Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/nM77Som-zdPXAPD9CP-IXlUw7ZE.roa
File: nM77Som-zdPXAPD9CP-IXlUw7ZE.roa (raw, json)
Hash identifier: TRVwv4WGb4cA0kRtRY/Fd2cZ8gACAvySfKBX3f3SdzQ=
Subject key identifier: 9C:CE:FB:4A:89:BE:CD:D3:D7:00:F0:FD:08:FF:88:5E:55:30:ED:91
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 019421B1BAA0F6AD5F4061C62836B16D4F7C
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/nM77Som-zdPXAPD9CP-IXlUw7ZE.roa
Signing time: Wed 01 Jan 2025 11:48:03 +0000
ROA not before: Wed 01 Jan 2025 11:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 2.56.48.0/23 maxlen: 23
2.56.50.0/23 maxlen: 23
5.253.116.0/23 maxlen: 23
5.253.118.0/23 maxlen: 23
45.66.236.0/23 maxlen: 23
45.66.238.0/23 maxlen: 23
46.175.152.0/22 maxlen: 22
77.83.168.0/23 maxlen: 23
77.83.170.0/23 maxlen: 23
81.16.128.0/22 maxlen: 22
85.208.120.0/23 maxlen: 23
85.208.122.0/23 maxlen: 23
86.62.56.0/23 maxlen: 23
86.62.58.0/23 maxlen: 23
92.118.40.0/23 maxlen: 23
92.118.42.0/23 maxlen: 23
152.89.128.0/23 maxlen: 23
152.89.130.0/23 maxlen: 23
185.234.4.0/22 maxlen: 22
185.252.168.0/22 maxlen: 22
193.47.236.0/22 maxlen: 22
194.59.200.0/23 maxlen: 23
194.59.202.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ba:a0:f6:ad:5f:40:61:c6:28:36:b1:6d:4f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 1 11:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ccefb4a89becdd3d700f0fd08ff885e5530ed91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e8:d7:87:ae:57:59:89:62:10:e6:cd:74:00:
6f:aa:dc:d5:40:f5:23:29:93:6b:a5:47:fc:63:3c:
79:d2:61:3d:29:5e:5f:11:da:23:1d:d1:a3:a8:3f:
40:3f:2f:8b:70:ae:27:68:cb:f9:2d:f8:8e:1b:52:
4f:96:c0:11:a3:4f:40:af:e2:55:d2:3e:cc:0e:7d:
f6:31:da:b8:e6:b5:a6:af:dd:41:b4:18:e5:8d:8a:
0c:ff:40:63:c9:2b:e5:73:ec:44:92:9a:39:33:8f:
8f:ed:21:74:f4:32:8b:b3:19:df:ea:79:67:65:1c:
ef:c8:f9:a3:c0:3c:eb:c6:94:2d:7b:d7:37:a5:88:
80:52:e4:95:fc:fb:08:63:00:50:20:5c:0f:f0:da:
8a:e1:8a:a8:c7:5e:d4:13:fb:f5:6f:7d:5d:bf:19:
8d:8d:d0:43:28:67:e8:82:8e:f8:85:63:d6:1d:99:
27:a2:03:9b:d3:08:1a:a1:81:b8:c8:0f:ab:c5:78:
aa:f3:d6:34:e7:d7:2e:b7:f1:5d:a5:ab:39:c9:87:
15:6e:2f:db:cb:3a:67:44:28:83:55:a6:46:4a:ac:
7f:69:a0:1a:26:bf:f8:e9:a3:ff:b8:30:58:0f:f4:
d9:4e:c4:07:d9:16:85:d5:ba:e0:be:a6:3f:4e:73:
3d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CE:FB:4A:89:BE:CD:D3:D7:00:F0:FD:08:FF:88:5E:55:30:ED:91
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/nM77Som-zdPXAPD9CP-IXlUw7ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.48.0/22
