Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/NKSWSDVEwphuypumRiIZypRW5e4.roa
File: NKSWSDVEwphuypumRiIZypRW5e4.roa (raw, json)
Hash identifier: 4FpNvQ7xyX9y8L5rI4KejlkqclmAJJZtoH1H8+8ilmE=
Subject key identifier: 34:A4:96:48:35:44:C2:98:6E:CA:9B:A6:46:22:19:CA:94:56:E5:EE
Certificate issuer: /CN=6dd2e9b3a4d7b24b3a6aa14f3eda3f14fa29c76b
Certificate serial: 325B58CD
Authority key identifier: 6D:D2:E9:B3:A4:D7:B2:4B:3A:6A:A1:4F:3E:DA:3F:14:FA:29:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdLps6TXsks6aqFPPto_FPopx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/NKSWSDVEwphuypumRiIZypRW5e4.roa
Signing time: Tue 14 Jun 2022 12:07:45 +0000
ROA not before: Tue 14 Jun 2022 12:07:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39246
IP address blocks: 77.78.134.0/24 maxlen: 24
77.78.133.0/24 maxlen: 24
77.78.139.0/24 maxlen: 24
77.78.138.0/24 maxlen: 24
77.78.137.0/24 maxlen: 24
77.78.136.0/24 maxlen: 24
77.78.135.0/24 maxlen: 24
77.78.143.0/24 maxlen: 24
77.78.142.0/24 maxlen: 24
77.78.141.0/24 maxlen: 24
77.78.140.0/24 maxlen: 24
77.78.132.0/24 maxlen: 24
77.78.131.0/24 maxlen: 24
77.78.129.0/24 maxlen: 24
77.78.128.0/24 maxlen: 24
109.121.132.0/24 maxlen: 24
109.121.131.0/24 maxlen: 24
109.121.130.0/24 maxlen: 24
109.121.129.0/24 maxlen: 24
109.121.151.0/24 maxlen: 24
109.121.150.0/24 maxlen: 24
109.121.149.0/24 maxlen: 24
109.121.148.0/24 maxlen: 24
109.121.155.0/24 maxlen: 24
109.121.154.0/24 maxlen: 24
62.192.132.0/24 maxlen: 24
62.192.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 844847309 (0x325b58cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dd2e9b3a4d7b24b3a6aa14f3eda3f14fa29c76b
Validity
Not Before: Jun 14 12:07:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a496483544c2986eca9ba6462219ca9456e5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0e:af:77:61:12:07:7a:2d:4b:de:bb:bf:af:
99:53:f2:e2:8c:cf:a0:4b:39:75:90:a7:8f:64:86:
be:6c:bc:1f:de:ca:1e:9e:9c:fe:cf:b3:d2:7b:0b:
f7:c2:b9:4a:9c:f7:e9:1a:08:8b:e9:a1:ff:da:bc:
c0:46:1f:4a:41:3f:be:68:e0:3a:44:9f:4c:63:94:
7e:19:1f:10:ef:78:e7:3a:af:93:fc:35:e5:c3:43:
65:59:a6:73:79:2d:99:89:43:7c:d5:9b:55:48:aa:
18:12:5d:7b:31:b1:c3:9e:07:7c:78:02:15:12:c8:
76:64:f0:62:84:bd:8c:1d:45:e0:0a:ae:fb:c0:8e:
62:58:cb:43:ec:b4:db:2b:1b:df:3f:54:ee:c1:4a:
d8:fd:fa:46:5c:01:a2:d7:f3:b7:7d:43:75:35:58:
94:9e:f9:fc:be:2c:0e:01:68:9f:1e:30:89:77:dc:
be:81:6d:a2:a8:95:cd:d0:5c:9b:8f:0b:94:e7:33:
b6:04:0a:27:d7:f4:cb:19:f4:ef:ee:61:85:78:d9:
7d:98:e2:f7:98:73:f4:6f:4a:7c:cc:a1:38:d5:80:
37:59:65:94:1b:e3:63:ef:e3:ec:00:e6:30:1e:c1:
3d:6d:e4:0d:29:7d:8c:62:62:17:a1:c4:1e:e0:cf:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A4:96:48:35:44:C2:98:6E:CA:9B:A6:46:22:19:CA:94:56:E5:EE
X509v3 Authority Key Identifier:
