Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/nKaRFEx6C2AJ4uG53aPWdy8GbKg.roa
File: nKaRFEx6C2AJ4uG53aPWdy8GbKg.roa (raw, json)
Hash identifier: Mg460YaYJGsEEFWaLRzhqDm52ak2hrCD+X2CBARI3DE=
Subject key identifier: 9C:A6:91:14:4C:7A:0B:60:09:E2:E1:B9:DD:A3:D6:77:2F:06:6C:A8
Certificate issuer: /CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Certificate serial: 018CCA2972F516D3B46452D40BDE7A3A0E56
Authority key identifier: B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/nKaRFEx6C2AJ4uG53aPWdy8GbKg.roa
Signing time: Tue 02 Jan 2024 12:32:42 +0000
ROA not before: Tue 02 Jan 2024 12:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57728
IP address blocks: 81.25.16.0/21 maxlen: 21
81.25.24.0/21 maxlen: 21
185.255.116.0/22 maxlen: 22
109.234.40.0/21 maxlen: 21
2a00:1807::/32 maxlen: 32
2a00:1800::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:72:f5:16:d3:b4:64:52:d4:0b:de:7a:3a:0e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Validity
Not Before: Jan 2 12:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca691144c7a0b6009e2e1b9dda3d6772f066ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5a:bd:c7:46:73:9a:8c:b2:53:b1:ad:f7:3e:
0c:28:21:4c:b1:fb:1a:49:26:db:f1:2a:da:25:d5:
3b:ca:11:f1:e0:d1:69:22:01:1f:7e:09:05:1e:a8:
2d:34:93:7e:d9:f6:01:91:ed:0f:1b:c2:0d:78:be:
2d:02:0f:a1:56:fd:be:c9:fb:a2:2b:b6:61:c2:77:
f1:e8:ef:01:a1:9a:97:5e:56:1b:0b:21:16:18:c9:
08:89:78:7d:af:5a:7e:b0:cc:68:97:06:c6:80:77:
7b:47:6f:60:8a:74:4e:3a:76:a3:4b:2b:d1:62:e3:
23:5f:e1:37:e3:fa:bd:b2:2f:9b:31:df:e1:d5:7a:
cc:6e:a3:94:d3:98:f5:1c:c1:72:79:0f:b2:04:52:
c1:58:ee:0d:6b:02:60:1c:aa:c6:81:c3:a6:f3:d0:
42:7c:b8:76:b9:64:07:7f:66:56:b1:08:55:4c:6d:
0d:9b:76:42:b6:dd:c3:56:5d:44:06:c9:c5:be:4f:
41:b8:bc:ab:b0:c9:11:66:d4:89:e7:b6:c6:14:ce:
f7:53:fc:c1:3f:a9:df:cc:7a:05:2e:f3:80:40:78:
a0:b2:d6:c1:f5:9f:aa:26:dd:68:ff:25:32:09:c3:
68:25:15:4f:2a:8e:d0:fa:34:fa:cb:59:a4:74:c0:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A6:91:14:4C:7A:0B:60:09:E2:E1:B9:DD:A3:D6:77:2F:06:6C:A8
X509v3 Authority Key Identifier:
keyid:B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/nKaRFEx6C2AJ4uG53aPWdy8GbKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.16.0/20
109.234.40.0/21
185.255.116.0/22
IPv6:
2a00:1800::/32
2a00:1807::/32
Signature Algorithm: sha256WithRSAEncryption
