Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nKfdviHF3HuGu60XGTZDqiPby5s.roa
File: nKfdviHF3HuGu60XGTZDqiPby5s.roa (raw, json)
Hash identifier: ZOc3rjRQll/fn6/hsFK/qxKeFcrdND6v3karw5P7dxY=
Subject key identifier: 9C:A7:DD:BE:21:C5:DC:7B:86:BB:AD:17:19:36:43:AA:23:DB:CB:9B
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018CC2DAE678EE85FA04B24E777C77F43DF6
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nKfdviHF3HuGu60XGTZDqiPby5s.roa
Signing time: Mon 01 Jan 2024 02:29:34 +0000
ROA not before: Mon 01 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200590
IP address blocks: 193.106.98.0/24 maxlen: 24
91.231.67.0/24 maxlen: 24
91.231.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e6:78:ee:85:fa:04:b2:4e:77:7c:77:f4:3d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca7ddbe21c5dc7b86bbad17193643aa23dbcb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:76:ab:83:ce:3c:eb:97:fe:c5:0a:05:fc:0c:
81:81:1f:22:b5:ba:cf:c8:fc:70:66:67:9d:15:e6:
4b:2a:ad:e1:a7:e1:b5:c2:33:72:9c:d3:ef:bd:df:
6f:72:ec:a5:a4:06:75:b2:9f:28:52:a6:0d:58:84:
59:7c:c3:d2:03:ec:80:47:17:2a:f2:e4:12:12:2c:
eb:57:fc:db:c2:53:75:75:bb:37:3f:0c:a6:9a:64:
4a:35:d2:b0:95:4d:5f:e3:45:8b:a3:e6:bc:ad:d3:
32:b9:cd:35:86:32:2a:cb:d3:a1:16:7e:bd:f3:12:
d9:93:84:33:82:20:e8:88:4e:13:63:4e:2f:fc:ac:
18:5e:d3:43:d9:fc:b5:95:d8:63:8c:1a:c3:52:7e:
1f:2e:37:e9:fb:fb:15:da:a2:50:98:58:43:77:31:
99:5f:86:98:32:59:83:fa:c4:e0:f7:7a:b5:77:1e:
de:51:09:15:84:4b:92:76:93:c3:9b:a6:48:5e:ec:
54:01:2c:0b:ec:a7:c3:e0:e7:66:04:6e:91:ec:48:
ed:c0:c1:0c:13:f8:0c:86:42:b0:df:cf:df:1c:47:
87:b5:1b:ca:94:95:f9:2d:c4:a9:2b:1a:90:df:5b:
b3:af:37:4f:b6:db:5a:12:d0:ec:55:92:38:aa:c0:
07:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:DD:BE:21:C5:DC:7B:86:BB:AD:17:19:36:43:AA:23:DB:CB:9B
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/nKfdviHF3HuGu60XGTZDqiPby5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.66.0/23
193.106.98.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:3f:92:f8:2c:58:50:4d:aa:fa:33:71:bd:7b:a4:b3:8d:55:
d3:2f:50:de:29:94:c9:05:0a:19:fa:63:5c:c7:09:77:1d:93:
f5:92:4f:c8:7a:3b:4c:8a:ba:bd:22:d6:52:cb:f1:94:77:08:
37:07:cf:38:97:75:e5:90:92:85:35:76:1b:79:00:10:ce:75:
5d:76:e2:69:95:80:4d:05:b3:87:f3:c8:45:a7:1e:bf:75:fa:
9d:c9:80:a1:e0:81:e0:50:55:e3:50:dd:1f:b8:cd:6b:73:fe:
da:03:2a:2d:ea:95:1f:35:98:8f:6e:24:b6:2f:7b:6d:50:47:
c9:af:73:a0:ba:e1:76:52:95:ac:9d:45:07:0b:e0:60:f9:18:
40:58:cd:f8:57:2a:1a:1f:ac:31:7b:51:97:15:40:98:c3:fb:
8a:e7:a7:a8:a7:15:4c:8e:0f:89:7f:8e:21:85:3d:22:0b:a1:
64:55:dc:47:c8:2e:1e:20:c3:88:06:28:53:c0:78:1d:1d:98:
55:b3:68:4b:e0:58:60:c0:fb:2a:98:07:87:a9:4a:49:97:c1:
a9:06:ce:11:7c:27:28:ea:63:34:a3:da:ab:04:2a:d7:75:1f:
c7:4f:6d:82:27:0b:43:f2:2a:db:d9:0f:77:f3:ca:25:f0:c9:
96:1c:dd:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2uZ47oX6BLJOd3x39D32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E3ZGRiZTIxYzVkYzdiODZiYmFkMTcxOTM2NDNhYTIzZGJjYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Xarg84865f+xQoF/AyBgR8itbrP
yPxwZmedFeZLKq3hp+G1wjNynNPvvd9vcuylpAZ1sp8oUqYNWIRZfMPSA+yARxcq
8uQSEizrV/zbwlN1dbs3PwymmmRKNdKwlU1f40WLo+a8rdMyuc01hjIqy9OhFn69
8xLZk4QzgiDoiE4TY04v/KwYXtND2fy1ldhjjBrDUn4fLjfp+/sV2qJQmFhDdzGZ
X4aYMlmD+sTg93q1dx7eUQkVhEuSdpPDm6ZIXuxUASwL7KfD4OdmBG6R7EjtwMEM
E/gMhkKw38/fHEeHtRvKlJX5LcSpKxqQ31uzrzdPtttaEtDsVZI4qsAH5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyn3b4hxdx7hrutFxk2Q6oj28ubMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvbktmZHZpSEYzSHVHdTYwWEdUWkRxaVBieTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+dCAwQA
wWpiMA0GCSqGSIb3DQEBCwUAA4IBAQBdP5L4LFhQTar6M3G9e6SzjVXTL1DeKZTJ
BQoZ+mNcxwl3HZP1kk/IejtMirq9ItZSy/GUdwg3B884l3XlkJKFNXYbeQAQznVd
duJplYBNBbOH88hFpx6/dfqdyYCh4IHgUFXjUN0fuM1rc/7aAyot6pUfNZiPbiS2
L3ttUEfJr3OguuF2UpWsnUUHC+Bg+RhAWM34VyoaH6wxe1GXFUCYw/uK56eopxVM
jg+Jf44hhT0iC6FkVdxHyC4eIMOIBihTwHgdHZhVs2hL4FhgwPsqmAeHqUpJl8Gp
Bs4RfCco6mM0o9qrBCrXdR/HT22CJwtD8irb2Q9388ol8MmWHN0+
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:21 2025 by rpki-client