Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/nkTzUtW2CK1EIKIWOcoFLWor69o.roa
File: nkTzUtW2CK1EIKIWOcoFLWor69o.roa (raw, json)
Hash identifier: YVl/F83/5NkVKFPZpAkwSdgiJVhNnzIrQ+9m0hCMS14=
Subject key identifier: 9E:44:F3:52:D5:B6:08:AD:44:20:A2:16:39:CA:05:2D:6A:2B:EB:DA
Certificate issuer: /CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Certificate serial: 24EC4DE6
Authority key identifier: 71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/nkTzUtW2CK1EIKIWOcoFLWor69o.roa
Signing time: Wed 15 Jun 2022 11:00:44 +0000
ROA not before: Wed 15 Jun 2022 11:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47441
IP address blocks: 94.125.188.0/23 maxlen: 23
94.125.188.0/24 maxlen: 24
94.125.189.0/24 maxlen: 24
31.210.138.0/23 maxlen: 23
31.210.137.0/24 maxlen: 24
31.210.138.0/24 maxlen: 24
31.210.139.0/24 maxlen: 24
31.210.141.0/24 maxlen: 24
31.210.142.0/24 maxlen: 24
31.210.140.0/23 maxlen: 23
31.210.143.0/24 maxlen: 24
31.210.140.0/24 maxlen: 24
31.210.142.0/23 maxlen: 23
185.10.136.0/24 maxlen: 24
185.10.137.0/24 maxlen: 24
185.10.138.0/23 maxlen: 23
185.10.138.0/24 maxlen: 24
185.10.139.0/24 maxlen: 24
185.10.136.0/23 maxlen: 23
185.10.136.0/22 maxlen: 22
2a02:e487::/32 maxlen: 32
2a02:e486::/32 maxlen: 32
2a02:e480::/32 maxlen: 32
2a02:e482::/32 maxlen: 32
2a02:e485::/32 maxlen: 32
2a02:e480::/29 maxlen: 29
2a02:e483::/32 maxlen: 32
2a02:e481::/32 maxlen: 32
2a02:e484::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 619466214 (0x24ec4de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Validity
Not Before: Jun 15 11:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e44f352d5b608ad4420a21639ca052d6a2bebda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:a2:0a:c4:82:5f:c9:fb:24:6b:44:a4:d9:
94:a1:5c:03:53:6f:1c:67:15:4b:4b:7e:7f:ab:70:
d1:88:6c:94:aa:bd:35:e1:8a:94:d0:3a:fd:e9:a9:
80:3a:b2:f8:22:6c:3f:39:46:64:53:30:0b:97:45:
86:b6:17:d6:27:aa:d6:37:68:d6:c6:ad:5f:80:88:
0e:35:4f:b6:79:43:b0:94:e8:c4:c8:c3:8c:9e:a2:
d1:5a:b9:1a:f0:94:79:f1:fb:e0:08:50:cb:04:8d:
3c:ea:5f:ba:d1:e0:81:30:a1:db:03:54:b2:32:56:
49:96:60:ee:0f:7b:5e:8e:ee:29:d4:6e:58:50:4a:
d3:ec:7e:bf:ff:17:77:fa:85:37:e2:29:b2:39:46:
6d:3b:35:bb:bc:27:7b:d4:29:ce:6e:c1:1a:8f:09:
32:54:85:5d:a2:07:1b:b9:28:f6:07:45:aa:20:b5:
1d:2d:d3:5a:be:d4:eb:14:e7:5f:b3:89:5e:36:e3:
1b:ae:5e:e0:07:6e:4b:e2:83:43:a0:fc:a3:03:a3:
8a:82:ea:5d:a3:c7:42:55:4b:bb:61:b2:23:56:53:
7c:9e:49:55:c6:cf:ab:e1:4d:36:23:a1:c9:1c:76:
71:94:4a:ca:69:4b:48:fd:23:ba:c8:25:56:88:e6:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:44:F3:52:D5:B6:08:AD:44:20:A2:16:39:CA:05:2D:6A:2B:EB:DA
X509v3 Authority Key Identifier:
