Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/nd7EMYxqZskNG-8RUiwICJeXwqY.roa
File: nd7EMYxqZskNG-8RUiwICJeXwqY.roa (raw, json)
Hash identifier: mY3khCwzfzEen/6QsaBVskA8rJ9h0QmksXwmEPcvkIM=
Subject key identifier: 9D:DE:C4:31:8C:6A:66:C9:0D:1B:EF:11:52:2C:08:08:97:97:C2:A6
Certificate issuer: /CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Certificate serial: 01941F8C81F94CE9DC0F5B79A56EC1005AC7
Authority key identifier: AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/nd7EMYxqZskNG-8RUiwICJeXwqY.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20825
IP address blocks: 192.109.211.0/24 maxlen: 24
192.109.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:81:f9:4c:e9:dc:0f:5b:79:a5:6e:c1:00:5a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae0a5a1b38617cc161f60613d98e179b5360c054
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ddec4318c6a66c90d1bef11522c08089797c2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:37:da:58:a6:b3:64:b6:05:9b:3e:b8:f8:
dc:7c:7f:64:5f:da:9d:32:7c:01:2b:73:5a:5b:a2:
4d:13:16:33:ee:68:99:8a:15:5e:d6:00:b6:f4:90:
75:4c:54:f7:0e:8b:7d:04:a3:9e:a2:21:43:d3:7f:
72:ea:3c:4a:12:c6:fa:cf:a6:a6:38:3c:94:62:d5:
be:88:61:50:e1:2d:2b:af:1d:d2:e6:59:78:9f:0e:
ab:b3:9a:11:5a:cb:8d:e0:54:b1:73:c7:aa:ef:29:
02:f8:37:d3:7c:02:ee:1d:bf:c0:89:61:31:97:f7:
af:ea:1f:1b:4b:c5:45:43:1b:82:8f:9b:f1:af:b5:
a1:2d:ba:59:9e:7c:3d:54:da:18:cf:d8:65:2d:10:
69:73:6c:d6:3d:23:3f:74:e7:79:9f:9c:a2:d1:cc:
a0:89:26:44:16:dc:25:39:5b:ab:4b:ca:5b:5d:e7:
d6:0b:9f:ad:28:81:6e:c1:d1:a9:77:e6:d1:e6:f8:
f8:e6:56:ff:43:f1:f2:4f:1d:14:c7:0b:53:ca:65:
4a:ba:8a:e5:5f:9f:b2:e9:aa:6b:bd:bf:1a:0c:21:
e6:9b:fa:da:66:1b:e5:fd:bd:b4:8a:7e:d8:4e:d7:
f7:1a:3e:29:b1:05:d1:64:10:4d:c4:55:8a:03:50:
a1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DE:C4:31:8C:6A:66:C9:0D:1B:EF:11:52:2C:08:08:97:97:C2:A6
X509v3 Authority Key Identifier:
keyid:AE:0A:5A:1B:38:61:7C:C1:61:F6:06:13:D9:8E:17:9B:53:60:C0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/nd7EMYxqZskNG-8RUiwICJeXwqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/31991a-bdb8-4b5b-ae5d-b29812c3e465/1/rgpaGzhhfMFh9gYT2Y4Xm1NgwFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.211.0-192.109.212.255
Signature Algorithm: sha256WithRSAEncryption
30:da:4f:6e:54:fd:d8:a8:c2:39:e6:38:52:63:7c:32:93:f2:
87:4f:58:cb:f9:a3:d2:03:bc:3f:7c:0b:b5:c8:a4:02:32:21:
