Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/f6cb73-974f-4d11-baa7-52878eacdbf3/1/NDuYYl022FbPXqbXf-tA0cxBVic.roa
File: NDuYYl022FbPXqbXf-tA0cxBVic.roa (raw, json)
Hash identifier: x37gargaCJUxMf4AUFk0pOcHGMlvEMQ6m7wbEKVVMWQ=
Subject key identifier: 34:3B:98:62:5D:36:D8:56:CF:5E:A6:D7:7F:EB:40:D1:CC:41:56:27
Certificate issuer: /CN=2770ca5cf0fcb3e1823d33d0cd9825aa1a98a107
Certificate serial: 01859BD35EEE1F791DBFF75F7E6EFE9A445D
Authority key identifier: 27:70:CA:5C:F0:FC:B3:E1:82:3D:33:D0:CD:98:25:AA:1A:98:A1:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J3DKXPD8s-GCPTPQzZglqhqYoQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/f6cb73-974f-4d11-baa7-52878eacdbf3/1/NDuYYl022FbPXqbXf-tA0cxBVic.roa
Signing time: Tue 10 Jan 2023 13:16:38 +0000
ROA not before: Tue 10 Jan 2023 13:16:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208058
IP address blocks: 31.210.148.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:d3:5e:ee:1f:79:1d:bf:f7:5f:7e:6e:fe:9a:44:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2770ca5cf0fcb3e1823d33d0cd9825aa1a98a107
Validity
Not Before: Jan 10 13:16:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=343b98625d36d856cf5ea6d77feb40d1cc415627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:dd:59:ed:f8:87:6c:dd:8b:70:f0:b1:c3:4a:
16:1c:07:d0:da:b6:b3:3a:04:e9:73:20:08:17:35:
7c:f5:7a:63:dd:a7:b0:bb:4b:14:68:57:cb:ae:d8:
08:c4:1f:d8:9d:8c:e4:76:1b:47:53:42:cb:58:07:
d3:9e:0b:f0:5d:c4:b5:2d:12:0e:32:19:25:8f:d7:
ba:5e:b6:f6:13:b1:f2:21:16:59:e1:59:a1:c0:de:
f2:5a:9e:d4:f0:13:53:b6:04:8a:39:2f:46:0f:22:
19:6c:c6:a2:d0:39:c4:7e:9d:24:8a:96:6c:46:9f:
1e:0d:ac:4c:fa:93:6a:df:73:9c:12:d8:62:93:b4:
ae:63:70:7f:f7:4b:47:29:7c:73:40:87:e0:0c:ec:
fd:e8:92:cf:e8:56:fb:59:11:15:a2:7c:80:2d:57:
7c:ee:55:c9:e9:55:e8:85:d1:59:f5:f9:f0:bd:54:
a8:4a:c5:9e:ba:24:b3:c2:f5:77:55:40:cb:d4:40:
ef:91:d4:28:be:9a:d1:7b:d6:29:c1:48:9e:33:7c:
18:97:d3:c5:5b:5c:ee:ca:e9:d0:0a:4c:d7:da:90:
c3:82:59:15:43:41:f1:38:47:50:0b:00:be:b7:9a:
9e:9c:b6:05:05:48:68:ae:8c:33:38:a9:30:a4:ad:
7e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3B:98:62:5D:36:D8:56:CF:5E:A6:D7:7F:EB:40:D1:CC:41:56:27
X509v3 Authority Key Identifier:
keyid:27:70:CA:5C:F0:FC:B3:E1:82:3D:33:D0:CD:98:25:AA:1A:98:A1:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J3DKXPD8s-GCPTPQzZglqhqYoQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/f6cb73-974f-4d11-baa7-52878eacdbf3/1/NDuYYl022FbPXqbXf-tA0cxBVic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/f6cb73-974f-4d11-baa7-52878eacdbf3/1/J3DKXPD8s-GCPTPQzZglqhqYoQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.148.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:e4:06:c0:87:d8:f3:ba:84:11:c7:ce:55:fe:87:82:f1:b4:
36:6b:0f:5d:cb:cb:c1:73:14:b4:ab:eb:a2:15:64:b6:25:8c:
4b:86:5f:11:98:1a:9d:66:7d:d5:7c:50:ba:c7:48:e3:8c:57:
2b:b4:4f:24:f5:33:81:11:df:ec:5e:99:a0:5d:fd:16:1d:79:
cf:e1:2b:8d:2f:2d:01:43:c3:e0:3a:c4:6a:e9:bd:d1:d3:e6:
14:2e:24:0d:3c:38:f0:8f:e6:af:31:ca:94:1f:57:31:8c:06:
5b:b0:1c:ae:2b:35:5e:d1:51:9a:7b:63:58:31:4c:83:fd:65:
86:62:89:89:0a:5d:29:c4:d5:a8:1e:bf:84:82:40:ca:32:a1:
31:4f:74:7a:05:73:4d:69:4e:85:0f:db:48:d8:af:17:1f:ad:
74:aa:08:6e:a0:08:e5:9e:b2:4b:7c:ae:82:8a:7e:c7:8e:4d:
a6:c0:2a:4a:0d:b7:ed:d8:76:4e:30:6f:f8:d5:45:93:1c:d3:
e9:e0:f5:5d:78:8a:fe:b1:ea:97:32:d5:48:96:ef:da:5a:61:
1c:8d:de:8a:c8:b3:d5:a3:80:70:3c:1d:fe:ea:01:b1:fc:20:
77:a9:81:0f:bf:7c:90:6b:63:b8:7d:ab:d3:f4:1c:98:3e:6f:
72:2f:51:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWb017uH3kdv/dffm7+mkRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NzBjYTVjZjBmY2IzZTE4MjNkMzNkMGNkOTgyNWFhMWE5
OGExMDcwHhcNMjMwMTEwMTMxNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNiOTg2MjVkMzZkODU2Y2Y1ZWE2ZDc3ZmViNDBkMWNjNDE1NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7N1Z7fiHbN2LcPCxw0oWHAfQ2raz
OgTpcyAIFzV89Xpj3aewu0sUaFfLrtgIxB/YnYzkdhtHU0LLWAfTngvwXcS1LRIO
Mhklj9e6Xrb2E7HyIRZZ4VmhwN7yWp7U8BNTtgSKOS9GDyIZbMai0DnEfp0kipZs
Rp8eDaxM+pNq33OcEthik7SuY3B/90tHKXxzQIfgDOz96JLP6Fb7WREVonyALVd8
7lXJ6VXohdFZ9fnwvVSoSsWeuiSzwvV3VUDL1EDvkdQovprRe9YpwUieM3wYl9PF
W1zuyunQCkzX2pDDglkVQ0HxOEdQCwC+t5qenLYFBUhorowzOKkwpK1+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ7mGJdNthWz16m13/rQNHMQVYnMB8GA1UdIwQY
MBaAFCdwylzw/LPhgj0z0M2YJaoamKEHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjNES1hQRDhzLUdDUFRQUXpaZ2xxaHFZb1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mNmNiNzMtOTc0Zi00ZDExLWJhYTct
NTI4NzhlYWNkYmYzLzEvTkR1WVlsMDIyRmJQWHFiWGYtdEEwY3hCVmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mNmNiNzMtOTc0Zi00ZDExLWJhYTctNTI4NzhlYWNkYmYz
LzEvSjNES1hQRDhzLUdDUFRQUXpaZ2xxaHFZb1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH9KUMA0G
CSqGSIb3DQEBCwUAA4IBAQAr5AbAh9jzuoQRx85V/oeC8bQ2aw9dy8vBcxS0q+ui
FWS2JYxLhl8RmBqdZn3VfFC6x0jjjFcrtE8k9TOBEd/sXpmgXf0WHXnP4SuNLy0B
Q8PgOsRq6b3R0+YULiQNPDjwj+avMcqUH1cxjAZbsByuKzVe0VGae2NYMUyD/WWG
YomJCl0pxNWoHr+EgkDKMqExT3R6BXNNaU6FD9tI2K8XH610qghuoAjlnrJLfK6C
in7Hjk2mwCpKDbft2HZOMG/41UWTHNPp4PVdeIr+seqXMtVIlu/aWmEcjd6KyLPV
o4BwPB3+6gGx/CB3qYEPv3yQa2O4favT9ByYPm9yL1FX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:06 2025 by rpki-client