Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/nCk1DB8WEPd0SzhUQ-srppvwKuI.roa
File: nCk1DB8WEPd0SzhUQ-srppvwKuI.roa (raw, json)
Hash identifier: jOuMntxW231rF+fpthVahPRPcptwPl5fryEWlluDMq4=
Subject key identifier: 9C:29:35:0C:1F:16:10:F7:74:4B:38:54:43:EB:2B:A6:9B:F0:2A:E2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018330ADDE144CE2D363C50C6B7712E22B66
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/nCk1DB8WEPd0SzhUQ-srppvwKuI.roa
Signing time: Mon 12 Sep 2022 07:50:44 +0000
ROA not before: Mon 12 Sep 2022 07:50:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:ad:de:14:4c:e2:d3:63:c5:0c:6b:77:12:e2:2b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 12 07:50:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c29350c1f1610f7744b385443eb2ba69bf02ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3c:2b:10:e3:94:1a:20:b5:f5:56:2c:de:48:
1e:c4:2c:58:81:06:6c:15:49:e3:a7:69:ca:fc:55:
38:18:75:86:59:6a:12:57:e3:c6:06:f8:bc:5a:59:
23:ad:3d:2b:27:47:77:db:a0:26:e2:58:1d:64:f5:
a6:0d:a4:3f:86:c1:dd:76:15:67:d3:41:2a:56:c9:
67:e8:be:2f:59:ad:24:2b:2b:48:39:e8:56:00:14:
03:9c:59:72:1f:46:6e:d5:b5:a6:36:7e:d0:bd:34:
a6:84:f0:57:cb:17:18:d4:da:cd:12:9f:7f:87:b6:
98:95:a1:c4:55:ba:77:44:33:0b:51:68:48:25:75:
d8:33:9a:d1:e8:25:f3:54:ee:e6:6d:03:52:fb:39:
6d:88:9a:1e:14:c1:3d:af:a8:46:84:16:61:d0:1f:
6d:60:45:b3:86:3b:bc:ab:04:6b:86:31:7e:8e:78:
6a:e8:eb:c6:1a:aa:74:4a:da:53:e6:f6:99:84:27:
23:d1:a6:2d:2a:14:75:52:74:5e:d7:16:e4:0c:37:
52:f4:4c:8c:2d:d4:b6:94:ce:f5:7e:85:b6:19:0b:
7b:c7:e5:84:08:65:b0:92:dd:c4:b4:9d:ab:3a:5c:
0c:51:a1:19:44:73:26:7e:21:5f:1c:65:60:94:37:
5f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:29:35:0C:1F:16:10:F7:74:4B:38:54:43:EB:2B:A6:9B:F0:2A:E2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/nCk1DB8WEPd0SzhUQ-srppvwKuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
94:3f:8f:d1:2d:9b:10:31:ab:ff:17:22:6b:4f:77:4c:1c:b0:
46:9c:15:92:fb:75:ec:81:26:d5:3d:45:2b:8a:80:72:7a:f9:
f2:f6:01:b1:38:28:ac:3c:c0:11:2b:b7:a0:0b:ef:52:16:7e:
3d:94:5e:a0:a9:19:27:e4:d4:0e:20:e9:de:90:be:43:df:0e:
5a:6f:e4:b5:0c:35:4f:84:7f:1d:ba:44:78:06:2f:85:80:2f:
f3:c7:b5:21:f9:38:91:2f:c0:e6:9d:c3:ef:fb:76:5d:fd:0b:
cb:d3:cc:82:4f:7d:ff:a5:9e:77:02:34:80:fb:dc:35:f1:02:
08:89:56:b5:81:fa:52:1e:bd:d7:3f:83:7d:0b:64:5d:c2:ac:
ea:3d:e9:c4:16:52:3d:0f:23:5c:aa:3d:50:59:a0:c7:b5:e0:
b1:3b:92:5e:ca:04:96:3c:da:c4:6e:6b:d9:82:53:22:56:13:
26:76:df:77:25:0e:4b:98:4f:46:6e:3c:37:46:1b:fa:4a:2a:
36:60:f6:f5:55:49:95:c9:46:3e:6e:8a:c6:77:32:04:2e:15:
f7:d1:16:e2:3e:5c:ce:5c:c7:be:af:42:99:d5:9a:64:da:90:
cd:e4:a0:ca:08:62:d0:d7:5a:c3:f6:59:13:52:07:06:f2:45:
f2:66:ad:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMwrd4UTOLTY8UMa3cS4itmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwOTEyMDc1MDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI5MzUwYzFmMTYxMGY3NzQ0YjM4NTQ0M2ViMmJhNjliZjAyYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDwrEOOUGiC19VYs3kgexCxYgQZs
FUnjp2nK/FU4GHWGWWoSV+PGBvi8WlkjrT0rJ0d326Am4lgdZPWmDaQ/hsHddhVn
00EqVsln6L4vWa0kKytIOehWABQDnFlyH0Zu1bWmNn7QvTSmhPBXyxcY1NrNEp9/
h7aYlaHEVbp3RDMLUWhIJXXYM5rR6CXzVO7mbQNS+zltiJoeFME9r6hGhBZh0B9t
YEWzhju8qwRrhjF+jnhq6OvGGqp0StpT5vaZhCcj0aYtKhR1UnRe1xbkDDdS9EyM
LdS2lM71foW2GQt7x+WECGWwkt3EtJ2rOlwMUaEZRHMmfiFfHGVglDdfLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJwpNQwfFhD3dEs4VEPrK6ab8CriMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvbkNrMURCOFdFUGQwU3poVVEtc3JwcHZ3S3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQCUP4/RLZsQMav/FyJrT3dMHLBGnBWS+3Xs
gSbVPUUrioByevny9gGxOCisPMARK7egC+9SFn49lF6gqRkn5NQOIOnekL5D3w5a
b+S1DDVPhH8dukR4Bi+FgC/zx7Uh+TiRL8DmncPv+3Zd/QvL08yCT33/pZ53AjSA
+9w18QIIiVa1gfpSHr3XP4N9C2RdwqzqPenEFlI9DyNcqj1QWaDHteCxO5JeygSW
PNrEbmvZglMiVhMmdt93JQ5LmE9Gbjw3Rhv6Sio2YPb1VUmVyUY+borGdzIELhX3
0RbiPlzOXMe+r0KZ1Zpk2pDN5KDKCGLQ11rD9lkTUgcG8kXyZq3S
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:23 2025 by rpki-client