Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/nKSKPSGamwUGtuXYr5k0x7p0jis.roa
File: nKSKPSGamwUGtuXYr5k0x7p0jis.roa (raw, json)
Hash identifier: L52HX02QcxZSDraxM+M+PiXh1tH2s3mpYCWB6GP43KE=
Subject key identifier: 9C:A4:8A:3D:21:9A:9B:05:06:B6:E5:D8:AF:99:34:C7:BA:74:8E:2B
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 0194CFF682E64BDD57F3F1A99AACDC185978
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/nKSKPSGamwUGtuXYr5k0x7p0jis.roa
Signing time: Tue 04 Feb 2025 07:57:06 +0000
ROA not before: Tue 04 Feb 2025 07:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44843
IP address blocks: 31.207.64.0/20 maxlen: 20
31.207.66.0/23 maxlen: 23
31.207.66.0/24 maxlen: 24
31.207.67.0/24 maxlen: 24
31.207.70.0/23 maxlen: 23
31.207.70.0/24 maxlen: 24
31.207.71.0/24 maxlen: 24
152.89.134.0/24 maxlen: 24
178.236.128.0/21 maxlen: 21
178.236.128.0/24 maxlen: 24
178.236.129.0/24 maxlen: 24
178.236.130.0/24 maxlen: 24
178.236.131.0/24 maxlen: 24
178.236.132.0/24 maxlen: 24
178.236.133.0/24 maxlen: 24
178.236.134.0/24 maxlen: 24
178.236.135.0/24 maxlen: 24
2a02:1710:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cf:f6:82:e6:4b:dd:57:f3:f1:a9:9a:ac:dc:18:59:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Feb 4 07:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ca48a3d219a9b0506b6e5d8af9934c7ba748e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:5f:60:c2:86:55:68:01:a5:4d:67:df:29:
a9:27:b6:7a:1c:3a:1f:90:be:ad:3a:cf:77:34:2f:
f3:5d:27:1a:7d:41:a3:73:72:25:82:1e:d2:8f:65:
c5:2c:bb:c9:f2:93:53:23:5a:a3:4a:3e:f2:14:52:
e5:23:a1:92:04:cb:b9:08:13:46:aa:39:04:17:cb:
19:e0:d3:bc:8f:10:f8:fd:db:6c:4c:b0:90:00:6a:
5f:f3:cd:db:9d:3a:22:3a:59:e2:a4:b2:a0:42:71:
26:30:93:bf:09:2b:36:f6:0e:06:fd:5c:c6:6e:18:
d9:00:89:ff:39:81:1c:39:a7:34:7e:f4:5e:3f:4e:
7c:82:85:39:71:d1:87:56:e6:f3:8c:a2:de:82:15:
50:fc:f2:01:5b:ce:59:a7:27:c8:87:f6:79:ae:af:
a6:c2:36:4b:f2:c6:a5:e3:42:59:d3:46:c9:3f:ab:
92:64:db:c4:21:ac:31:0f:37:27:31:4b:19:72:b4:
28:8a:59:8b:ad:e4:d6:24:b9:47:b8:0c:7e:04:7d:
51:d1:f2:3c:78:0f:98:63:fe:72:f0:4d:50:67:ca:
87:92:16:62:84:da:c6:59:dd:a4:04:b9:c8:5c:9f:
94:ec:68:63:16:05:a3:ac:be:34:ce:0d:fe:63:65:
eb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A4:8A:3D:21:9A:9B:05:06:B6:E5:D8:AF:99:34:C7:BA:74:8E:2B
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/nKSKPSGamwUGtuXYr5k0x7p0jis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/20
152.89.134.0/24
178.236.128.0/21
IPv6:
2a02:1710:4::/48
Signature Algorithm: sha256WithRSAEncryption
28:34:40:d1:0f:41:3f:00:8a:8d:80:d5:07:57:af:cb:08:2b:
16:08:27:b8:3b:62:53:af:13:63:92:31:f6:bf:d7:19:e9:8f:
a9:17:d7:85:90:61:a9:31:cc:df:df:31:2b:22:bb:3a:bd:37:
b1:4c:6e:94:7a:3c:be:e4:4a:2d:28:62:01:4d:57:74:8b:b4:
52:54:6d:e3:1a:14:03:bf:9d:00:0e:1f:e3:23:67:27:a1:65:
d2:63:03:31:b0:87:ac:e1:da:75:ba:fb:b9:76:7b:25:3a:b6:
46:84:5a:bc:75:b9:32:9b:45:d5:5c:21:1a:55:30:28:7c:20:
69:e9:a2:a6:02:7e:5f:7b:c1:40:79:0c:3d:ef:b2:6f:ee:5c:
9a:25:dd:8b:65:07:d8:45:7a:3c:75:76:04:95:16:5d:4a:22:
8a:21:96:2f:62:f5:9f:50:4e:00:71:a1:37:7c:20:dc:5a:53:
a4:85:2d:c9:c4:3c:50:bc:bf:06:c9:7d:92:02:16:00:22:b6:
8d:58:5a:ea:f7:00:c6:dd:94:e9:36:f3:03:a9:e8:f9:c8:83:
ab:4e:14:80:03:97:d0:3c:22:c6:94:b3:d4:52:c5:cb:89:c6:
eb:f8:69:13:ef:25:13:b6:df:2d:b3:8b:0f:e2:5b:b5:f1:b1:
07:e5:55:02
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZTP9oLmS91X8/GpmqzcGFl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjUwMjA0MDc1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E0OGEzZDIxOWE5YjA1MDZiNmU1ZDhhZjk5MzRjN2JhNzQ4ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxlfYMKGVWgBpU1n3ympJ7Z6HDof
kL6tOs93NC/zXScafUGjc3Ilgh7Sj2XFLLvJ8pNTI1qjSj7yFFLlI6GSBMu5CBNG
qjkEF8sZ4NO8jxD4/dtsTLCQAGpf883bnToiOlnipLKgQnEmMJO/CSs29g4G/VzG
bhjZAIn/OYEcOac0fvReP058goU5cdGHVubzjKLeghVQ/PIBW85ZpyfIh/Z5rq+m
wjZL8sal40JZ00bJP6uSZNvEIawxDzcnMUsZcrQoilmLreTWJLlHuAx+BH1R0fI8
eA+YY/5y8E1QZ8qHkhZihNrGWd2kBLnIXJ+U7GhjFgWjrL40zg3+Y2XrIQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJykij0hmpsFBrbl2K+ZNMe6dI4rMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvbktTS1BTR2Ftd1VHdHVYWXI1azB4N3AwamlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEH89AAwQA
mFmGAwQDsuyAMA8EAgACMAkDBwAqAhcQAAQwDQYJKoZIhvcNAQELBQADggEBACg0
QNEPQT8Aio2A1QdXr8sIKxYIJ7g7YlOvE2OSMfa/1xnpj6kX14WQYakxzN/fMSsi
uzq9N7FMbpR6PL7kSi0oYgFNV3SLtFJUbeMaFAO/nQAOH+MjZyehZdJjAzGwh6zh
2nW6+7l2eyU6tkaEWrx1uTKbRdVcIRpVMCh8IGnpoqYCfl97wUB5DD3vsm/uXJol
3YtlB9hFejx1dgSVFl1KIoohli9i9Z9QTgBxoTd8INxaU6SFLcnEPFC8vwbJfZIC
FgAito1YWur3AMbdlOk28wOp6PnIg6tOFIADl9A8IsaUs9RSxcuJxuv4aRPvJRO2
3y2ziw/iW7XxsQflVQI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:25:59 2025 by rpki-client