Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/ntpBaRwHShDbrLZ5pbZfArqQspA.roa
File: ntpBaRwHShDbrLZ5pbZfArqQspA.roa (raw, json)
Hash identifier: 2Y+EwOeNgS+qK9hzRLLOCEoXJCepKfijfXi8Vyoba10=
Subject key identifier: 9E:DA:41:69:1C:07:4A:10:DB:AC:B6:79:A5:B6:5F:02:BA:90:B2:90
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0195C48FBF8DD66B7AFA9F7AB6B9D909EB28
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/ntpBaRwHShDbrLZ5pbZfArqQspA.roa
Signing time: Sun 23 Mar 2025 19:51:49 +0000
ROA not before: Sun 23 Mar 2025 19:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 31.42.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:8f:bf:8d:d6:6b:7a:fa:9f:7a:b6:b9:d9:09:eb:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Mar 23 19:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eda41691c074a10dbacb679a5b65f02ba90b290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bb:28:c6:38:1e:9a:13:c7:51:97:14:da:92:
23:c5:e0:d5:aa:2f:b8:b8:15:8f:78:57:a3:7d:31:
42:12:ce:6b:6f:5d:be:25:27:ea:a7:f1:94:65:85:
1e:98:b1:8d:ac:24:9a:c0:6c:4f:7a:f7:f5:e8:fb:
e1:4b:f2:c6:6c:27:c4:05:96:2c:a8:5e:5f:c4:93:
92:4a:14:c6:db:29:39:e3:38:12:c1:90:4a:ff:f1:
40:46:a1:e1:39:e8:3a:4f:3d:bb:c1:d4:55:0d:37:
58:65:67:8e:2a:b6:5c:d2:66:31:5f:87:4d:45:bb:
2a:7f:8f:c9:4a:33:5e:17:12:2e:d8:45:63:08:3e:
9f:41:e7:4e:92:36:78:b6:78:03:dd:a6:ac:0b:e8:
6c:6e:78:e5:72:58:ba:47:bd:20:32:cf:ca:29:51:
c6:87:c4:2c:14:8a:0b:98:9b:b2:a9:04:19:c0:ae:
ac:96:db:dc:3f:19:c4:8d:b8:6d:dc:71:c0:f9:3d:
66:bd:01:81:aa:20:fd:76:a2:ac:8c:b4:a6:ed:22:
c6:57:ef:da:a9:e6:dc:17:eb:56:75:ad:a8:d4:e1:
cf:73:43:96:cd:54:b2:8e:5c:90:bf:f0:f4:f7:8d:
27:18:0c:58:9b:fc:87:3c:69:58:b7:a2:7b:4a:42:
84:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DA:41:69:1C:07:4A:10:DB:AC:B6:79:A5:B6:5F:02:BA:90:B2:90
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/ntpBaRwHShDbrLZ5pbZfArqQspA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.122.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:94:ef:12:93:3d:55:15:b6:d5:25:b8:d6:ac:9d:9f:1a:bd:
1d:b9:0e:ba:7b:96:d8:69:70:b4:cb:ab:f3:2f:a0:79:2e:2d:
a6:1e:f1:c8:f8:58:f3:d4:e8:c8:8b:66:24:58:fa:b6:d3:fa:
fe:d1:ba:37:e0:4e:c2:f9:95:45:36:85:74:d5:f7:9b:b6:c5:
c8:db:cb:6e:a8:cd:91:4a:fa:83:34:00:06:d2:4d:69:20:1d:
20:1a:52:8b:10:3b:85:3a:29:4f:62:80:34:6e:b3:24:96:18:
c4:47:75:d4:01:81:01:19:65:d2:c5:32:2e:37:b0:bc:e6:d5:
84:e6:ad:1e:62:f1:33:37:1c:85:9e:95:9c:c7:a6:5e:75:33:
af:82:6f:e4:53:e1:f4:58:c7:a2:f5:ce:1e:3d:4a:d2:30:40:
82:06:51:f3:2d:8a:b0:60:02:ac:a3:da:97:46:06:a8:ba:31:
17:ef:ac:ca:c4:a1:db:43:f0:3e:61:26:40:f1:e3:3c:4f:79:
96:06:81:fa:cc:51:b2:f8:8e:ce:5d:64:43:46:a5:1c:d2:a5:
df:0c:39:18:5b:00:94:a5:c8:e8:02:93:70:d0:88:18:bd:95:
71:03:e9:83:43:dc:9a:6d:22:89:7a:06:89:01:7c:f4:7e:56:
2f:7c:d3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXEj7+N1mt6+p96trnZCesoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwMzIzMTk1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWRhNDE2OTFjMDc0YTEwZGJhY2I2NzlhNWI2NWYwMmJhOTBiMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbsoxjgemhPHUZcU2pIjxeDVqi+4
uBWPeFejfTFCEs5rb12+JSfqp/GUZYUemLGNrCSawGxPevf16PvhS/LGbCfEBZYs
qF5fxJOSShTG2yk54zgSwZBK//FARqHhOeg6Tz27wdRVDTdYZWeOKrZc0mYxX4dN
Rbsqf4/JSjNeFxIu2EVjCD6fQedOkjZ4tngD3aasC+hsbnjlcli6R70gMs/KKVHG
h8QsFIoLmJuyqQQZwK6sltvcPxnEjbht3HHA+T1mvQGBqiD9dqKsjLSm7SLGV+/a
qebcF+tWda2o1OHPc0OWzVSyjlyQv/D0940nGAxYm/yHPGlYt6J7SkKELwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7aQWkcB0oQ26y2eaW2XwK6kLKQMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvbnRwQmFSd0hTaERickxaNXBiWmZBcnFRc3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyp6MA0G
CSqGSIb3DQEBCwUAA4IBAQDBlO8Skz1VFbbVJbjWrJ2fGr0duQ66e5bYaXC0y6vz
L6B5Li2mHvHI+Fjz1OjIi2YkWPq20/r+0bo34E7C+ZVFNoV01febtsXI28tuqM2R
SvqDNAAG0k1pIB0gGlKLEDuFOilPYoA0brMklhjER3XUAYEBGWXSxTIuN7C85tWE
5q0eYvEzNxyFnpWcx6ZedTOvgm/kU+H0WMei9c4ePUrSMECCBlHzLYqwYAKso9qX
RgaoujEX76zKxKHbQ/A+YSZA8eM8T3mWBoH6zFGy+I7OXWRDRqUc0qXfDDkYWwCU
pcjoApNw0IgYvZVxA+mDQ9yabSKJegaJAXz0flYvfNOk
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:04:58 2025 by rpki-client