83:62:f7:7e:8f:5b:00:32:2b:c3:70:38:43:25:af:86:21:48:
a1:eb:e6:bf:a7:f8:b7:aa:eb:6c:c8:ee:0b:a4:04:ae:2d:6a:
4f:44:d4:ab:a3:8d:29:48:16:f1:81:6c:b3:1b:32:39:b7:cf:
e5:d2:b7:ba:1b:96:b9:a6:64:c3:9d:e5:e9:f0:6a:c3:21:ad:
03:18:82:eb:be:05:32:eb:8b:a8:32:d3:93:38:a6:f9:62:12:
5b:aa:ca:dd:78:43:22:e2:57:31:47:b3:ee:68:27:85:fb:11:
9b:50:fd:cf:8f:88:81:de:05:b5:c0:fc:e0:88:3f:bb:a1:69:
8d:bc:a1:3d:57:36:d1:b7:12:6f:48:20:d8:62:2b:ce:6f:ec:
ae:36:58:23:f7:eb:4b:7d:2f:f3:a5:56:50:94:0a:6c:74:d9:
bc:3c:1f:f9:1f:3f:f9:4d:59:1a:6c:c3:b5:71:e7:3a:68:ea:
1c:b6:0b:85:cf:ee:4c:5b:4d:60:b0:f1:05:30:e9:16:f8:19:
27:48:cb:91:bf:5c:fa:dc:55:16:b9:d7:ec:83:ba:3d:1e:b7:
15:11:42:ea:21:88:b7:df:f7:de:8b:14:df:1b:ab:d2:30:40:
9f:4c:fd:58:95:f9:17:13:e2:4d:84:11:58:c8:b7:c1:fd:d1:
bb:79:e9:a7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzKKXL1FtO0ZFLUC956Og5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTQzOTIwOTU2ODAyYThlYjRiNDYyN2EyZmY0ZjM5ODdl
YzFhM2QwHhcNMjQwMTAyMTIzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E2OTExNDRjN2EwYjYwMDllMmUxYjlkZGEzZDY3NzJmMDY2Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlq9x0ZzmoyyU7Gt9z4MKCFMsfsa
SSbb8SraJdU7yhHx4NFpIgEffgkFHqgtNJN+2fYBke0PG8INeL4tAg+hVv2+yfui
K7Zhwnfx6O8BoZqXXlYbCyEWGMkIiXh9r1p+sMxolwbGgHd7R29ginROOnajSyvR
YuMjX+E34/q9si+bMd/h1XrMbqOU05j1HMFyeQ+yBFLBWO4NawJgHKrGgcOm89BC
fLh2uWQHf2ZWsQhVTG0Nm3ZCtt3DVl1EBsnFvk9BuLyrsMkRZtSJ57bGFM73U/zB
P6nfzHoFLvOAQHigstbB9Z+qJt1o/yUyCcNoJRVPKo7Q+jT6y1mkdMDe0QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJymkRRMegtgCeLhud2j1ncvBmyoMB8GA1UdIwQY
MBaAFLMUOSCVaAKo60tGJ6L/TzmH7Bo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzkt
NmVmMmI5ZDdmMTA0LzEvbkthUkZFeDZDMkFKNHVHNTNhUFdkeThHYktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzktNmVmMmI5ZDdmMTA0
LzEvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEURkQAwQD
beooAwQCuf90MBQEAgACMA4DBQAqABgAAwUAKgAYBzANBgkqhkiG9w0BAQsFAAOC
AQEAg2L3fo9bADIrw3A4QyWvhiFIoevmv6f4t6rrbMjuC6QEri1qT0TUq6ONKUgW
8YFssxsyObfP5dK3uhuWuaZkw53l6fBqwyGtAxiC674FMuuLqDLTkzim+WISW6rK
3XhDIuJXMUez7mgnhfsRm1D9z4+Igd4FtcD84Ig/u6FpjbyhPVc20bcSb0gg2GIr
zm/srjZYI/frS30v86VWUJQKbHTZvDwf+R8/+U1ZGmzDtXHnOmjqHLYLhc/uTFtN
YLDxBTDpFvgZJ0jLkb9c+txVFrnX7IO6PR63FRFC6iGIt9/33osU3xur0jBAn0z9
WJX5FxPiTYQRWMi3wf3Ru3nppw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:48 2025 by rpki-client