Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/m-NCjxsTn1S1HCrxAcsi2Yo5SYQ.roa
File: m-NCjxsTn1S1HCrxAcsi2Yo5SYQ.roa (raw, json)
Hash identifier: OpepWArht7oHQOtr5H2Mmul/d++RMH3TLpCdyfNi8f8=
Subject key identifier: 9B:E3:42:8F:1B:13:9F:54:B5:1C:2A:F1:01:CB:22:D9:8A:39:49:84
Certificate issuer: /CN=e9cb1687488cf43a7334f9efa4d9cdf635724e9c
Certificate serial: 220E9D
Authority key identifier: E9:CB:16:87:48:8C:F4:3A:73:34:F9:EF:A4:D9:CD:F6:35:72:4E:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6csWh0iM9DpzNPnvpNnN9jVyTpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/m-NCjxsTn1S1HCrxAcsi2Yo5SYQ.roa
Signing time: Fri 21 Jan 2022 14:13:52 +0000
ROA not before: Fri 21 Jan 2022 14:13:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136038
IP address blocks: 194.126.202.0/24 maxlen: 24
194.126.219.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
194.126.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2231965 (0x220e9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9cb1687488cf43a7334f9efa4d9cdf635724e9c
Validity
Not Before: Jan 21 14:13:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9be3428f1b139f54b51c2af101cb22d98a394984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:57:93:9f:ae:cf:83:56:79:3e:c0:24:40:
56:dd:93:40:36:75:27:8c:0d:15:2e:b7:2a:78:e4:
b1:50:6b:27:9d:c6:05:cf:cc:a8:ee:ee:c5:42:e4:
15:4b:d8:94:8b:1f:78:a7:ef:ac:de:26:90:93:9b:
a3:ce:fc:48:60:a9:43:53:4d:96:df:44:31:a0:cf:
cd:9e:e6:fb:1a:c9:bf:b5:d7:8b:40:10:d2:86:63:
d8:f0:ec:7f:7b:e1:14:ad:08:6a:e9:71:8e:97:94:
59:db:98:38:df:6d:64:92:e8:77:13:bc:ec:72:1f:
31:72:a3:53:c7:45:28:b1:0b:02:e5:d9:0e:91:69:
aa:cc:2b:fc:93:62:25:b7:b6:97:a6:93:d1:68:a3:
f6:a0:ae:3a:d6:4e:53:cf:fe:3f:00:32:bf:6a:94:
31:f9:7d:df:7b:07:04:62:58:12:29:78:b9:54:90:
74:aa:a8:44:a1:e8:cd:04:05:10:85:68:bb:ae:a7:
87:79:68:db:91:fa:66:e4:31:8d:82:87:c3:29:75:
cb:b1:2b:ce:c5:29:bd:ba:ed:52:52:9a:96:b5:ac:
02:a5:1e:0c:5d:1f:1c:9a:a0:70:ad:53:6b:a2:a0:
65:34:e2:68:cb:1d:5b:28:d6:43:ef:c6:62:25:e3:
0f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E3:42:8F:1B:13:9F:54:B5:1C:2A:F1:01:CB:22:D9:8A:39:49:84
X509v3 Authority Key Identifier:
keyid:E9:CB:16:87:48:8C:F4:3A:73:34:F9:EF:A4:D9:CD:F6:35:72:4E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6csWh0iM9DpzNPnvpNnN9jVyTpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/m-NCjxsTn1S1HCrxAcsi2Yo5SYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c60ece-561b-4d19-8abf-c1ffa7e5b04a/1/6csWh0iM9DpzNPnvpNnN9jVyTpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.202.0/24
194.126.215.0/24
194.126.219.0/24
