Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/nc7DP5U-Jl22CsJJw2phARU5j0c.roa
File: nc7DP5U-Jl22CsJJw2phARU5j0c.roa (raw, json)
Hash identifier: rdcrf8/30vk8VHZdwnISLBUlsokPeOe7cBYMpoPH+B8=
Subject key identifier: 9D:CE:C3:3F:95:3E:26:5D:B6:0A:C2:49:C3:6A:61:01:15:39:8F:47
Certificate issuer: /CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Certificate serial: 0194274776B6F9B7CB99C6AB93433F220D9A
Authority key identifier: AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/nc7DP5U-Jl22CsJJw2phARU5j0c.roa
Signing time: Thu 02 Jan 2025 13:49:42 +0000
ROA not before: Thu 02 Jan 2025 13:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59521
IP address blocks: 45.115.108.0/22 maxlen: 22
45.149.52.0/24 maxlen: 24
103.55.100.0/22 maxlen: 22
103.57.40.0/22 maxlen: 22
195.72.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:76:b6:f9:b7:cb:99:c6:ab:93:43:3f:22:0d:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Validity
Not Before: Jan 2 13:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcec33f953e265db60ac249c36a610115398f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:8f:a8:da:7b:e6:46:95:fc:3c:3c:81:b6:
17:2a:76:c0:d5:b4:1c:5a:8b:f5:2a:9b:31:f8:d6:
b6:dd:ea:09:d8:43:ba:a0:e5:ee:57:9b:ef:15:34:
3d:f9:45:da:55:f4:59:05:ca:d1:61:be:9a:29:23:
1a:dd:d2:4b:82:cc:21:d6:75:50:58:1e:6a:94:81:
a6:ce:99:4b:80:88:de:4d:ac:47:de:be:a2:4a:1a:
49:14:e0:6a:83:2e:58:41:4b:84:d0:f7:9d:46:e5:
aa:3b:7e:10:b3:e1:30:92:fe:a8:11:12:2b:e7:83:
f5:71:2c:88:b3:0e:c7:93:31:49:ac:15:53:5c:fc:
d7:46:55:fc:05:22:70:d1:03:36:fc:f6:8e:c1:77:
00:34:4c:32:44:d7:91:19:59:ec:73:1e:ff:92:c7:
88:b5:b7:57:83:6c:c8:0b:fd:83:37:8d:4e:8b:e3:
68:b2:23:fc:c4:44:5a:80:5e:18:78:ce:36:82:34:
0b:83:6b:8b:21:bf:5d:45:75:a1:b0:26:74:bb:e7:
38:80:d1:99:a8:7f:48:28:06:f4:79:50:a9:09:0d:
15:a4:ac:ce:a7:69:90:35:4f:64:bc:69:35:ab:05:
61:2b:30:99:01:5d:2f:29:8e:3d:2b:fa:d8:ff:ae:
ea:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CE:C3:3F:95:3E:26:5D:B6:0A:C2:49:C3:6A:61:01:15:39:8F:47
X509v3 Authority Key Identifier:
keyid:AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/nc7DP5U-Jl22CsJJw2phARU5j0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.115.108.0/22
45.149.52.0/24
103.55.100.0/22
103.57.40.0/22
195.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:26:2f:73:53:b1:2a:1e:27:a4:b6:b6:73:93:64:ba:7c:8f:
a1:be:a1:23:29:9c:a3:5f:9a:00:86:d6:85:d6:37:3a:0d:b5:
ba:89:e9:44:07:3c:cf:20:80:74:4e:64:f1:34:c2:85:c0:df:
37:89:b2:f4:36:e4:c4:12:33:cb:ad:44:24:c9:e6:a6:24:30:
0a:df:34:88:93:51:b7:1b:cf:80:e3:cb:c7:a5:81:62:7d:1f:
4b:cd:6a:ae:18:0b:e6:7b:91:40:51:83:0f:a9:f0:5f:c7:61:
38:94:44:a5:07:e3:8a:72:4b:4c:32:66:1e:38:aa:2d:1d:ba:
d4:dc:0a:52:bd:68:f2:08:5e:5e:ce:cc:c9:a2:a3:8f:7c:0d:
50:ff:10:41:27:58:a6:cd:94:53:37:f0:d4:42:1b:aa:41:fe:
02:7e:d4:a9:73:b6:6b:55:31:c6:ff:e6:00:c0:e2:9b:5a:3f:
4b:d6:f7:ef:15:10:2b:b9:d4:13:88:4d:f5:a3:c7:c7:71:eb:
70:0f:ee:2a:2a:ff:0a:ad:c9:98:de:b3:b5:0d:33:7b:25:21:
d8:62:6e:d0:cd:bf:63:b2:71:1e:1e:96:35:1d:3c:bf:77:f2:
90:f8:21:da:35:93:1d:2c:64:aa:8d:76:aa:ce:31:1e:75:61:
6b:25:b0:fe
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR3a2+bfLmcark0M/Ig2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzY3MDY5OGNmYWVmMjY0N2ZiYzlhMDZmNzM4MDg1NmUy
YjMwMjcwHhcNMjUwMTAyMTM0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNlYzMzZjk1M2UyNjVkYjYwYWMyNDljMzZhNjEwMTE1Mzk4ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm6PqNp75kaV/Dw8gbYXKnbA1bQc
Wov1Kpsx+Na23eoJ2EO6oOXuV5vvFTQ9+UXaVfRZBcrRYb6aKSMa3dJLgswh1nVQ
WB5qlIGmzplLgIjeTaxH3r6iShpJFOBqgy5YQUuE0PedRuWqO34Qs+Ewkv6oERIr
54P1cSyIsw7HkzFJrBVTXPzXRlX8BSJw0QM2/PaOwXcANEwyRNeRGVnscx7/kseI
tbdXg2zIC/2DN41Oi+NosiP8xERagF4YeM42gjQLg2uLIb9dRXWhsCZ0u+c4gNGZ
qH9IKAb0eVCpCQ0VpKzOp2mQNU9kvGk1qwVhKzCZAV0vKY49K/rY/67qlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ3Owz+VPiZdtgrCScNqYQEVOY9HMB8GA1UdIwQY
MBaAFKx2cGmM+u8mR/vJoG9zgIVuKzAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYt
OWUwNDQwOTJiODI2LzEvbmM3RFA1VS1KbDIyQ3NKSncycGhBUlU1ajBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYtOWUwNDQwOTJiODI2
LzEvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLXNsAwQA
LZU0AwQCZzdkAwQCZzkoAwQCw0h8MA0GCSqGSIb3DQEBCwUAA4IBAQClJi9zU7Eq
HiektrZzk2S6fI+hvqEjKZyjX5oAhtaF1jc6DbW6ielEBzzPIIB0TmTxNMKFwN83
ibL0NuTEEjPLrUQkyeamJDAK3zSIk1G3G8+A48vHpYFifR9LzWquGAvme5FAUYMP
qfBfx2E4lESlB+OKcktMMmYeOKotHbrU3ApSvWjyCF5ezszJoqOPfA1Q/xBBJ1im
zZRTN/DUQhuqQf4CftSpc7ZrVTHG/+YAwOKbWj9L1vfvFRArudQTiE31o8fHcetw
D+4qKv8KrcmY3rO1DTN7JSHYYm7Qzb9jsnEeHpY1HTy/d/KQ+CHaNZMdLGSqjXaq
zjEedWFrJbD+
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:28:34 2025 by rpki-client