Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/N9lGBNANMfTIMRn8Jiq8tTAP9AU.roa
File: N9lGBNANMfTIMRn8Jiq8tTAP9AU.roa (raw, json)
Hash identifier: /syDE6BHpSq20HIZj+8xFI8NVgoDC4MSqcrWeHN4emo=
Subject key identifier: 37:D9:46:04:D0:0D:31:F4:C8:31:19:FC:26:2A:BC:B5:30:0F:F4:05
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C4586B94021A1B5DE75B48153804
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/N9lGBNANMfTIMRn8Jiq8tTAP9AU.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 170.62.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c4:58:6b:94:02:1a:1b:5d:e7:5b:48:15:38:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37d94604d00d31f4c83119fc262abcb5300ff405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:10:8a:c1:53:37:80:fc:50:3d:c9:3f:57:ce:
fc:ed:b7:b1:e3:bd:77:0a:5a:63:6d:6c:d5:72:aa:
e4:75:b5:7e:bc:d5:aa:c9:6a:3b:20:04:f9:57:10:
c2:42:0a:09:06:70:4e:31:8d:0f:45:5a:55:4f:88:
19:2e:1a:81:e3:70:fb:b2:6d:9b:a2:20:50:3d:5b:
b8:7c:2c:f5:03:ac:db:06:11:8a:bd:15:bd:3c:fe:
56:6f:3e:9e:ce:a9:06:0b:6e:14:a4:84:61:ea:c5:
aa:a8:06:6b:57:41:fd:30:4a:b4:81:59:6e:f9:2b:
ae:dd:ae:fc:8e:ee:db:6a:eb:15:94:f7:0d:70:13:
d8:1f:98:fe:da:97:e1:f5:90:bd:f1:51:14:76:37:
67:46:26:8e:3c:e3:b0:e4:f0:2f:64:c3:d0:fd:74:
d4:26:e4:9e:88:a3:49:69:d7:fd:27:4f:77:57:bc:
01:12:0e:0c:a0:75:6d:24:65:52:ac:0b:78:e6:d8:
8d:b9:b6:68:58:20:0a:a6:59:fa:46:9c:94:84:ae:
02:ee:21:76:a9:f8:15:bf:96:87:0a:24:7f:3c:23:
65:f1:63:6b:f5:ba:ed:06:1c:8c:76:65:41:e7:40:
46:27:d6:b5:63:7d:87:1e:96:4a:5f:f0:71:41:55:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D9:46:04:D0:0D:31:F4:C8:31:19:FC:26:2A:BC:B5:30:0F:F4:05
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/N9lGBNANMfTIMRn8Jiq8tTAP9AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.207.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:5c:8f:b5:06:90:ed:e8:95:55:56:a9:9c:fc:a3:36:33:64:
7a:27:63:f4:3c:4d:ff:aa:ad:3d:e6:fb:75:ae:4a:93:24:13:
1d:35:1d:2c:bb:bc:11:73:3b:b4:45:a6:f0:14:71:fe:06:a2:
b4:64:3c:e4:0b:9a:ef:b2:dc:59:c9:ad:c9:c1:dc:82:6b:2b:
21:fd:23:15:60:0b:c0:35:ce:71:af:1b:f8:e6:7e:04:59:85:
b6:89:ff:c4:6e:38:76:a3:87:33:f5:ae:2b:c4:d8:5a:f4:52:
0b:80:f3:1b:13:3a:ac:36:53:8c:02:2d:cb:b7:14:00:3b:97:
66:1e:11:c0:2e:93:5c:29:47:8e:a3:01:21:ec:6b:53:b9:7a:
c4:b1:66:3b:5a:0b:63:5f:64:a8:ba:3d:da:3b:b7:47:2b:f6:
e9:6d:b6:7c:5b:ed:a3:95:71:dc:19:40:53:9d:55:e7:3c:db:
09:70:62:aa:24:e2:d1:4e:12:e8:a4:57:db:cb:ac:20:58:35:
ff:01:cf:e9:a8:fc:56:1e:cb:e1:eb:6e:ae:1c:d7:a6:2e:9d:
c9:7e:b0:77:ed:7c:ee:a3:0a:4b:3b:60:db:20:ab:f3:75:61:
9e:77:d9:50:4f:52:2a:b4:d3:91:bd:f4:f6:fe:1f:dc:d9:1f:
9a:ff:cc:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjacRYa5QCGhtd51tIFTgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q5NDYwNGQwMGQzMWY0YzgzMTE5ZmMyNjJhYmNiNTMwMGZmNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RCKwVM3gPxQPck/V8787bex4713
ClpjbWzVcqrkdbV+vNWqyWo7IAT5VxDCQgoJBnBOMY0PRVpVT4gZLhqB43D7sm2b
oiBQPVu4fCz1A6zbBhGKvRW9PP5Wbz6ezqkGC24UpIRh6sWqqAZrV0H9MEq0gVlu
+Suu3a78ju7bausVlPcNcBPYH5j+2pfh9ZC98VEUdjdnRiaOPOOw5PAvZMPQ/XTU
JuSeiKNJadf9J093V7wBEg4MoHVtJGVSrAt45tiNubZoWCAKpln6RpyUhK4C7iF2
qfgVv5aHCiR/PCNl8WNr9brtBhyMdmVB50BGJ9a1Y32HHpZKX/BxQVUUGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfZRgTQDTH0yDEZ/CYqvLUwD/QFMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTjlsR0JOQU5NZlRJTVJuOEppcTh0VEFQOUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj7PMA0G
CSqGSIb3DQEBCwUAA4IBAQBuXI+1BpDt6JVVVqmc/KM2M2R6J2P0PE3/qq095vt1
rkqTJBMdNR0su7wRczu0RabwFHH+BqK0ZDzkC5rvstxZya3JwdyCaysh/SMVYAvA
Nc5xrxv45n4EWYW2if/Ebjh2o4cz9a4rxNha9FILgPMbEzqsNlOMAi3LtxQAO5dm
HhHALpNcKUeOowEh7GtTuXrEsWY7WgtjX2Souj3aO7dHK/bpbbZ8W+2jlXHcGUBT
nVXnPNsJcGKqJOLRThLopFfby6wgWDX/Ac/pqPxWHsvh626uHNemLp3JfrB37Xzu
owpLO2DbIKvzdWGed9lQT1IqtNORvfT2/h/c2R+a/8wL
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:45 2025 by rpki-client