Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/nFmg1ZbaugFoP4r46DmMM1bx6Dk.roa
File: nFmg1ZbaugFoP4r46DmMM1bx6Dk.roa (raw, json)
Hash identifier: 8HuaUsP5wd4g7g+IHer22eSFYfBXdh5/suZjeTrgNVc=
Subject key identifier: 9C:59:A0:D5:96:DA:BA:01:68:3F:8A:F8:E8:39:8C:33:56:F1:E8:39
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA39A57750C9DB28502D7719D022A3
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/nFmg1ZbaugFoP4r46DmMM1bx6Dk.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197071
IP address blocks: 43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:39:a5:77:50:c9:db:28:50:2d:77:19:d0:22:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c59a0d596daba01683f8af8e8398c3356f1e839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:f6:bb:57:2a:9c:eb:85:ca:dc:6d:53:3b:
b0:e2:b5:6f:33:fe:4b:e0:f2:45:50:5f:c4:90:54:
c2:d7:33:48:08:74:2c:38:62:89:a2:aa:a8:39:61:
1d:e9:73:0a:37:6d:7d:f8:ba:52:83:ed:fd:6f:9b:
fc:7c:f0:4e:26:c5:3d:fd:cb:75:7d:31:49:c6:7f:
01:b9:9d:da:4c:8a:b3:47:89:98:3f:24:e7:bc:31:
1a:d2:ff:6c:00:69:8c:74:bc:11:ea:d5:8c:e5:78:
3d:a5:5e:37:31:41:a0:99:f4:28:ef:8c:0e:7b:74:
31:3f:7f:55:a7:ec:e3:9f:1d:3e:ca:d0:80:e1:19:
0c:7e:b1:c8:03:e7:0a:09:89:db:a6:5e:f4:53:2e:
e4:43:c3:71:92:90:4d:1c:4b:09:26:2c:1b:20:df:
d9:5c:2d:42:54:9f:b3:6f:dc:c0:06:43:75:59:ac:
62:9b:75:20:8c:b3:ae:91:fc:41:16:ef:32:77:f9:
b4:9f:d3:dd:54:b4:12:28:c5:8f:72:cc:2a:eb:6c:
f6:74:c1:59:10:93:e7:42:ce:42:78:43:7b:88:9d:
58:67:22:20:db:b0:d0:5c:fe:93:a4:8a:19:81:45:
42:5a:ec:e0:cd:53:45:a7:02:28:2e:66:11:f9:64:
de:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:59:A0:D5:96:DA:BA:01:68:3F:8A:F8:E8:39:8C:33:56:F1:E8:39
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/nFmg1ZbaugFoP4r46DmMM1bx6Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
94:fb:2f:1b:08:04:07:4a:9d:c4:ea:63:e1:29:fb:be:e9:2c:
71:3b:2d:e3:81:22:eb:92:24:10:31:ea:99:61:b5:76:fd:2d:
ab:19:d6:5f:9b:bb:0b:79:71:1c:fd:c9:1f:0b:fe:f1:12:e9:
97:b4:e7:9c:86:5b:32:b1:14:f6:cf:c0:cb:ad:cb:3d:d4:17:
fc:8e:a1:82:d6:b8:03:7d:3b:e5:46:25:bc:50:f7:9a:97:8f:
ec:fd:6b:81:ef:e5:30:39:56:49:8d:9c:aa:69:f7:65:2c:77:
c8:4f:78:61:ec:21:f1:5d:90:81:8a:8c:a3:a2:91:08:17:58:
6f:f7:f7:cd:47:55:9b:4a:83:37:13:7f:dc:5f:67:bd:83:e6:
89:d8:91:7a:66:dd:78:ab:11:11:a2:99:ad:9b:db:15:46:fd:
03:c6:b4:39:1e:73:b6:09:bb:f0:88:a7:c8:09:0e:06:e4:14:
07:64:47:58:87:27:5e:2d:3a:1e:67:ef:d6:3e:d1:d6:e0:a6:
77:5a:2f:31:90:0c:c1:dd:75:d3:7a:ab:12:80:e8:f9:d9:e9:
6a:02:ae:7b:33:74:a7:93:8b:f1:f3:1a:4c:84:63:30:29:a0:
af:60:fe:2d:c6:a0:66:73:e0:87:83:89:e4:d4:bc:75:c2:50:
a7:7d:b8:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jmld1DJ2yhQLXcZ0CKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU5YTBkNTk2ZGFiYTAxNjgzZjhhZjhlODM5OGMzMzU2ZjFlODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNj2u1cqnOuFytxtUzuw4rVvM/5L
4PJFUF/EkFTC1zNICHQsOGKJoqqoOWEd6XMKN219+LpSg+39b5v8fPBOJsU9/ct1
fTFJxn8BuZ3aTIqzR4mYPyTnvDEa0v9sAGmMdLwR6tWM5Xg9pV43MUGgmfQo74wO
e3QxP39Vp+zjnx0+ytCA4RkMfrHIA+cKCYnbpl70Uy7kQ8NxkpBNHEsJJiwbIN/Z
XC1CVJ+zb9zABkN1Waxim3UgjLOukfxBFu8yd/m0n9PdVLQSKMWPcswq62z2dMFZ
EJPnQs5CeEN7iJ1YZyIg27DQXP6TpIoZgUVCWuzgzVNFpwIoLmYR+WTerQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxZoNWW2roBaD+K+Og5jDNW8eg5MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvbkZtZzFaYmF1Z0ZvUDRyNDZEbU1NMWJ4NkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBK/uiMA0G
CSqGSIb3DQEBCwUAA4IBAQCU+y8bCAQHSp3E6mPhKfu+6SxxOy3jgSLrkiQQMeqZ
YbV2/S2rGdZfm7sLeXEc/ckfC/7xEumXtOechlsysRT2z8DLrcs91Bf8jqGC1rgD
fTvlRiW8UPeal4/s/WuB7+UwOVZJjZyqafdlLHfIT3hh7CHxXZCBioyjopEIF1hv
9/fNR1WbSoM3E3/cX2e9g+aJ2JF6Zt14qxERopmtm9sVRv0DxrQ5HnO2CbvwiKfI
CQ4G5BQHZEdYhydeLToeZ+/WPtHW4KZ3Wi8xkAzB3XXTeqsSgOj52elqAq57M3Sn
k4vx8xpMhGMwKaCvYP4txqBmc+CHg4nk1Lx1wlCnfbiF
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:01:55 2025 by rpki-client