Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/N7DB1_qDB__g6Nxr9DEwC15NrZk.roa
File: N7DB1_qDB__g6Nxr9DEwC15NrZk.roa (raw, json)
Hash identifier: 5WcnGawwGQpwOQSpJnOUTqg0NoY7F3BjwtsoN+AhXHs=
Subject key identifier: 37:B0:C1:D7:FA:83:07:FF:E0:E8:DC:6B:F4:31:30:0B:5E:4D:AD:99
Certificate issuer: /CN=aaca4f4a737ec09f335ac40633133328213efc3d
Certificate serial: 01939B06468C152986FDDBDE77F891E3AB4E
Authority key identifier: AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/N7DB1_qDB__g6Nxr9DEwC15NrZk.roa
Signing time: Fri 06 Dec 2024 08:11:39 +0000
ROA not before: Fri 06 Dec 2024 08:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205876
IP address blocks: 31.24.250.0/24 maxlen: 24
45.152.249.0/24 maxlen: 24
45.152.250.0/24 maxlen: 24
194.5.132.0/24 maxlen: 24
194.5.145.0/24 maxlen: 24
212.125.138.0/24 maxlen: 24
212.125.139.0/24 maxlen: 24
2a12:5040:1::/48 maxlen: 48
2a12:5040:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:06:46:8c:15:29:86:fd:db:de:77:f8:91:e3:ab:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaca4f4a737ec09f335ac40633133328213efc3d
Validity
Not Before: Dec 6 08:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37b0c1d7fa8307ffe0e8dc6bf431300b5e4dad99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:0a:eb:e1:31:3b:3b:47:f3:e6:b6:61:3a:
56:10:86:a5:b6:7b:5d:17:13:18:16:0f:63:d8:f5:
80:c5:d4:da:2b:75:ce:2f:d1:8b:1e:95:58:5a:91:
3b:10:8d:e3:e9:03:37:c2:4b:11:6c:aa:46:08:5c:
5a:7f:3e:b2:b9:33:0c:c1:ee:2f:fb:9a:d1:bc:72:
d1:79:53:a5:1e:97:2a:88:2f:12:df:67:bb:3c:89:
99:7d:2f:24:ce:53:84:2c:0f:d1:f1:a6:2f:2b:93:
65:0d:bf:c9:8f:a7:77:88:87:78:02:96:90:24:38:
77:d8:79:b9:d6:51:ee:2b:a6:94:35:f9:ec:b0:00:
fa:af:02:b8:d9:97:b4:08:35:57:53:e7:a6:71:31:
d2:ff:cb:82:f1:1b:08:08:4e:f8:21:4b:9b:35:e2:
8d:23:d7:e0:aa:27:2f:f8:3c:79:b8:69:e3:41:26:
31:50:82:91:99:47:3b:d5:98:40:68:4a:a6:72:30:
fa:d4:b1:39:dc:64:bf:f7:b7:92:d7:37:fe:64:71:
6a:99:54:44:bb:d9:7d:b5:9b:4e:22:ae:d7:22:81:
99:60:ad:d1:b1:c6:bc:f5:4f:8a:12:88:b0:d5:72:
52:05:5b:c3:76:91:ea:67:4a:a5:00:68:3e:b5:7c:
a6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B0:C1:D7:FA:83:07:FF:E0:E8:DC:6B:F4:31:30:0B:5E:4D:AD:99
X509v3 Authority Key Identifier:
keyid:AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/N7DB1_qDB__g6Nxr9DEwC15NrZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/qspPSnN-wJ8zWsQGMxMzKCE-_D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.250.0/24
45.152.249.0-45.152.250.255
194.5.132.0/24
194.5.145.0/24
212.125.138.0/23
IPv6:
2a12:5040:1::-2a12:5040:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:cb:f3:9c:10:db:97:77:81:36:90:3b:e8:80:ed:e4:51:c1:
