Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/NkWTNycYwb9pQvPLNKsXp0FrY4M.roa
File: NkWTNycYwb9pQvPLNKsXp0FrY4M.roa (raw, json)
Hash identifier: Tc7+r3M6LhKP5gbFQIutSGnBA62j0B+4RvyO/Jra8Fg=
Subject key identifier: 36:45:93:37:27:18:C1:BF:69:42:F3:CB:34:AB:17:A7:41:6B:63:83
Certificate issuer: /CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Certificate serial: 018CC6B79D321F40170E3B87CD4126AAE736
Authority key identifier: 71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/NkWTNycYwb9pQvPLNKsXp0FrY4M.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47441
IP address blocks: 94.125.188.0/23 maxlen: 23
94.125.188.0/24 maxlen: 24
94.125.189.0/24 maxlen: 24
31.210.138.0/23 maxlen: 23
31.210.137.0/24 maxlen: 24
31.210.138.0/24 maxlen: 24
31.210.139.0/24 maxlen: 24
31.210.141.0/24 maxlen: 24
31.210.142.0/24 maxlen: 24
31.210.140.0/23 maxlen: 23
31.210.143.0/24 maxlen: 24
31.210.140.0/24 maxlen: 24
31.210.142.0/23 maxlen: 23
185.10.136.0/24 maxlen: 24
185.10.137.0/24 maxlen: 24
185.10.138.0/23 maxlen: 23
185.10.138.0/24 maxlen: 24
185.10.139.0/24 maxlen: 24
185.10.136.0/23 maxlen: 23
185.10.136.0/22 maxlen: 22
2a02:e487::/32 maxlen: 32
2a02:e486::/32 maxlen: 32
2a02:e480::/32 maxlen: 32
2a02:e482::/32 maxlen: 32
2a02:e485::/32 maxlen: 32
2a02:e480::/29 maxlen: 29
2a02:e483::/32 maxlen: 32
2a02:e481::/32 maxlen: 32
2a02:e484::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9d:32:1f:40:17:0e:3b:87:cd:41:26:aa:e7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=364593372718c1bf6942f3cb34ab17a7416b6383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2f:14:f2:71:ef:d0:48:0f:37:a2:ae:c6:c8:
86:85:c7:e3:05:81:aa:f3:84:82:ea:53:e1:2b:77:
72:b3:68:82:ad:97:f5:e0:b5:6a:bd:b7:4e:ea:4b:
9f:6a:14:98:6a:e4:1d:3a:f3:77:38:60:ac:50:92:
47:af:61:81:d1:f7:f9:07:a3:3e:b9:91:83:dd:75:
63:d2:aa:52:a9:eb:83:87:d3:2b:84:a3:ea:de:c7:
18:82:29:ea:88:d8:1e:59:f9:d2:36:94:44:04:1b:
c8:e1:62:01:be:b0:26:64:db:03:ea:07:4a:79:5e:
f1:40:84:85:9c:c1:b6:6b:8c:90:c0:3d:17:b4:86:
0a:c9:df:15:6e:46:98:3b:ce:42:cc:09:26:55:96:
97:7a:2a:4e:0e:5c:2a:18:5c:28:6e:37:30:9d:3b:
fe:af:86:27:5c:05:7a:d2:46:42:f8:a9:21:93:86:
aa:e9:ab:dd:ae:9b:f7:d7:b9:9d:10:05:97:96:74:
6f:ad:fc:9b:a5:19:d7:a0:08:2f:34:38:04:45:c9:
d9:5c:b3:9e:a8:34:04:3b:23:95:fa:b3:21:03:ce:
cc:cc:b0:d2:fa:05:52:30:8a:89:24:e2:4d:99:41:
e2:db:62:f0:58:bc:62:b0:b7:3f:06:1e:ae:0d:e8:
8e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:45:93:37:27:18:C1:BF:69:42:F3:CB:34:AB:17:A7:41:6B:63:83
X509v3 Authority Key Identifier:
