Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/nd70SWPZyebhrSk_OZzGovwRv-8.roa
File: nd70SWPZyebhrSk_OZzGovwRv-8.roa (raw, json)
Hash identifier: F2iKtcStKn6Mbm+3WYh+79B3qw+ESst4ooB3tXikQGk=
Subject key identifier: 9D:DE:F4:49:63:D9:C9:E6:E1:AD:29:3F:39:9C:C6:A2:FC:11:BF:EF
Certificate issuer: /CN=472694d8a399a3a66f442ec72295c754acbbad41
Certificate serial: 01856C137D0C4A604494536A76719F3988D5
Authority key identifier: 47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/nd70SWPZyebhrSk_OZzGovwRv-8.roa
Signing time: Sun 01 Jan 2023 06:44:54 +0000
ROA not before: Sun 01 Jan 2023 06:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200807
IP address blocks: 78.31.213.0/24 maxlen: 24
78.31.212.0/23 maxlen: 23
78.31.212.0/24 maxlen: 24
185.173.164.0/22 maxlen: 22
2a0b:4f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:7d:0c:4a:60:44:94:53:6a:76:71:9f:39:88:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472694d8a399a3a66f442ec72295c754acbbad41
Validity
Not Before: Jan 1 06:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ddef44963d9c9e6e1ad293f399cc6a2fc11bfef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:49:67:d9:10:85:aa:59:1c:b3:38:16:7f:
14:72:6b:80:d6:9a:6f:fe:57:d0:4b:91:7f:bc:a3:
77:8e:f3:74:0c:75:1b:08:29:aa:59:f3:0e:65:a9:
38:b2:e3:31:84:08:a6:32:87:0f:31:6e:71:f8:41:
7f:9e:c5:58:f4:bf:68:4c:9c:13:c5:20:9f:f0:21:
4f:2a:2f:36:05:c9:45:f2:7c:16:a8:73:47:eb:46:
f3:3e:a0:06:a3:e6:90:7b:6b:79:5f:8f:48:2c:9b:
c9:03:c9:7c:72:66:04:32:7d:76:26:13:56:fa:fb:
35:35:40:e3:24:0d:ef:f9:be:09:89:04:80:5c:c7:
0e:78:6b:16:aa:2a:d3:f6:73:e0:01:6a:ae:42:e6:
21:0c:89:4a:24:c0:28:d8:02:0d:bc:a7:90:bf:45:
88:74:0b:88:63:67:81:e4:f7:67:a6:f4:78:72:0c:
bb:69:7b:ab:62:f9:98:a7:e8:6d:c7:55:31:66:7e:
2c:0d:a0:3f:78:33:41:ec:81:3a:cb:d1:cc:a8:8c:
7b:d4:ff:9b:d2:ba:20:89:5e:da:77:eb:36:ce:4d:
3c:17:3d:a6:c6:af:f8:f3:59:5d:1b:29:06:2f:b2:
54:e1:cc:3f:5c:50:5d:a4:c2:87:76:e3:b4:50:cc:
f6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DE:F4:49:63:D9:C9:E6:E1:AD:29:3F:39:9C:C6:A2:FC:11:BF:EF
X509v3 Authority Key Identifier:
keyid:47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/nd70SWPZyebhrSk_OZzGovwRv-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.212.0/23
185.173.164.0/22
IPv6:
2a0b:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
00:06:1f:0c:11:b4:49:50:93:11:8a:58:30:2e:1a:bf:37:4f:
88:c0:7b:03:56:83:6e:d9:b8:42:54:db:5a:94:6b:0b:cb:ec:
8f:34:ae:53:3a:4a:d7:83:9c:6f:86:7c:c2:23:78:4f:19:ad:
6d:ea:73:68:9d:f6:93:ee:bd:8a:1e:b5:c9:6f:b8:ab:1c:fa:
6c:62:51:9f:cb:59:47:69:2e:20:68:29:4b:f3:d8:5b:06:7d:
6e:db:22:cc:19:25:1b:b4:24:b2:00:f1:a5:30:e5:e5:d0:d4:
3c:a9:c5:01:b7:40:34:2a:b1:33:62:ab:91:82:ab:52:46:76:
58:9c:f5:96:90:63:a2:3f:00:33:28:0b:6c:92:9d:67:62:45:
fc:78:0b:8a:e2:16:c4:99:e6:53:0f:78:40:6a:56:8c:7a:d4:
d5:14:2d:1b:38:99:c3:c5:cc:a6:77:5f:a9:be:b0:90:d3:e5:
63:d9:87:5d:4f:2f:bb:24:fb:11:3e:50:3f:97:ae:45:14:bc:
89:30:b4:2d:6a:2e:72:08:fe:b5:f3:b5:a2:43:db:21:c9:97:
6d:7f:c0:52:65:14:7c:3e:48:2b:24:c6:7a:58:a3:ae:59:00:
92:65:18:b0:a9:32:19:a2:7c:44:7a:f7:53:10:43:b7:60:32:
07:8d:1d:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsE30MSmBElFNqdnGfOYjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjY5NGQ4YTM5OWEzYTY2ZjQ0MmVjNzIyOTVjNzU0YWNi
YmFkNDEwHhcNMjMwMTAxMDY0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRlZjQ0OTYzZDljOWU2ZTFhZDI5M2YzOTljYzZhMmZjMTFiZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDJJZ9kQhapZHLM4Fn8UcmuA1ppv
/lfQS5F/vKN3jvN0DHUbCCmqWfMOZak4suMxhAimMocPMW5x+EF/nsVY9L9oTJwT
xSCf8CFPKi82BclF8nwWqHNH60bzPqAGo+aQe2t5X49ILJvJA8l8cmYEMn12JhNW
+vs1NUDjJA3v+b4JiQSAXMcOeGsWqirT9nPgAWquQuYhDIlKJMAo2AINvKeQv0WI
dAuIY2eB5PdnpvR4cgy7aXurYvmYp+htx1UxZn4sDaA/eDNB7IE6y9HMqIx71P+b
0rogiV7ad+s2zk08Fz2mxq/481ldGykGL7JU4cw/XFBdpMKHduO0UMz2GwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ3e9Elj2cnm4a0pPzmcxqL8Eb/vMB8GA1UdIwQY
MBaAFEcmlNijmaOmb0QuxyKVx1Ssu61BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEt
MDYzYTA4ODFhNmQyLzEvbmQ3MFNXUFp5ZWJoclNrX09aekdvdndSdi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEtMDYzYTA4ODFhNmQy
LzEvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBTh/UAwQC
ua2kMA0EAgACMAcDBQAqC08AMA0GCSqGSIb3DQEBCwUAA4IBAQAABh8MEbRJUJMR
ilgwLhq/N0+IwHsDVoNu2bhCVNtalGsLy+yPNK5TOkrXg5xvhnzCI3hPGa1t6nNo
nfaT7r2KHrXJb7irHPpsYlGfy1lHaS4gaClL89hbBn1u2yLMGSUbtCSyAPGlMOXl
0NQ8qcUBt0A0KrEzYquRgqtSRnZYnPWWkGOiPwAzKAtskp1nYkX8eAuK4hbEmeZT
D3hAalaMetTVFC0bOJnDxcymd1+pvrCQ0+Vj2YddTy+7JPsRPlA/l65FFLyJMLQt
ai5yCP6187WiQ9shyZdtf8BSZRR8PkgrJMZ6WKOuWQCSZRiwqTIZonxEevdTEEO3
YDIHjR3o
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:01:08 2025 by rpki-client