194.126.227.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ff:fd:83:4f:c0:0d:09:ff:9e:fb:b2:a3:b4:6d:36:d5:fb:
9c:5f:05:fb:d2:c3:ea:ad:d7:6f:fd:4d:ad:a5:47:47:05:cc:
34:e2:84:1f:ec:c7:f8:9a:92:7d:c3:4a:b0:90:2f:a0:21:01:
c5:88:5c:17:f2:a8:87:db:e6:be:44:aa:b4:31:88:9f:ab:a5:
2f:11:71:1a:79:b0:7b:39:97:39:b2:8c:91:38:3b:7e:b4:08:
bc:5a:5e:fa:cf:6d:83:db:82:c2:a2:8a:1a:a4:45:7e:0c:85:
0d:6c:5d:b1:52:bc:a0:c7:02:1c:72:3a:e8:fb:04:a8:01:6a:
1b:05:19:79:e8:05:fb:e4:cc:fa:8a:1a:8b:2a:37:39:53:cb:
c9:67:c9:e6:b8:8a:16:37:79:2f:3f:0f:df:6e:02:01:0f:b3:
79:12:e6:92:67:18:3d:65:c4:5d:4c:8b:52:1c:5f:0e:64:ce:
cf:28:ca:91:09:aa:f1:76:13:3d:2c:44:67:84:c5:fd:6a:66:
25:0f:a1:03:18:c3:34:3b:67:d6:4b:2a:23:19:68:5c:53:47:
51:3a:f5:e6:1e:06:61:69:97:00:7a:ac:ac:70:a9:2b:4a:54:
2f:be:a7:9b:da:45:47:86:7a:6d:fe:82:cf:d2:f4:fc:76:d6:
47:4f:5d:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDIg6dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU5
Y2IxNjg3NDg4Y2Y0M2E3MzM0ZjllZmE0ZDljZGY2MzU3MjRlOWMwHhcNMjIwMTIx
MTQxMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YmUzNDI4ZjFiMTM5
ZjU0YjUxYzJhZjEwMWNiMjJkOThhMzk0OTg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA151Xk5+uz4NWeT7AJEBW3ZNANnUnjA0VLrcqeOSxUGsnncYF
z8yo7u7FQuQVS9iUix94p++s3iaQk5ujzvxIYKlDU02W30QxoM/Nnub7Gsm/tdeL
QBDShmPY8Ox/e+EUrQhq6XGOl5RZ25g4321kkuh3E7zsch8xcqNTx0UosQsC5dkO
kWmqzCv8k2Ilt7aXppPRaKP2oK461k5Tz/4/ADK/apQx+X3fewcEYlgSKXi5VJB0
qqhEoejNBAUQhWi7rqeHeWjbkfpm5DGNgofDKXXLsSvOxSm9uu1SUpqWtawCpR4M
XR8cmqBwrVNroqBlNOJoyx1bKNZD78ZiJeMPNwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFJvjQo8bE59UtRwq8QHLItmKOUmEMB8GA1UdIwQYMBaAFOnLFodIjPQ6czT5
76TZzfY1ck6cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NmNzV2gwaU05RHB6TlBudnBObk45alZ5VHB3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84MS9jNjBlY2UtNTYxYi00ZDE5LThhYmYtYzFmZmE3ZTViMDRhLzEv
bS1OQ2p4c1RuMVMxSENyeEFjc2kyWW81U1lRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9j
NjBlY2UtNTYxYi00ZDE5LThhYmYtYzFmZmE3ZTViMDRhLzEvNmNzV2gwaU05RHB6
TlBudnBObk45alZ5VHB3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwn7KAwQAwn7XAwQAwn7bAwQAwn7j
MA0GCSqGSIb3DQEBCwUAA4IBAQBr//2DT8ANCf+e+7KjtG021fucXwX70sPqrddv
/U2tpUdHBcw04oQf7Mf4mpJ9w0qwkC+gIQHFiFwX8qiH2+a+RKq0MYifq6UvEXEa
ebB7OZc5soyRODt+tAi8Wl76z22D24LCoooapEV+DIUNbF2xUrygxwIccjro+wSo
AWobBRl56AX75Mz6ihqLKjc5U8vJZ8nmuIoWN3kvPw/fbgIBD7N5EuaSZxg9ZcRd
TItSHF8OZM7PKMqRCarxdhM9LERnhMX9amYlD6EDGMM0O2fWSyojGWhcU0dROvXm
HgZhaZcAeqyscKkrSlQvvqeb2kVHhnpt/oLP0vT8dtZHT10Z
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:55:11 2025 by rpki-client