Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/nCXTMKMkofLMZkm-YkbwPYUOgWc.roa
File: nCXTMKMkofLMZkm-YkbwPYUOgWc.roa (raw, json)
Hash identifier: 3Z+Ce1baNbvob1s9uM7fmEU1yI9sfAWI7ChoI4AbxYs=
Subject key identifier: 9C:25:D3:30:A3:24:A1:F2:CC:66:49:BE:62:46:F0:3D:85:0E:81:67
Certificate issuer: /CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
Certificate serial: 01828E7EAAE7169032B42AAA443987DB9D0A
Authority key identifier: 9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/nCXTMKMkofLMZkm-YkbwPYUOgWc.roa
Signing time: Thu 11 Aug 2022 20:00:42 +0000
ROA not before: Thu 11 Aug 2022 20:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 188.208.103.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:7e:aa:e7:16:90:32:b4:2a:aa:44:39:87:db:9d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
Validity
Not Before: Aug 11 20:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c25d330a324a1f2cc6649be6246f03d850e8167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4f:8f:d7:bc:32:c4:6e:4b:61:3c:8c:54:31:
b6:dd:fc:4b:0f:ed:17:a8:bb:d1:bb:a5:68:62:b7:
fd:1d:a8:48:bc:d5:fd:27:1f:c7:d3:43:c1:38:9b:
21:78:bd:9b:3c:13:8a:aa:31:49:7c:de:a6:35:e9:
74:ea:8e:a0:aa:70:a4:47:5a:5c:f2:a5:a3:1d:c7:
91:c6:cd:f9:db:34:b5:5c:15:ed:16:ac:81:0f:b1:
30:fd:c0:07:84:7f:56:68:de:eb:09:bf:fd:20:e0:
62:92:b1:e9:15:c0:c8:ce:b7:bb:d7:3b:6f:59:38:
21:c8:a7:ff:44:38:ae:4e:24:cb:50:73:1d:0c:c4:
53:84:6b:80:ca:13:16:b3:fe:3e:c9:c0:fd:69:1c:
52:d6:7b:39:a5:cb:61:2e:e7:bb:9d:a7:20:52:b4:
28:07:f1:e1:69:35:c3:37:a9:43:59:05:b8:e8:1a:
3f:3b:91:47:06:89:c1:da:ac:19:24:6c:a4:88:a8:
3a:6e:37:d7:09:67:0b:cd:2a:72:36:98:3a:61:7f:
7e:ac:fe:46:17:87:70:7b:e3:6a:24:75:ff:6e:d2:
d4:33:f5:d1:81:23:31:0b:35:3a:bd:d2:55:a9:25:
e5:01:83:4f:9d:be:e9:7c:b9:30:f3:b4:bf:5b:f8:
6f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:25:D3:30:A3:24:A1:F2:CC:66:49:BE:62:46:F0:3D:85:0E:81:67
X509v3 Authority Key Identifier:
keyid:9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/nCXTMKMkofLMZkm-YkbwPYUOgWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/mx6hXCG31V3qS9yGGxwK_J5DcDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
188.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a9:45:05:b3:c9:13:b2:84:99:6e:75:4d:f4:d6:eb:9a:5f:
56:ac:ec:05:1e:f3:b3:cb:48:b1:70:a5:09:c7:53:a3:25:96:
f7:a1:fb:05:bd:e6:2a:3d:ca:a5:d0:cc:6f:21:a2:93:90:c8:
97:97:b5:cc:3a:3c:07:b8:26:05:bb:28:96:d6:4e:ab:7f:ff:
c6:af:d1:85:40:5b:de:3b:6b:a0:18:63:53:2b:e0:81:6c:95:
e5:ff:c9:7e:6a:fe:f8:d1:c6:f5:4d:d8:93:52:7b:93:44:ce:
27:cb:04:96:34:04:ac:5f:12:ee:1d:d0:0c:f7:29:a3:7a:c6:
0a:4e:f2:8d:b0:61:b4:f5:e4:52:8a:53:21:b0:88:58:84:e1:
d8:3c:18:4c:5e:91:13:70:f1:3a:39:73:4f:0d:75:47:c1:2a:
80:4f:58:ca:e5:74:59:5f:13:f4:24:08:01:11:94:2f:01:fa:
1e:54:72:35:73:45:9c:a2:ab:ae:24:08:e6:0f:ea:b6:93:c5:
f3:bf:b6:b4:61:dd:c0:e0:f3:11:78:5c:d3:ce:36:6b:ed:bd:
bb:dc:a2:0b:16:ef:a8:be:28:41:44:cd:36:d4:06:a5:b7:7d:
5f:c4:e2:7c:b3:24:2c:ff:0a:42:87:e1:31:36:a4:1d:bc:c3:
72:58:35:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKOfqrnFpAytCqqRDmH250KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMWVhMTVjMjFiN2Q1NWRlYTRiZGM4NjFiMWMwYWZjOWU0
MzcwMzEwHhcNMjIwODExMjAwMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI1ZDMzMGEzMjRhMWYyY2M2NjQ5YmU2MjQ2ZjAzZDg1MGU4MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0+P17wyxG5LYTyMVDG23fxLD+0X
qLvRu6VoYrf9HahIvNX9Jx/H00PBOJsheL2bPBOKqjFJfN6mNel06o6gqnCkR1pc
8qWjHceRxs352zS1XBXtFqyBD7Ew/cAHhH9WaN7rCb/9IOBikrHpFcDIzre71ztv
WTghyKf/RDiuTiTLUHMdDMRThGuAyhMWs/4+ycD9aRxS1ns5pcthLue7nacgUrQo
B/HhaTXDN6lDWQW46Bo/O5FHBonB2qwZJGykiKg6bjfXCWcLzSpyNpg6YX9+rP5G
F4dwe+NqJHX/btLUM/XRgSMxCzU6vdJVqSXlAYNPnb7pfLkw87S/W/hvSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJwl0zCjJKHyzGZJvmJG8D2FDoFnMB8GA1UdIwQY
MBaAFJseoVwht9Vd6kvchhscCvyeQ3AxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXg2aFhDRzMxVjNxUzl5R0d4d0tfSjVEY0RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWUwMWYtZTk3Ni00ODAzLTk2MWUt
OTRjZjIyZGVlNWZlLzEvbkNYVE1LTWtvZkxNWmttLVlrYndQWVVPZ1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85ZWUwMWYtZTk3Ni00ODAzLTk2MWUtOTRjZjIyZGVlNWZl
LzEvbXg2aFhDRzMxVjNxUzl5R0d4d0tfSjVEY0RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPsCYAwQA
vNBnMA0GCSqGSIb3DQEBCwUAA4IBAQCXqUUFs8kTsoSZbnVN9Nbrml9WrOwFHvOz
y0ixcKUJx1OjJZb3ofsFveYqPcql0MxvIaKTkMiXl7XMOjwHuCYFuyiW1k6rf//G
r9GFQFveO2ugGGNTK+CBbJXl/8l+av740cb1TdiTUnuTRM4nywSWNASsXxLuHdAM
9ymjesYKTvKNsGG09eRSilMhsIhYhOHYPBhMXpETcPE6OXNPDXVHwSqAT1jK5XRZ
XxP0JAgBEZQvAfoeVHI1c0WcoquuJAjmD+q2k8Xzv7a0Yd3A4PMReFzTzjZr7b27
3KILFu+ovihBRM021Aalt31fxOJ8syQs/wpCh+ExNqQdvMNyWDXX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-ams.rpki-client.org