keyid:71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/nkTzUtW2CK1EIKIWOcoFLWor69o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.137.0-31.210.143.255
94.125.188.0/23
185.10.136.0/22
IPv6:
2a02:e480::/29
Signature Algorithm: sha256WithRSAEncryption
64:1e:fd:51:bf:b4:93:bc:a1:97:8b:3b:f0:42:bd:65:ee:15:
18:d6:06:07:e2:61:2f:6c:50:49:3b:13:25:13:4a:0a:8f:fe:
d1:3f:bf:8d:83:61:0b:05:24:1e:83:f3:b3:74:5a:59:5f:56:
7e:b6:bb:ca:42:ca:8a:74:a2:c8:f6:ad:51:74:b7:49:34:36:
cc:91:26:f5:24:49:88:d5:5b:40:04:b7:d9:dd:50:8a:eb:b2:
3f:45:09:29:19:9b:7c:04:15:c1:71:f3:ae:d4:32:46:a6:23:
ce:81:90:b0:94:88:a4:41:45:f8:af:01:f6:c6:82:59:c9:07:
6e:6e:bd:a9:67:6d:22:35:be:6d:55:13:16:b4:07:b6:63:80:
8a:e8:bb:40:73:c4:b7:a5:5f:62:44:f6:7d:eb:5c:69:40:b8:
b4:8a:b2:b7:25:43:a7:4b:b5:aa:45:60:23:32:25:81:53:66:
20:3e:6b:93:3c:b7:1f:ea:62:5a:8a:9c:24:0e:d0:7d:78:07:
59:1d:21:b3:1b:1b:5b:41:ce:b6:1e:d4:e8:d1:9f:3b:31:be:
ee:98:32:37:e1:69:47:c0:3f:3f:22:41:ad:81:a3:3e:7f:fa:
6e:4e:5e:52:12:17:2a:43:ff:9f:a9:0e:15:b0:fc:1f:9c:0f:
e8:70:ef:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEJOxN5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTVkZjlhYWY5ZDFjZDE3Y2E0MGM5NTJhZDhmNzFmMGEzNDMyYmI3MB4XDTIyMDYx
NTExMDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU0NGYzNTJkNWI2
MDhhZDQ0MjBhMjE2MzljYTA1MmQ2YTJiZWJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtzogrEgl/J+yRrRKTZlKFcA1NvHGcVS0t+f6tw0YhslKq9
NeGKlNA6/empgDqy+CJsPzlGZFMwC5dFhrYX1ieq1jdo1satX4CIDjVPtnlDsJTo
xMjDjJ6i0Vq5GvCUefH74AhQywSNPOpfutHggTCh2wNUsjJWSZZg7g97Xo7uKdRu
WFBK0+x+v/8Xd/qFN+IpsjlGbTs1u7wne9Qpzm7BGo8JMlSFXaIHG7ko9gdFqiC1
HS3TWr7U6xTnX7OJXjbjG65e4AduS+KDQ6D8owOjioLqXaPHQlVLu2GyI1ZTfJ5J
VcbPq+FNNiOhyRx2cZRKymlLSP0jusglVojm74UCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSeRPNS1bYIrUQgohY5ygUtaivr2jAfBgNVHSMEGDAWgBRxXfmq+dHNF8pA
yVKtj3Hwo0MrtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NWMzVxdm5SelJmS1FNbFNyWTl4OEtOREs3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvMDIzYjA2LTViMWUtNDRlOS05OGQ4LTc4MWJlNTk4YmY1OC8x
L25rVHpVdFcyQ0sxRUlLSVdPY29GTFdvcjY5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
MDIzYjA2LTViMWUtNDRlOS05OGQ4LTc4MWJlNTk4YmY1OC8xL2NWMzVxdm5SelJm
S1FNbFNyWTl4OEtOREs3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQAH9KJAwQEH9KAAwQBXn28AwQC
uQqIMA0EAgACMAcDBQMqAuSAMA0GCSqGSIb3DQEBCwUAA4IBAQBkHv1Rv7STvKGX
izvwQr1l7hUY1gYH4mEvbFBJOxMlE0oKj/7RP7+Ng2ELBSQeg/OzdFpZX1Z+trvK
QsqKdKLI9q1RdLdJNDbMkSb1JEmI1VtABLfZ3VCK67I/RQkpGZt8BBXBcfOu1DJG
piPOgZCwlIikQUX4rwH2xoJZyQdubr2pZ20iNb5tVRMWtAe2Y4CK6LtAc8S3pV9i
RPZ961xpQLi0irK3JUOnS7WqRWAjMiWBU2YgPmuTPLcf6mJaipwkDtB9eAdZHSGz
GxtbQc62HtTo0Z87Mb7umDI34WlHwD8/IkGtgaM+f/puTl5SEhcqQ/+fqQ4VsPwf
nA/ocO8r
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:37:28 2025 by rpki-client