keyid:71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/NkWTNycYwb9pQvPLNKsXp0FrY4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.137.0-31.210.143.255
94.125.188.0/23
185.10.136.0/22
IPv6:
2a02:e480::/29
Signature Algorithm: sha256WithRSAEncryption
15:f4:ad:70:bf:34:2b:87:c4:30:32:60:e4:b1:ba:00:22:71:
06:84:f0:30:ea:86:a6:59:2e:29:31:f6:cb:52:0e:be:80:e1:
9c:bd:46:12:6e:f5:4c:a3:62:96:1f:cf:76:48:72:8c:32:43:
1e:63:b0:11:27:bb:89:e2:df:43:cd:aa:a9:a5:c8:88:6d:db:
51:cb:62:24:bb:f0:dc:17:a9:f4:89:35:13:ff:a3:79:7f:aa:
d2:d7:d4:c4:5f:c2:83:7b:00:f2:b8:f1:0f:22:13:97:e8:fd:
a1:19:07:96:db:9e:a3:5c:25:dd:b0:f2:f7:40:54:2f:f9:1e:
71:7f:0b:60:a8:d6:9d:f6:9a:a7:77:4e:d6:57:8a:fc:86:f6:
bb:f9:4d:48:ee:f6:1a:50:a0:84:30:14:7e:54:44:b0:25:a2:
fe:a3:bb:65:c0:b0:85:9a:f9:ef:28:16:db:e9:16:cf:9c:98:
d4:77:94:8d:9a:9f:92:96:b5:77:09:af:c8:24:3c:cc:3a:39:
b1:77:87:5c:26:fb:ac:a5:a5:15:69:d1:8b:9c:a9:a4:ac:a2:
51:ab:ab:49:78:e7:62:3a:e2:da:5b:f9:e5:bb:21:78:b7:79:
38:33:eb:45:d8:ff:f6:d8:fd:94:43:7a:4c:eb:2f:a6:39:d8:
c8:94:2a:6d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGt50yH0AXDjuHzUEmquc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWRmOWFhZjlkMWNkMTdjYTQwYzk1MmFkOGY3MWYwYTM0
MzJiYjcwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ1OTMzNzI3MThjMWJmNjk0MmYzY2IzNGFiMTdhNzQxNmI2MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC8U8nHv0EgPN6KuxsiGhcfjBYGq
84SC6lPhK3dys2iCrZf14LVqvbdO6kufahSYauQdOvN3OGCsUJJHr2GB0ff5B6M+
uZGD3XVj0qpSqeuDh9MrhKPq3scYginqiNgeWfnSNpREBBvI4WIBvrAmZNsD6gdK
eV7xQISFnMG2a4yQwD0XtIYKyd8VbkaYO85CzAkmVZaXeipODlwqGFwobjcwnTv+
r4YnXAV60kZC+Kkhk4aq6avdrpv317mdEAWXlnRvrfybpRnXoAgvNDgERcnZXLOe
qDQEOyOV+rMhA87MzLDS+gVSMIqJJOJNmUHi22LwWLxisLc/Bh6uDeiO7QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDZFkzcnGMG/aULzyzSrF6dBa2ODMB8GA1UdIwQY
MBaAFHFd+ar50c0XykDJUq2PcfCjQyu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgt
NzgxYmU1OThiZjU4LzEvTmtXVE55Y1l3YjlwUXZQTE5Lc1hwMEZyWTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgtNzgxYmU1OThiZjU4
LzEvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAAf0okD
BAQf0oADBAFefbwDBAK5CogwDQQCAAIwBwMFAyoC5IAwDQYJKoZIhvcNAQELBQAD
ggEBABX0rXC/NCuHxDAyYOSxugAicQaE8DDqhqZZLikx9stSDr6A4Zy9RhJu9Uyj
YpYfz3ZIcowyQx5jsBEnu4ni30PNqqmlyIht21HLYiS78NwXqfSJNRP/o3l/qtLX
1MRfwoN7APK48Q8iE5fo/aEZB5bbnqNcJd2w8vdAVC/5HnF/C2Co1p32mqd3TtZX
ivyG9rv5TUju9hpQoIQwFH5URLAlov6ju2XAsIWa+e8oFtvpFs+cmNR3lI2an5KW
tXcJr8gkPMw6ObF3h1wm+6ylpRVp0YucqaSsolGrq0l452I64tpb+eW7IXi3eTgz
60XY//bY/ZRDekzrL6Y52MiUKm0=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:52:24 2025 by rpki-client