69:10:30:14:a6:26:4a:17:bb:33:21:9b:cb:3a:6a:d1:7e:ef:
04:04:67:01:47:30:0f:b3:0c:3c:f7:6f:be:5f:0c:6a:35:d8:
12:8d:88:c8:2f:50:3e:d1:e9:25:45:43:3d:25:e3:05:c9:75:
13:1b:3e:33:8d:79:30:49:dc:30:ca:f4:2c:25:88:f9:c5:f5:
a0:d9:04:d6:ee:ec:47:f1:89:6b:23:de:d7:82:fd:0c:7e:1f:
a2:f9:d9:c3:90:14:72:00:a7:a1:8f:39:ab:ae:00:f8:59:c0:
37:a7:e0:05:da:be:44:e0:2d:e8:97:2a:c1:2d:f8:4b:22:18:
e6:98:6c:41:70:d3:20:7c:9d:b5:01:6f:44:09:8b:a1:de:f0:
59:63:55:e7:b7:c1:98:23:c1:ab:f6:53:02:7a:ff:bb:ef:e8:
d5:2f:f9:5a:56:21:4f:46:8c:ba:b6:da:9d:c0:c4:20:81:ec:
b6:00:9a:01:75:9b:55:c8:e7:da:b6:e9:b0:13:e7:08:f4:b7:
60:f6:c5:82:af:ee:40:2b:73:d7:79:cb:d2:bb:40:ff:62:b5:
08:ae:f6:77:ab:a1:c9:a5:ad:64:f6:e7:6e:40:ad:9b:11:12:
1c:70:18:56
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZObBkaMFSmG/dved/iR46tOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2E0ZjRhNzM3ZWMwOWYzMzVhYzQwNjMzMTMzMzI4MjEz
ZWZjM2QwHhcNMjQxMjA2MDgxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2IwYzFkN2ZhODMwN2ZmZTBlOGRjNmJmNDMxMzAwYjVlNGRhZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArekK6+ExOztH8+a2YTpWEIaltntd
FxMYFg9j2PWAxdTaK3XOL9GLHpVYWpE7EI3j6QM3wksRbKpGCFxafz6yuTMMwe4v
+5rRvHLReVOlHpcqiC8S32e7PImZfS8kzlOELA/R8aYvK5NlDb/Jj6d3iId4ApaQ
JDh32Hm51lHuK6aUNfnssAD6rwK42Ze0CDVXU+emcTHS/8uC8RsICE74IUubNeKN
I9fgqicv+Dx5uGnjQSYxUIKRmUc71ZhAaEqmcjD61LE53GS/97eS1zf+ZHFqmVRE
u9l9tZtOIq7XIoGZYK3Rsca89U+KEoiw1XJSBVvDdpHqZ0qlAGg+tXym5QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDewwdf6gwf/4Ojca/QxMAteTa2ZMB8GA1UdIwQY
MBaAFKrKT0pzfsCfM1rEBjMTMyghPvw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNwUFNuTi13Sjh6V3NRR014TXpLQ0UtX0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMTg3NmEtZmFlMS00M2NjLWEyZDct
MzM0ZTZmMzMyMTgwLzEvTjdEQjFfcURCX19nNk54cjlERXdDMTVOclprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMTg3NmEtZmFlMS00M2NjLWEyZDctMzM0ZTZmMzMyMTgw
LzEvcXNwUFNuTi13Sjh6V3NRR014TXpLQ0UtX0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAsBAIAATAmAwQAHxj6MAwD
BAAtmPkDBAAtmPoDBADCBYQDBADCBZEDBAHUfYowGgQCAAIwFDASAwcAKhJQQAAB
AwcAKhJQQAACMA0GCSqGSIb3DQEBCwUAA4IBAQAEy/OcENuXd4E2kDvogO3kUcFp
EDAUpiZKF7szIZvLOmrRfu8EBGcBRzAPsww892++XwxqNdgSjYjIL1A+0eklRUM9
JeMFyXUTGz4zjXkwSdwwyvQsJYj5xfWg2QTW7uxH8YlrI97Xgv0Mfh+i+dnDkBRy
AKehjzmrrgD4WcA3p+AF2r5E4C3olyrBLfhLIhjmmGxBcNMgfJ21AW9ECYuh3vBZ
Y1Xnt8GYI8Gr9lMCev+77+jVL/laViFPRoy6ttqdwMQggey2AJoBdZtVyOfatumw
E+cI9Ldg9sWCr+5AK3PXecvSu0D/YrUIrvZ3q6HJpa1k9uduQK2bERIccBhW
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:42 2025 by rpki-client