Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/nNGX_OCe8X9nXrEP34vII8SEf10.roa
File: nNGX_OCe8X9nXrEP34vII8SEf10.roa (raw, json)
Hash identifier: n1Og0cpU00h6IhKyI+ECnhLWs0U3hRjPdAcqH8CABIM=
Subject key identifier: 9C:D1:97:FC:E0:9E:F1:7F:67:5E:B1:0F:DF:8B:C8:23:C4:84:7F:5D
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019425217F87137A0FC56B251B05E9CA842D
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/nNGX_OCe8X9nXrEP34vII8SEf10.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 46.226.160.0/21 maxlen: 32
89.169.32.0/22 maxlen: 32
89.169.52.0/22 maxlen: 32
92.246.136.0/22 maxlen: 32
213.108.20.0/24 maxlen: 32
213.108.21.0/24 maxlen: 32
213.108.22.0/24 maxlen: 32
213.108.23.0/24 maxlen: 32
217.144.185.0/24 maxlen: 32
217.144.186.0/24 maxlen: 32
217.144.187.0/24 maxlen: 32
217.144.188.0/24 maxlen: 32
217.144.189.0/24 maxlen: 32
217.144.190.0/24 maxlen: 32
217.144.191.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:87:13:7a:0f:c5:6b:25:1b:05:e9:ca:84:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cd197fce09ef17f675eb10fdf8bc823c4847f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5d:e7:99:e8:77:8a:a4:45:62:4a:07:dd:be:
ab:a2:28:42:1a:07:d0:5c:c2:fa:de:03:20:99:bf:
21:ce:67:2f:6b:b2:bc:2c:a4:77:69:44:ad:87:8f:
96:a1:06:5e:27:c4:44:32:10:39:a4:71:88:5b:fe:
85:55:93:db:07:ca:36:81:3d:59:e5:75:e2:49:d1:
91:70:5b:4c:4b:6d:1a:34:76:63:0b:e9:93:5e:9c:
06:09:54:22:b4:7c:fd:a3:cd:01:a6:2c:d1:36:1d:
c2:51:9a:af:ee:08:7d:b7:a1:c3:71:57:1a:ca:49:
0a:98:2d:05:13:15:11:f2:67:80:42:ab:17:d4:33:
13:96:df:4f:7e:b3:01:79:dd:a6:e3:a0:74:3c:78:
2a:5f:3f:1a:d3:7e:cf:60:04:a4:52:43:77:4e:e3:
5f:9f:43:3a:28:a1:51:64:f7:2a:f5:8e:fe:b6:ca:
18:c9:5f:50:73:6a:23:bc:01:a4:ec:a1:f4:df:08:
79:41:22:a6:a1:c9:0a:85:61:6b:ba:d6:c7:01:79:
3e:ed:f7:ad:70:d9:27:ef:a5:a1:d5:a5:01:19:41:
cd:65:44:bf:4f:0a:44:87:5b:1f:0b:71:eb:3c:8f:
3a:53:ee:3a:0a:b2:fa:31:52:96:21:db:2f:d3:09:
07:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D1:97:FC:E0:9E:F1:7F:67:5E:B1:0F:DF:8B:C8:23:C4:84:7F:5D
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/nNGX_OCe8X9nXrEP34vII8SEf10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
89.169.32.0/22
89.169.52.0/22
92.246.136.0/22
213.108.20.0/22
217.144.185.0-217.144.191.255
Signature Algorithm: sha256WithRSAEncryption
7e:7a:7f:0c:cc:05:41:40:5b:50:04:6c:90:c0:e7:2a:4a:3a:
f8:ce:01:db:19:06:bf:5e:90:9f:1f:d5:34:25:96:c3:8f:d3:
58:f1:5a:54:f1:50:6c:52:eb:72:04:42:5e:f5:a0:85:96:54:
16:2f:59:23:8e:04:a7:1d:7e:41:cb:3c:af:98:65:ac:bd:bb:
ba:13:8f:60:7e:ff:7c:ef:79:27:ad:83:6a:2f:c0:bf:07:11:
fe:6a:ea:2b:4f:a3:94:aa:22:7f:30:c7:8e:bd:91:b5:36:0b:
17:49:7d:de:e5:b3:af:3c:fb:3c:4a:5a:6c:fc:82:15:bd:ac:
e8:12:8e:a3:8d:17:d4:eb:57:5c:23:3e:41:13:d4:34:02:1c:
77:54:9a:16:8a:e1:57:6c:3e:1c:cb:05:55:42:1a:37:ee:49:
00:ba:ce:6a:d2:b2:2d:ec:0a:d3:b2:5b:fa:fd:52:4e:1a:f9:
01:1b:61:bd:0d:86:20:0f:fe:51:d0:b0:57:d8:5f:44:c6:2a:
bf:43:69:c2:e6:48:da:15:62:a3:a5:54:02:8b:6b:77:b4:c5:
0d:2b:8d:4b:38:b9:9e:79:a1:f9:d9:b2:92:07:4c:c7:b6:59:
7a:d7:8b:f5:3d:ed:5a:07:53:a3:f3:01:bc:5e:ea:10:e8:7e:
2b:de:ea:9e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQlIX+HE3oPxWslGwXpyoQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QxOTdmY2UwOWVmMTdmNjc1ZWIxMGZkZjhiYzgyM2M0ODQ3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv13nmeh3iqRFYkoH3b6roihCGgfQ
XML63gMgmb8hzmcva7K8LKR3aUSth4+WoQZeJ8REMhA5pHGIW/6FVZPbB8o2gT1Z
5XXiSdGRcFtMS20aNHZjC+mTXpwGCVQitHz9o80BpizRNh3CUZqv7gh9t6HDcVca
ykkKmC0FExUR8meAQqsX1DMTlt9PfrMBed2m46B0PHgqXz8a037PYASkUkN3TuNf
n0M6KKFRZPcq9Y7+tsoYyV9Qc2ojvAGk7KH03wh5QSKmockKhWFrutbHAXk+7fet
cNkn76Wh1aUBGUHNZUS/TwpEh1sfC3HrPI86U+46CrL6MVKWIdsv0wkH1wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJzRl/zgnvF/Z16xD9+LyCPEhH9dMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvbk5HWF9PQ2U4WDluWHJFUDM0dklJOFNFZjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDLuKgAwQC
WakgAwQCWak0AwQCXPaIAwQC1WwUMAwDBADZkLkDBAbZkIAwDQYJKoZIhvcNAQEL
BQADggEBAH56fwzMBUFAW1AEbJDA5ypKOvjOAdsZBr9ekJ8f1TQllsOP01jxWlTx
UGxS63IEQl71oIWWVBYvWSOOBKcdfkHLPK+YZay9u7oTj2B+/3zveSetg2ovwL8H
Ef5q6itPo5SqIn8wx469kbU2CxdJfd7ls688+zxKWmz8ghW9rOgSjqONF9TrV1wj
PkET1DQCHHdUmhaK4VdsPhzLBVVCGjfuSQC6zmrSsi3sCtOyW/r9Uk4a+QEbYb0N
hiAP/lHQsFfYX0TGKr9DacLmSNoVYqOlVAKLa3e0xQ0rjUs4uZ55ofnZspIHTMe2
WXrXi/U97VoHU6PzAbxe6hDofive6p4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:31 2025 by rpki-client