5.253.116.0/22
45.66.236.0/22
46.175.152.0/22
77.83.168.0/22
81.16.128.0/22
85.208.120.0/22
86.62.56.0/22
92.118.40.0/22
152.89.128.0/22
185.234.4.0/22
185.252.168.0/22
193.47.236.0/22
194.59.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:c5:ae:18:85:ab:63:27:00:a9:6b:a2:cc:cf:23:e8:e7:5a:
9b:fb:2f:05:56:2f:27:59:a8:dd:62:5c:aa:2e:85:97:4b:7f:
e6:a9:ae:6a:af:98:b3:bf:20:9e:61:10:c7:99:be:7a:8e:f8:
33:c5:b2:ce:e4:8c:42:ab:49:69:28:25:f5:7c:4e:a6:da:32:
f7:1f:2a:99:d7:5d:cf:4f:9c:93:7a:40:01:11:6e:12:ee:76:
c2:47:60:f3:4f:07:c9:c6:13:e9:38:34:e4:e4:56:6a:be:2b:
b1:11:b8:c7:25:1b:30:dc:6f:72:67:f8:7a:f6:39:1d:7f:c4:
5e:e3:f8:2e:da:a8:9c:a8:60:03:7f:da:04:b6:b5:b3:80:e0:
0d:bc:ea:73:61:1b:b5:46:c3:0c:a9:d9:44:e5:6f:7f:e6:13:
04:83:92:48:77:52:d2:e4:2a:09:8a:68:9f:7a:07:52:16:11:
80:62:a1:c6:ba:b8:28:48:dd:db:24:8b:6f:d9:fc:e8:e8:18:
09:c6:b0:49:21:06:95:d4:01:4f:45:d9:5e:05:0d:d1:ea:38:
68:ff:0e:8f:7c:3e:02:08:5e:23:13:25:6a:9f:ef:35:a0:50:
af:a1:d4:cf:4d:53:5a:3c:56:a9:65:61:9d:32:c2:67:78:e9:
0f:61:e5:79
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQhsbqg9q1fQGHGKDaxbU98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjUwMTAxMTE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NlZmI0YTg5YmVjZGQzZDcwMGYwZmQwOGZmODg1ZTU1MzBlZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkujXh65XWYliEObNdABvqtzVQPUj
KZNrpUf8Yzx50mE9KV5fEdojHdGjqD9APy+LcK4naMv5LfiOG1JPlsARo09Ar+JV
0j7MDn32Mdq45rWmr91BtBjljYoM/0BjySvlc+xEkpo5M4+P7SF09DKLsxnf6nln
ZRzvyPmjwDzrxpQte9c3pYiAUuSV/PsIYwBQIFwP8NqK4Yqox17UE/v1b31dvxmN
jdBDKGfogo74hWPWHZknogOb0wgaoYG4yA+rxXiq89Y059cut/Fdpas5yYcVbi/b
yzpnRCiDVaZGSqx/aaAaJr/46aP/uDBYD/TZTsQH2RaF1brgvqY/TnM9bQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJzO+0qJvs3T1wDw/Qj/iF5VMO2RMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvbk03N1NvbS16ZFBYQVBEOUNQLUlYbFV3N1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCAjgwAwQC
Bf10AwQCLULsAwQCLq+YAwQCTVOoAwQCURCAAwQCVdB4AwQCVj44AwQCXHYoAwQC
mFmAAwQCueoEAwQCufyoAwQCwS/sAwQCwjvIMA0GCSqGSIb3DQEBCwUAA4IBAQCN
xa4YhatjJwCpa6LMzyPo51qb+y8FVi8nWajdYlyqLoWXS3/mqa5qr5izvyCeYRDH
mb56jvgzxbLO5IxCq0lpKCX1fE6m2jL3HyqZ113PT5yTekABEW4S7nbCR2DzTwfJ
xhPpODTk5FZqviuxEbjHJRsw3G9yZ/h69jkdf8Re4/gu2qicqGADf9oEtrWzgOAN
vOpzYRu1RsMMqdlE5W9/5hMEg5JId1LS5CoJimifegdSFhGAYqHGurgoSN3bJItv
2fzo6BgJxrBJIQaV1AFPRdleBQ3R6jho/w6PfD4CCF4jEyVqn+81oFCvodTPTVNa
PFapZWGdMsJneOkPYeV5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:59 2025 by rpki-client