Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/nCOKNYm96Ory9UAEkoRua-SSq0k.roa
File: nCOKNYm96Ory9UAEkoRua-SSq0k.roa (raw, json)
Hash identifier: lRBgMuaaZsrzkva/kJJhD4+OInXvh+X84foMq/HXxqA=
Subject key identifier: 9C:23:8A:35:89:BD:E8:EA:F2:F5:40:04:92:84:6E:6B:E4:92:AB:49
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018993443147A4DFAF855BDB252339A7293A
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/nCOKNYm96Ory9UAEkoRua-SSq0k.roa
Signing time: Wed 26 Jul 2023 17:34:27 +0000
ROA not before: Wed 26 Jul 2023 17:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 213.159.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:93:44:31:47:a4:df:af:85:5b:db:25:23:39:a7:29:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jul 26 17:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c238a3589bde8eaf2f5400492846e6be492ab49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0a:b5:f5:60:0b:e1:7a:82:be:a9:71:21:da:
e7:fb:49:af:49:62:4d:2d:0c:9e:8a:e9:36:e5:54:
09:77:17:05:e0:44:87:39:da:91:46:5a:a4:80:ec:
22:be:4f:54:47:1d:be:2e:90:e3:34:73:9b:1f:44:
2d:27:86:dc:c0:87:ad:cd:f5:0b:c8:67:9f:96:b0:
a7:f7:ba:40:66:31:ff:7b:d1:29:7c:33:e8:d4:bd:
47:04:09:1d:8c:8d:6c:19:d8:f2:48:25:62:77:8f:
b3:22:03:24:88:fd:57:bc:c8:16:12:0e:a9:ca:fd:
95:4e:f7:24:83:a5:1f:eb:78:d5:da:21:a2:1a:0d:
51:09:24:f2:ee:cd:6f:fe:83:ef:9e:58:56:22:6d:
5c:11:3c:cb:ef:80:73:22:86:8e:5b:1d:ca:05:da:
c8:25:e9:c3:15:df:9d:a5:66:db:1c:f1:b1:74:28:
d1:ec:64:63:c3:ff:aa:25:55:4d:ad:59:1e:f4:77:
5e:2e:5c:3f:10:5e:c4:89:1e:a2:5f:48:e0:d3:5c:
23:e6:e4:6e:8d:60:b3:f7:a3:70:9c:94:66:9e:b1:
c7:fe:06:7a:9d:b8:b9:40:9c:ff:f1:05:a9:ff:50:
7a:8d:83:13:25:18:f2:35:6b:44:95:42:34:c4:5e:
dc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:23:8A:35:89:BD:E8:EA:F2:F5:40:04:92:84:6E:6B:E4:92:AB:49
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/nCOKNYm96Ory9UAEkoRua-SSq0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
57:c5:75:2e:8b:89:f2:74:fe:b1:44:09:20:44:f2:44:29:ab:
a1:f3:d8:66:9d:7a:3c:ea:56:04:80:30:40:c1:f9:61:33:ba:
8f:8e:a4:4f:43:68:1f:47:63:78:26:7d:ad:a7:d8:b9:df:bb:
9f:7e:92:dc:7f:e9:3e:9f:33:38:b6:cc:ae:a0:cb:0b:70:9c:
41:3c:50:bb:08:46:b6:06:8c:dc:74:3c:83:71:49:d1:b2:1e:
07:f4:5d:59:7c:bd:70:8b:95:2f:47:d5:b7:a3:89:49:ee:65:
66:c7:13:5f:c1:1b:ab:b8:34:82:84:99:62:46:9c:36:0d:89:
9f:73:ed:1a:96:b3:57:4d:96:07:a0:4e:9c:88:1a:d2:77:80:
e7:9c:c6:31:2b:f1:94:f5:1d:5b:42:f9:b1:3d:93:44:76:59:
e0:85:28:9a:92:df:81:32:0f:dd:6a:23:66:f8:92:57:33:e0:
fa:a8:5e:2d:d5:e2:a4:00:1c:5c:bb:69:32:3d:a8:7a:9b:c9:
22:ad:ad:dc:03:9a:f7:99:e1:fa:f3:f2:b4:f4:67:11:22:da:
89:72:6a:a9:96:04:2c:e1:de:8e:99:e5:fd:6d:cf:25:dc:4d:
d5:31:7d:ce:8b:bc:8a:f7:b8:1f:e6:4c:8b:8d:e3:b5:4b:ac:
aa:5c:61:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmTRDFHpN+vhVvbJSM5pyk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwNzI2MTczNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzIzOGEzNTg5YmRlOGVhZjJmNTQwMDQ5Mjg0NmU2YmU0OTJhYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAq19WAL4XqCvqlxIdrn+0mvSWJN
LQyeiuk25VQJdxcF4ESHOdqRRlqkgOwivk9URx2+LpDjNHObH0QtJ4bcwIetzfUL
yGeflrCn97pAZjH/e9EpfDPo1L1HBAkdjI1sGdjySCVid4+zIgMkiP1XvMgWEg6p
yv2VTvckg6Uf63jV2iGiGg1RCSTy7s1v/oPvnlhWIm1cETzL74BzIoaOWx3KBdrI
JenDFd+dpWbbHPGxdCjR7GRjw/+qJVVNrVke9HdeLlw/EF7EiR6iX0jg01wj5uRu
jWCz96NwnJRmnrHH/gZ6nbi5QJz/8QWp/1B6jYMTJRjyNWtElUI0xF7cAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwjijWJvejq8vVABJKEbmvkkqtJMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvbkNPS05ZbTk2T3J5OVVBRWtvUnVhLVNTcTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1Z+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBXxXUui4nydP6xRAkgRPJEKauh89hmnXo86lYEgDBA
wflhM7qPjqRPQ2gfR2N4Jn2tp9i537uffpLcf+k+nzM4tsyuoMsLcJxBPFC7CEa2
BozcdDyDcUnRsh4H9F1ZfL1wi5UvR9W3o4lJ7mVmxxNfwRuruDSChJliRpw2DYmf
c+0alrNXTZYHoE6ciBrSd4DnnMYxK/GU9R1bQvmxPZNEdlnghSiakt+BMg/daiNm
+JJXM+D6qF4t1eKkABxcu2kyPah6m8kira3cA5r3meH68/K09GcRItqJcmqplgQs
4d6OmeX9bc8l3E3VMX3Oi7yK97gf5kyLjeO1S6yqXGH5
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:47:54 2025 by rpki-client