Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/nJUcoCNc07cyfYEUlMwbz1g_DaE.roa
File: nJUcoCNc07cyfYEUlMwbz1g_DaE.roa (raw, json)
Hash identifier: Ib/IQqjAiE9xz41/z9I1UMYPE1ywAN0ig2dufXZbgBk=
Subject key identifier: 9C:95:1C:A0:23:5C:D3:B7:32:7D:81:14:94:CC:1B:CF:58:3F:0D:A1
Certificate issuer: /CN=d09da99a73ba7202418f73718932dc8d7c153e32
Certificate serial: 01942067D4E477EB28F35D8B34D61360FCB8
Authority key identifier: D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/nJUcoCNc07cyfYEUlMwbz1g_DaE.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198185
IP address blocks: 130.255.8.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d4:e4:77:eb:28:f3:5d:8b:34:d6:13:60:fc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09da99a73ba7202418f73718932dc8d7c153e32
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c951ca0235cd3b7327d811494cc1bcf583f0da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:20:f4:b1:f6:4d:5a:1c:76:a3:56:23:34:
bb:95:dc:57:48:63:01:ab:48:c1:05:ce:0c:da:15:
5c:25:be:48:3e:0a:43:c6:90:2a:ce:59:52:bc:f1:
54:48:b3:26:5c:e2:42:de:7c:b6:d2:a3:45:00:34:
72:84:a9:82:98:77:97:9f:81:af:23:85:8b:df:f8:
db:6f:96:15:c7:c2:2b:c3:86:e6:96:d9:23:be:59:
c7:04:d9:f8:38:e7:cc:66:59:e3:c6:7e:22:d6:7f:
30:26:64:4e:e0:dc:a3:fd:17:78:5b:26:15:ff:d8:
ab:25:57:95:b6:b6:a3:3d:fe:52:a9:80:c8:b8:29:
80:90:9d:a2:6e:70:1b:90:1e:ba:64:2b:6d:08:f9:
5b:e6:cc:62:a9:3f:02:fe:b1:16:eb:4b:c2:a5:28:
e9:9c:57:68:61:ca:67:f5:78:5e:a9:20:35:8f:29:
74:42:56:71:ab:72:ec:65:27:6b:47:9b:60:f4:f7:
49:63:9c:4d:92:99:65:a9:6f:a4:b8:3b:00:76:04:
6b:76:1f:b9:6f:13:df:c7:07:17:ae:10:92:d8:87:
e9:ac:f9:55:30:06:d1:f7:b0:33:1a:98:5a:25:46:
ff:03:af:45:64:49:92:f5:89:fa:07:6e:b3:37:93:
c9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:95:1C:A0:23:5C:D3:B7:32:7D:81:14:94:CC:1B:CF:58:3F:0D:A1
X509v3 Authority Key Identifier:
keyid:D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/nJUcoCNc07cyfYEUlMwbz1g_DaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.8.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:fa:6b:8c:1c:aa:ae:c5:02:e1:6a:2d:a7:cb:0b:fd:b5:66:
53:2d:00:6f:3b:fe:a8:6c:61:d2:49:ba:7d:67:c2:b7:09:65:
77:00:84:cb:46:60:94:95:ac:e1:46:76:36:54:82:b2:06:a8:
55:b7:f2:b7:e1:db:18:71:94:1b:66:46:6c:78:d1:50:04:98:
4e:ff:bd:5b:07:3b:8e:2c:21:f2:b2:62:fa:40:0e:89:6c:89:
99:5c:c1:98:60:a8:0e:80:a0:05:24:a8:2b:82:bc:92:46:e2:
ce:cd:95:17:1f:2e:2b:01:83:56:ac:0d:e1:7e:31:fd:31:ab:
fc:85:3d:f1:f6:1f:4b:5c:ac:73:e5:93:35:1e:9f:88:93:6b:
92:9a:22:bf:f7:83:47:92:55:71:f1:59:6d:c3:e2:af:90:a2:
a9:ad:71:e9:a9:f7:f3:12:87:58:38:be:9c:61:09:70:c5:00:
40:86:76:f6:74:29:11:1c:be:35:ff:13:fa:cc:89:d2:8a:08:
7e:af:de:d4:59:4e:f8:49:24:81:cd:71:7a:aa:29:f8:7e:e1:
b6:d4:19:72:00:50:87:03:aa:54:cb:f2:85:fd:46:a5:9b:dc:
32:51:ab:ac:a0:43:6c:34:5c:bb:68:1d:5c:4c:ef:94:6a:e5:
64:6a:d3:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9Tkd+so812LNNYTYPy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOWRhOTlhNzNiYTcyMDI0MThmNzM3MTg5MzJkYzhkN2Mx
NTNlMzIwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk1MWNhMDIzNWNkM2I3MzI3ZDgxMTQ5NGNjMWJjZjU4M2YwZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD0g9LH2TVocdqNWIzS7ldxXSGMB
q0jBBc4M2hVcJb5IPgpDxpAqzllSvPFUSLMmXOJC3ny20qNFADRyhKmCmHeXn4Gv
I4WL3/jbb5YVx8Irw4bmltkjvlnHBNn4OOfMZlnjxn4i1n8wJmRO4Nyj/Rd4WyYV
/9irJVeVtrajPf5SqYDIuCmAkJ2ibnAbkB66ZCttCPlb5sxiqT8C/rEW60vCpSjp
nFdoYcpn9XheqSA1jyl0QlZxq3LsZSdrR5tg9PdJY5xNkpllqW+kuDsAdgRrdh+5
bxPfxwcXrhCS2IfprPlVMAbR97AzGphaJUb/A69FZEmS9Yn6B26zN5PJgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyVHKAjXNO3Mn2BFJTMG89YPw2hMB8GA1UdIwQY
MBaAFNCdqZpzunICQY9zcYky3I18FT4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAt
ZGNlYmY2MTk3ZTBlLzEvbkpVY29DTmMwN2N5ZllFVWxNd2J6MWdfRGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAtZGNlYmY2MTk3ZTBl
LzEvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgv8IMA0G
CSqGSIb3DQEBCwUAA4IBAQC9+muMHKquxQLhai2nywv9tWZTLQBvO/6obGHSSbp9
Z8K3CWV3AITLRmCUlazhRnY2VIKyBqhVt/K34dsYcZQbZkZseNFQBJhO/71bBzuO
LCHysmL6QA6JbImZXMGYYKgOgKAFJKgrgrySRuLOzZUXHy4rAYNWrA3hfjH9Mav8
hT3x9h9LXKxz5ZM1Hp+Ik2uSmiK/94NHklVx8Vltw+KvkKKprXHpqffzEodYOL6c
YQlwxQBAhnb2dCkRHL41/xP6zInSigh+r97UWU74SSSBzXF6qin4fuG21BlyAFCH
A6pUy/KF/Ualm9wyUausoENsNFy7aB1cTO+UauVkatOt
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:18 2025 by rpki-client