2a:9b:b4:98:0d:15:43:be:9a:cd:3d:2e:73:3b:c7:f7:e3:5c:
cd:b0:8f:48:8d:9e:4e:67:f6:ac:b5:17:f9:2d:19:55:d8:03:
41:8c:9c:04:85:ba:26:e7:5c:e9:8d:fb:2b:75:65:9d:e2:d9:
91:45:24:de:a5:70:39:2d:6e:06:20:b5:d7:fc:90:a7:a4:82:
f0:de:94:2a:06:3c:d8:e8:ff:a4:fe:a6:32:86:b0:38:dc:1d:
13:6a:06:c6:93:54:87:69:58:d0:14:d6:24:aa:5d:23:0c:a8:
f9:0a:62:05:18:89:0a:b3:ed:2e:b7:67:cd:34:13:9d:bb:20:
19:76:7f:4c:fb:45:47:41:5c:72:06:68:3a:0b:4b:06:b8:8c:
e9:6c:d7:e7:e9:6d:8d:80:c3:8a:71:f7:a6:73:86:94:4e:82:
ff:f3:c3:85:d1:8f:f6:48:f0:01:f7:82:2a:75:b0:58:85:e2:
ae:5b:d1:b9:65:77:fa:a1:61:5a:bc:cd:55:5a:a6:c8:93:da:
86:db:f3:e7:75:8b:91:80:fa:3b:9b:c8:71:71:d2:33:c9:4b:
70:b3:1d:35
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQfjIH5TOncD1t5pW7BAFrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMGE1YTFiMzg2MTdjYzE2MWY2MDYxM2Q5OGUxNzliNTM2
MGMwNTQwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRlYzQzMThjNmE2NmM5MGQxYmVmMTE1MjJjMDgwODk3OTdjMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4032lims2S2BZs+uPjcfH9kX9qd
MnwBK3NaW6JNExYz7miZihVe1gC29JB1TFT3Dot9BKOeoiFD039y6jxKEsb6z6am
ODyUYtW+iGFQ4S0rrx3S5ll4nw6rs5oRWsuN4FSxc8eq7ykC+DfTfALuHb/AiWEx
l/ev6h8bS8VFQxuCj5vxr7WhLbpZnnw9VNoYz9hlLRBpc2zWPSM/dOd5n5yi0cyg
iSZEFtwlOVurS8pbXefWC5+tKIFuwdGpd+bR5vj45lb/Q/HyTx0UxwtTymVKuorl
X5+y6aprvb8aDCHmm/raZhvl/b20in7YTtf3Gj4psQXRZBBNxFWKA1ChrQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ3exDGMambJDRvvEVIsCAiXl8KmMB8GA1UdIwQY
MBaAFK4KWhs4YXzBYfYGE9mOF5tTYMBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdwYUd6aGhmTUZoOWdZVDJZNFhtMU5nd0ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zMTk5MWEtYmRiOC00YjViLWFlNWQt
YjI5ODEyYzNlNDY1LzEvbmQ3RU1ZeHFac2tORy04UlVpd0lDSmVYd3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zMTk5MWEtYmRiOC00YjViLWFlNWQtYjI5ODEyYzNlNDY1
LzEvcmdwYUd6aGhmTUZoOWdZVDJZNFhtMU5nd0ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAbdMD
BADAbdQwDQYJKoZIhvcNAQELBQADggEBADDaT25U/diowjnmOFJjfDKT8odPWMv5
o9IDvD98C7XIpAIyISqbtJgNFUO+ms09LnM7x/fjXM2wj0iNnk5n9qy1F/ktGVXY
A0GMnASFuibnXOmN+yt1ZZ3i2ZFFJN6lcDktbgYgtdf8kKekgvDelCoGPNjo/6T+
pjKGsDjcHRNqBsaTVIdpWNAU1iSqXSMMqPkKYgUYiQqz7S63Z800E527IBl2f0z7
RUdBXHIGaDoLSwa4jOls1+fpbY2Aw4px96ZzhpROgv/zw4XRj/ZI8AH3gip1sFiF
4q5b0blld/qhYVq8zVVapsiT2obb8+d1i5GA+jubyHFx0jPJS3CzHTU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:42:09 2025 by rpki-client