24:1d:a0:63:53:43:
73:d0:7e:0a:07:be:de:2a:ea:71:7c:81:96:e7:fa:
87:8f:b9:33:ec:f6:11:4b:dc:87:c9:5e:a4:d5:6d:
67:b5:bd:fa:1c:67:7c:61:fe:1e:01:10:93:a7:e2:
d9:1a:59:32:3e:a5:1e:72:d7:6c:a7:74:12:1d:28:
42:c5:4a:51:0b:4e:89:ba:f2:e6:c0:05:89:fd:bb:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B1:53:BA:7B:6A:2C:AD:CE:9E:90:D9:2F:FB:23:F7:61:AA:AB:41
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/NbFTuntqLK3OnpDZL_sj92Gqq0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/20
81.27.64.0/19
82.197.72.0/22
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
67:a5:bd:61:b0:c9:78:8b:c5:59:f2:95:1f:37:9c:96:01:8a:
a1:78:8b:17:2a:9c:60:f2:a3:b4:fd:dc:25:a6:fc:f9:58:3b:
7c:b6:e7:28:cd:c5:64:6b:7b:d3:b3:8f:8e:09:87:ca:9d:e0:
00:bb:5b:e7:a1:77:95:2f:1b:26:9a:be:26:69:24:2d:dc:4b:
8b:be:4f:0d:2d:63:fd:e9:e7:f4:34:56:88:7c:00:30:9b:fd:
86:e9:6f:ee:55:39:5e:44:ee:77:da:f8:e8:e9:c1:82:da:ee:
8d:e8:d2:0e:86:51:ff:92:2c:46:3c:ae:9f:cd:77:58:d4:82:
93:e3:af:a4:c9:fa:61:7e:62:bd:5b:fd:c2:49:3d:3c:0c:9a:
6d:48:fb:16:47:08:9d:f3:9f:e7:5a:14:db:d0:6c:53:c8:27:
36:ab:29:cd:3b:84:4d:d4:97:40:eb:e2:a6:3f:71:7d:0f:0c:
ef:2d:70:05:38:2c:54:c2:f1:4c:5f:2b:04:7c:1b:d4:0d:8b:
8d:fb:c2:f8:e4:df:8a:e1:90:03:36:9a:95:27:8a:a9:f4:96:
90:a4:0c:d9:1d:fb:18:56:66:bd:ea:34:69:ff:19:96:bd:d0:
16:04:53:d7:22:92:f4:fb:59:ab:9d:ed:1b:ac:00:09:30:e8:
36:7d:bd:c4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZTVsS/6VgWG3AGqIra4zDt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjUwMjA1MTAzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIxNTNiYTdiNmEyY2FkY2U5ZTkwZDkyZmZiMjNmNzYxYWFhYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXLwQIJMRBn4Z+jhM6LE/iz8g3UL
u5trFQ2QKknI2o+wagcAcKmDecg4VVf77BfLA1YMx7Q2xpfHcnO64CIqH2wGBlQ+
prYof5+3iOo7vUI+y9BkdtajV3qA6b3WGHZkTSaqPTDOqPyKBX9aomVjH+WZsWNI
YMfyuGNy/F1/4EHt/wB3rTkPeK/L02+UTXi8fguqOGZH4/Ka4uqKqhHsW/oe+ebM
jubq5a2UHsokHaBjU0Nz0H4KB77eKupxfIGW5/qHj7kz7PYRS9yHyV6k1W1ntb36
HGd8Yf4eARCTp+LZGlkyPqUectdsp3QSHShCxUpRC06JuvLmwAWJ/bvAjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDWxU7p7aiytzp6Q2S/7I/dhqqtBMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvTmJGVHVudHFMSzNPbnBEWkxfc2o5MkdxcTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEHwPQAwQF
URtAAwQCUsVIMA0EAgACMAcDBQAgAQnYMA0GCSqGSIb3DQEBCwUAA4IBAQBnpb1h
sMl4i8VZ8pUfN5yWAYqheIsXKpxg8qO0/dwlpvz5WDt8tucozcVka3vTs4+OCYfK
neAAu1vnoXeVLxsmmr4maSQt3EuLvk8NLWP96ef0NFaIfAAwm/2G6W/uVTleRO53
2vjo6cGC2u6N6NIOhlH/kixGPK6fzXdY1IKT46+kyfphfmK9W/3CST08DJptSPsW
Rwid85/nWhTb0GxTyCc2qynNO4RN1JdA6+KmP3F9DwzvLXAFOCxUwvFMXysEfBvU
DYuN+8L45N+K4ZADNpqVJ4qp9JaQpAzZHfsYVma96jRp/xmWvdAWBFPXIpL0+1mr
ne0brAAJMOg2fb3E
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:48 2025 by rpki-client