Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/j_qsRZSgM-JkqX598f6f_NRP1j4.roa
File: j_qsRZSgM-JkqX598f6f_NRP1j4.roa (raw, json)
Hash identifier: 3QGAWbh2pO8TreTXrqyE3eDcpS7yIOc7zBZs4aVwkG8=
Subject key identifier: 8F:FA:AC:45:94:A0:33:E2:64:A9:7E:7D:F1:FE:9F:FC:D4:4F:D6:3E
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018C272DCA6123665A337EB5E154166D1BC2
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/j_qsRZSgM-JkqX598f6f_NRP1j4.roa
Signing time: Fri 01 Dec 2023 20:59:21 +0000
ROA not before: Fri 01 Dec 2023 20:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48108
IP address blocks: 176.116.0.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
185.235.230.0/24 maxlen: 24
31.222.227.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:27:2d:ca:61:23:66:5a:33:7e:b5:e1:54:16:6d:1b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Dec 1 20:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ffaac4594a033e264a97e7df1fe9ffcd44fd63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:40:cf:32:46:11:48:3c:31:c2:68:c1:d7:
50:8f:11:7b:41:12:f2:44:03:6f:84:41:57:1c:ef:
da:32:bb:13:2c:86:f4:1a:7c:5d:ec:a3:eb:fb:36:
79:e7:a5:b5:cb:2d:1f:3d:a7:b4:5a:97:47:07:5e:
05:4f:77:26:a8:19:03:aa:78:07:55:ab:c2:4e:c1:
d6:3f:c3:fb:5a:18:e5:4d:dc:70:37:70:da:7c:72:
fa:d6:f8:f5:6a:e2:30:f0:f2:33:ba:b1:07:42:7f:
14:40:a2:81:22:4c:bf:03:da:60:82:f6:61:d0:4d:
d6:88:60:db:60:cb:99:cf:d3:17:1b:ba:0d:41:32:
dd:30:c6:af:07:92:64:46:12:3e:49:c1:d1:f1:81:
be:50:e4:54:6a:bd:4f:f6:be:8f:d8:b5:71:0c:33:
ee:d9:64:a1:ba:83:6f:78:4e:bb:2c:a1:d0:85:03:
ae:f9:1c:cc:84:59:24:db:c9:f8:89:30:19:a8:2f:
84:bd:af:d5:2c:08:dc:eb:75:fd:f8:42:73:e7:17:
3f:f0:e7:8c:28:95:e2:36:e4:43:a7:e3:f0:83:42:
cb:36:b7:5d:cf:fb:b5:05:3d:b4:ea:85:ed:61:31:
33:2e:37:e3:c0:26:bf:90:c6:5a:05:ff:5b:f6:53:
b2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:FA:AC:45:94:A0:33:E2:64:A9:7E:7D:F1:FE:9F:FC:D4:4F:D6:3E
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/j_qsRZSgM-JkqX598f6f_NRP1j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
146.19.84.0/24
176.116.0.0/24
185.235.230.0/24
IPv6:
2001:678:e30::/48
Signature Algorithm: sha256WithRSAEncryption
61:87:7a:b2:26:a6:9e:3b:b2:ee:0a:81:c8:42:1f:3b:f8:e5:
85:fa:ba:52:63:bc:04:d7:39:d3:86:97:95:b3:2b:fa:97:03:
63:4b:52:c0:6a:88:d2:22:5e:72:90:3d:c1:c0:7e:1f:b3:2f:
ae:99:53:32:a0:17:03:37:2b:ce:c8:23:98:ae:f1:14:5d:2f:
95:d4:83:8c:99:71:5e:a6:e0:47:2a:5f:11:6d:e9:74:07:ae:
ea:cd:0a:55:7c:bd:44:5a:d2:63:b1:bd:e1:f0:6c:d2:af:e9:
b6:f8:ad:c4:f4:1b:d4:5d:0b:e2:ee:40:3b:06:f0:33:98:1d:
9b:d6:bd:fd:fe:2e:3c:ea:eb:e5:e1:63:20:34:74:b0:00:44:
d5:9e:ab:d2:59:29:67:78:09:6c:df:ae:44:3f:47:d2:fd:7b:
57:63:b7:31:c5:ef:92:98:05:ba:25:36:7c:04:62:73:bb:24:
d1:c9:7d:a1:70:17:fd:d2:cf:bb:b9:ec:b9:26:79:10:66:b9:
e1:40:53:74:4a:73:d4:3d:a8:bd:cb:bd:14:3e:33:40:6f:e7:
50:f6:da:bc:89:6d:67:1c:57:eb:6c:09:8d:72:55:72:59:9a:
f8:02:20:32:7b:07:35:c1:8a:4b:a3:68:d6:37:de:de:f9:45:
a3:3f:02:37
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYwnLcphI2ZaM3614VQWbRvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjMxMjAxMjA1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmZhYWM0NTk0YTAzM2UyNjRhOTdlN2RmMWZlOWZmY2Q0NGZkNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5AzzJGEUg8McJowddQjxF7QRLy
RANvhEFXHO/aMrsTLIb0Gnxd7KPr+zZ556W1yy0fPae0WpdHB14FT3cmqBkDqngH
VavCTsHWP8P7WhjlTdxwN3DafHL61vj1auIw8PIzurEHQn8UQKKBIky/A9pggvZh
0E3WiGDbYMuZz9MXG7oNQTLdMMavB5JkRhI+ScHR8YG+UORUar1P9r6P2LVxDDPu
2WShuoNveE67LKHQhQOu+RzMhFkk28n4iTAZqC+Eva/VLAjc63X9+EJz5xc/8OeM
KJXiNuRDp+Pwg0LLNrddz/u1BT206oXtYTEzLjfjwCa/kMZaBf9b9lOyZwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFI/6rEWUoDPiZKl+ffH+n/zUT9Y+MB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEval9xc1JaU2dNLUprcVg1OThmNmZfTlJQMWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAH97jAwQA
XveJAwQAkhNUAwQAsHQAAwQAuevmMA8EAgACMAkDBwAgAQZ4DjAwDQYJKoZIhvcN
AQELBQADggEBAGGHerImpp47su4KgchCHzv45YX6ulJjvATXOdOGl5WzK/qXA2NL
UsBqiNIiXnKQPcHAfh+zL66ZUzKgFwM3K87II5iu8RRdL5XUg4yZcV6m4EcqXxFt
6XQHrurNClV8vURa0mOxveHwbNKv6bb4rcT0G9RdC+LuQDsG8DOYHZvWvf3+Ljzq
6+XhYyA0dLAARNWeq9JZKWd4CWzfrkQ/R9L9e1djtzHF75KYBbolNnwEYnO7JNHJ
faFwF/3Sz7u57LkmeRBmueFAU3RKc9Q9qL3LvRQ+M0Bv51D22ryJbWccV+tsCY1y
VXJZmvgCIDJ7BzXBikujaNY33t75RaM/Ajc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:51:56 2025 by rpki-client