Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/nILRhXFhQSvsT5y40hZXXzjTrUU.roa
File: nILRhXFhQSvsT5y40hZXXzjTrUU.roa (raw, json)
Hash identifier: YVgQLotskValnuqanWV1aVIctM7RDt10Rn1L+7by7fA=
Subject key identifier: 9C:82:D1:85:71:61:41:2B:EC:4F:9C:B8:D2:16:57:5F:38:D3:AD:45
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 036C1A84
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/nILRhXFhQSvsT5y40hZXXzjTrUU.roa
Signing time: Sun 17 Apr 2022 09:52:52 +0000
ROA not before: Sun 17 Apr 2022 09:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 193.31.127.0/24 maxlen: 25
193.31.126.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.56.20.0/24 maxlen: 25
194.99.24.0/24 maxlen: 24
77.83.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
194.99.25.0/24 maxlen: 25
77.83.27.0/24 maxlen: 24
77.83.26.0/24 maxlen: 24
77.83.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57416324 (0x36c1a84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Apr 17 09:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c82d1857161412bec4f9cb8d216575f38d3ad45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ce:fb:a0:dd:f5:0a:17:bb:10:a7:14:89:69:
7d:32:af:e2:63:cb:11:73:df:3d:ca:ec:f6:29:0f:
4f:b4:9d:95:76:01:4d:c9:cb:1f:77:12:54:4d:0b:
c1:c8:b3:6a:e8:b8:96:46:a4:30:2a:23:e2:ea:79:
dd:b8:a2:49:65:f6:67:7b:87:ef:bd:f5:03:64:d6:
1c:4b:bf:22:c9:02:6e:b6:85:20:7d:97:62:e0:a6:
df:9f:1f:16:ee:24:7a:c2:f3:6a:23:62:13:d3:57:
24:85:91:92:46:59:14:fa:a6:c5:bf:37:fa:8f:b9:
5c:73:81:58:bc:91:5e:93:a9:30:f2:38:97:14:25:
73:e9:da:84:e9:e6:ad:e2:b6:88:a2:8f:cd:cb:08:
28:eb:8e:da:ac:c0:1e:14:84:b3:e0:ae:29:ad:e2:
b8:36:91:bb:c9:93:98:85:13:99:22:03:e8:39:f9:
75:41:37:75:ab:31:b5:35:44:be:7d:3c:cf:3d:c3:
a4:47:73:1f:b2:02:4d:ad:cd:b8:43:01:86:ce:e4:
25:83:b8:49:7c:24:12:2d:22:6e:62:2d:de:ea:4e:
b9:a0:94:e6:97:6b:a0:ce:84:46:6c:ff:6b:2e:ab:
21:8e:92:d5:6c:ff:41:52:af:45:6d:6f:e9:dc:fa:
9a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:82:D1:85:71:61:41:2B:EC:4F:9C:B8:D2:16:57:5F:38:D3:AD:45
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/nILRhXFhQSvsT5y40hZXXzjTrUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.24.0/22
193.31.126.0/23
193.56.20.0/24
193.151.189.0-193.151.191.255
194.99.24.0-194.99.26.255
Signature Algorithm: sha256WithRSAEncryption
b7:a6:a7:fd:cc:d5:18:4b:97:72:87:3e:d4:ee:3f:00:1c:ee:
88:b9:cf:31:89:49:0d:d5:fb:21:41:d1:1e:08:c8:3c:74:df:
