Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/NSiBzROOhgmJ9ypJm8Za0IGQ3F0.roa
File: NSiBzROOhgmJ9ypJm8Za0IGQ3F0.roa (raw, json)
Hash identifier: o2v8vxJ4hYMUAZbmBnTv+Psah74MuG6cFMK+pUBuCMg=
Subject key identifier: 35:28:81:CD:13:8E:86:09:89:F7:2A:49:9B:C6:5A:D0:81:90:DC:5D
Certificate issuer: /CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Certificate serial: 019424B3CC45D41BC1B8197F686EFC306886
Authority key identifier: 49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/NSiBzROOhgmJ9ypJm8Za0IGQ3F0.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56676
IP address blocks: 31.130.120.0/21 maxlen: 21
91.237.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cc:45:d4:1b:c1:b8:19:7f:68:6e:fc:30:68:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=352881cd138e860989f72a499bc65ad08190dc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:42:7d:a7:9f:91:0f:20:9b:51:d1:e5:06:
32:65:03:62:77:f2:81:09:0c:03:a4:be:72:13:43:
20:cc:ac:56:f4:cd:68:95:02:75:e1:49:ca:ca:2f:
c1:1c:17:34:a4:b2:a1:8f:ba:a2:4e:69:ce:4f:53:
42:f4:86:57:cd:5c:be:b6:aa:90:44:aa:1a:1d:e2:
6d:0a:0d:05:72:09:e3:06:a2:10:8d:34:2d:03:5c:
bb:52:d3:75:a4:41:9f:83:ce:34:99:68:9e:9e:8e:
87:53:82:48:6a:15:c8:91:e7:f0:3c:b7:17:51:10:
5a:ca:c8:36:5d:00:70:5e:63:83:f2:6b:66:82:2d:
f3:cf:a6:91:3f:24:40:71:c0:e0:0b:3c:72:a2:f9:
81:cb:58:af:66:d7:7c:de:6a:67:0b:ec:4f:6d:4f:
be:4a:e0:75:19:42:3a:92:6d:6b:2c:45:0f:03:7c:
40:69:7e:e0:a1:5e:d8:96:ca:7a:51:e5:ed:3f:cc:
73:ec:27:24:cf:a6:8f:84:f1:17:ad:10:ed:03:2b:
48:fc:14:2b:7f:79:b7:3c:e3:6c:83:c9:b6:46:2f:
04:5b:8a:bd:a3:2b:b8:aa:bd:44:04:e3:a4:cb:92:
71:b3:41:3a:b7:30:62:dd:09:2b:ad:e0:de:c2:d7:
14:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:28:81:CD:13:8E:86:09:89:F7:2A:49:9B:C6:5A:D0:81:90:DC:5D
X509v3 Authority Key Identifier:
keyid:49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/NSiBzROOhgmJ9ypJm8Za0IGQ3F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.120.0/21
91.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:92:37:d1:94:02:e1:e5:c8:04:28:d5:99:8e:1e:2d:51:67:
75:0a:46:0b:c7:ef:8f:13:28:83:81:a2:8a:5d:80:08:e0:81:
fe:8e:be:f9:f0:0f:44:5f:4e:f2:0b:ac:05:05:2d:f4:cf:4c:
ab:d2:0c:a8:32:4a:56:97:25:b7:ae:57:87:7c:f3:a9:94:66:
e8:c0:d6:41:0e:51:55:cb:64:06:7b:4f:05:07:ea:e1:41:b7:
b3:85:27:10:05:44:f7:8f:07:d9:a5:5c:a7:7e:96:bb:bd:5f:
a2:13:bc:01:9a:8e:14:ff:67:f3:53:d3:ed:c7:0f:82:db:44:
0b:ed:f2:42:89:7e:bc:49:d0:01:46:88:09:db:1b:ae:1a:dc:
98:8b:c1:e9:a5:01:9b:af:3f:ca:4c:dd:1a:77:e5:39:5d:03:
be:18:ea:87:67:a1:75:6b:24:40:1d:d0:65:0f:5a:7a:1d:a0:
72:15:67:7a:48:aa:bf:11:1c:dc:d0:54:df:ec:a5:1b:55:d9:
40:21:50:86:40:f7:6d:4b:94:c1:1f:23:38:2b:d0:77:43:03:
11:00:8e:80:c0:b5:92:63:33:f7:e2:c3:99:aa:c3:0a:8f:40:
64:fb:d0:ea:df:e1:29:91:47:24:90:bd:20:37:10:58:57:ac:
dd:ec:d9:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks8xF1BvBuBl/aG78MGiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Y2Q5ZWM4ZTUzZjhmYzJhMzVlOTFiNzcwMTRmNmE3M2Q4
YjViM2QwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI4ODFjZDEzOGU4NjA5ODlmNzJhNDk5YmM2NWFkMDgxOTBkYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNNCfaefkQ8gm1HR5QYyZQNid/KB
CQwDpL5yE0MgzKxW9M1olQJ14UnKyi/BHBc0pLKhj7qiTmnOT1NC9IZXzVy+tqqQ
RKoaHeJtCg0FcgnjBqIQjTQtA1y7UtN1pEGfg840mWieno6HU4JIahXIkefwPLcX
URBaysg2XQBwXmOD8mtmgi3zz6aRPyRAccDgCzxyovmBy1ivZtd83mpnC+xPbU++
SuB1GUI6km1rLEUPA3xAaX7goV7Ylsp6UeXtP8xz7Cckz6aPhPEXrRDtAytI/BQr
f3m3PONsg8m2Ri8EW4q9oyu4qr1EBOOky5Jxs0E6tzBi3QkrreDewtcUNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUogc0TjoYJifcqSZvGWtCBkNxdMB8GA1UdIwQY
MBaAFEnNnsjlP4/Co16Rt3AU9qc9i1s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2MyZXlPVV9qOEtqWHBHM2NCVDJwejJMV3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xYjU5NjEtODRhYi00MGJlLWIwZGMt
MmY2ZjlmODg4Mzc1LzEvTlNpQnpST09oZ21KOXlwSm04WmEwSUdRM0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xYjU5NjEtODRhYi00MGJlLWIwZGMtMmY2ZjlmODg4Mzc1
LzEvU2MyZXlPVV9qOEtqWHBHM2NCVDJwejJMV3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH4J4AwQA
W+3RMA0GCSqGSIb3DQEBCwUAA4IBAQA9kjfRlALh5cgEKNWZjh4tUWd1CkYLx++P
EyiDgaKKXYAI4IH+jr758A9EX07yC6wFBS30z0yr0gyoMkpWlyW3rleHfPOplGbo
wNZBDlFVy2QGe08FB+rhQbezhScQBUT3jwfZpVynfpa7vV+iE7wBmo4U/2fzU9Pt
xw+C20QL7fJCiX68SdABRogJ2xuuGtyYi8HppQGbrz/KTN0ad+U5XQO+GOqHZ6F1
ayRAHdBlD1p6HaByFWd6SKq/ERzc0FTf7KUbVdlAIVCGQPdtS5TBHyM4K9B3QwMR
AI6AwLWSYzP34sOZqsMKj0Bk+9Dq3+EpkUckkL0gNxBYV6zd7Nnp
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:32:07 2025 by rpki-client