2f:55:02:fe:6d:96:00:5c:bd:45:05:e3:ae:e6:10:2d:be:2f:
83:80:37:16:cc:01:25:e7:76:ae:e1:4f:40:bc:23:a7:bd:a3:
c9:e8:ec:d2:3e:1a:a0:76:b4:0d:73:ec:40:f9:85:4e:1d:3b:
00:96:f2:2b:7d:04:00:7e:3c:d5:3f:27:41:2d:cb:7e:07:8a:
8b:95:51:35:b1:98:f6:55:ab:89:28:96:ee:37:a0:1c:4e:f0:
d2:37:75:c8:89:d0:92:96:86:22:dd:27:89:aa:c4:56:fa:9d:
00:60:0a:f1:52:90:54:9c:a2:21:08:da:85:21:87:c4:84:11:
e6:f1:7a:25:a2:23:01:e1:7b:63:cc:71:7f:58:32:fc:15:dc:
65:84:f2:0c:bd:de:48:85:ac:48:e1:a1:0c:56:be:10:18:38:
41:32:a0:e8:9d:45:02:86:4c:c6:c7:90:cb:c1:78:b7:ea:cf:
9a:25:19:b1:54:2b:b0:a8:59:07:8f:6b:cd:7f:a2:b5:c4:3b:
97:9a:0f:45:5b:72:05:69:de:fb:f9:98:2b:d7:ef:eb:33:e0:
3d:7a:2a:27
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEA2wahDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTc0NzQ4MWYyYzk4ZmJiNzBkY2E4ZDY1YzIzZGU0ZmNhMzc1ODNkMB4XDTIyMDQx
NzA5NTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM4MmQxODU3MTYx
NDEyYmVjNGY5Y2I4ZDIxNjU3NWYzOGQzYWQ0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTO+6Dd9QoXuxCnFIlpfTKv4mPLEXPfPcrs9ikPT7SdlXYB
TcnLH3cSVE0Lwcizaui4lkakMCoj4up53biiSWX2Z3uH7731A2TWHEu/IskCbraF
IH2XYuCm358fFu4kesLzaiNiE9NXJIWRkkZZFPqmxb83+o+5XHOBWLyRXpOpMPI4
lxQlc+nahOnmreK2iKKPzcsIKOuO2qzAHhSEs+CuKa3iuDaRu8mTmIUTmSID6Dn5
dUE3dasxtTVEvn08zz3DpEdzH7ICTa3NuEMBhs7kJYO4SXwkEi0ibmIt3upOuaCU
5pdroM6ERmz/ay6rIY6S1Wz/QVKvRW1v6dz6msMCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBScgtGFcWFBK+xPnLjSFldfONOtRTAfBgNVHSMEGDAWgBSOdHSB8smPu3Dc
qNZcI95PyjdYPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2puUjBnZkxKajd0dzNLaldYQ1BlVDhvM1dEMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNDBkYjZiLWRhODUtNGM5ZC1hOTQ4LTY1MjFkMzk1ZjEzMi8x
L25JTFJoWEZoUVN2c1Q1eTQwaFpYWHpqVHJVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NDBkYjZiLWRhODUtNGM5ZC1hOTQ4LTY1MjFkMzk1ZjEzMi8xL2puUjBnZkxKajd0
dzNLaldYQ1BlVDhvM1dEMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEAk1TGAMEAcEffgMEAME4FDAMAwQA
wZe9AwQGwZeAMAwDBAPCYxgDBADCYxowDQYJKoZIhvcNAQELBQADggEBALemp/3M
1RhLl3KHPtTuPwAc7oi5zzGJSQ3V+yFB0R4IyDx03y9VAv5tlgBcvUUF467mEC2+
L4OANxbMASXndq7hT0C8I6e9o8no7NI+GqB2tA1z7ED5hU4dOwCW8it9BAB+PNU/
J0Ety34HiouVUTWxmPZVq4kolu43oBxO8NI3dciJ0JKWhiLdJ4mqxFb6nQBgCvFS
kFScoiEI2oUhh8SEEebxeiWiIwHhe2PMcX9YMvwV3GWE8gy93kiFrEjhoQxWvhAY
OEEyoOidRQKGTMbHkMvBeLfqz5olGbFUK7CoWQePa81/orXEO5eaD0VbcgVp3vv5
mCvX7+sz4D16Kic=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:19 2025 by rpki-client