keyid:6D:D2:E9:B3:A4:D7:B2:4B:3A:6A:A1:4F:3E:DA:3F:14:FA:29:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdLps6TXsks6aqFPPto_FPopx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/NKSWSDVEwphuypumRiIZypRW5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/bdLps6TXsks6aqFPPto_FPopx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.132.0/23
77.78.128.0/23
77.78.131.0-77.78.143.255
109.121.129.0-109.121.132.255
109.121.148.0/22
109.121.154.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:f8:25:8b:aa:de:4e:2f:fd:e7:07:09:2c:d7:3d:2c:20:74:
21:df:36:5c:fd:3d:a1:fb:7f:b0:ff:2b:d3:a6:61:3f:5f:91:
95:3a:ee:f2:51:33:b4:31:18:b4:60:e3:36:60:d2:4c:42:0b:
57:a5:e6:f9:49:8b:a2:ec:9b:ee:c9:6f:cd:69:08:5a:ef:38:
f8:93:4c:78:c6:9f:5f:fa:9b:d1:6a:66:de:42:00:2c:a8:76:
7c:c9:da:42:fc:9a:c0:5f:47:18:cb:0d:4f:23:ee:5a:f1:4f:
cf:b7:b0:e5:75:c6:fb:5c:4d:15:2d:32:3e:91:77:6b:21:57:
03:49:00:03:88:49:45:60:25:c6:d1:37:dd:a3:43:8f:55:10:
78:fb:67:66:d6:1e:0a:53:c8:58:8f:90:fe:97:bb:63:ba:eb:
28:4e:e3:43:aa:fc:91:c6:20:48:c0:ec:7b:15:b0:3d:a1:f2:
24:53:0b:a7:df:bb:51:19:42:8d:da:86:a6:35:ae:c3:4a:32:
4b:04:00:e7:44:1e:96:aa:a7:b2:47:6c:22:27:65:33:91:49:
08:ce:b1:cf:17:04:15:55:af:61:cd:f0:7c:6f:c5:23:b7:25:
b3:c3:67:b7:27:37:35:15:0f:ce:e2:26:d2:f1:bd:58:48:06:
25:e5:64:00
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEMltYzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGQyZTliM2E0ZDdiMjRiM2E2YWExNGYzZWRhM2YxNGZhMjljNzZiMB4XDTIyMDYx
NDEyMDc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRhNDk2NDgzNTQ0
YzI5ODZlY2E5YmE2NDYyMjE5Y2E5NDU2ZTVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsOr3dhEgd6LUveu7+vmVPy4ozPoEs5dZCnj2SGvmy8H97K
Hp6c/s+z0nsL98K5Spz36RoIi+mh/9q8wEYfSkE/vmjgOkSfTGOUfhkfEO945zqv
k/w15cNDZVmmc3ktmYlDfNWbVUiqGBJdezGxw54HfHgCFRLIdmTwYoS9jB1F4Aqu
+8COYljLQ+y02ysb3z9U7sFK2P36RlwBotfzt31DdTVYlJ75/L4sDgFonx4wiXfc
voFtoqiVzdBcm48LlOcztgQKJ9f0yxn07+5hhXjZfZji95hz9G9KfMyhONWAN1ll
lBvjY+/j7ADmMB7BPW3kDSl9jGJiF6HEHuDPZC8CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQ0pJZINUTCmG7Km6ZGIhnKlFbl7jAfBgNVHSMEGDAWgBRt0umzpNeySzpq
oU8+2j8U+inHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkTHBzNlRYc2tzNmFxRlBQdG9fRlBvcHgycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvY2Q5YmM4LTExYzUtNGY1YS1iYjI1LTQ1YWU3YjNkYWU2OC8x
L05LU1dTRFZFd3BodXlwdW1SaUlaeXBSVzVlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
Y2Q5YmM4LTExYzUtNGY1YS1iYjI1LTQ1YWU3YjNkYWU2OC8xL2JkTHBzNlRYc2tz
NmFxRlBQdG9fRlBvcHgycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAT7AhAMEAU1OgDAMAwQATU6DAwQE
TU6AMAwDBABteYEDBABteYQDBAJteZQDBAFteZowDQYJKoZIhvcNAQELBQADggEB
AI74JYuq3k4v/ecHCSzXPSwgdCHfNlz9PaH7f7D/K9OmYT9fkZU67vJRM7QxGLRg
4zZg0kxCC1el5vlJi6Lsm+7Jb81pCFrvOPiTTHjGn1/6m9FqZt5CACyodnzJ2kL8
msBfRxjLDU8j7lrxT8+3sOV1xvtcTRUtMj6Rd2shVwNJAAOISUVgJcbRN92jQ49V
EHj7Z2bWHgpTyFiPkP6Xu2O66yhO40Oq/JHGIEjA7HsVsD2h8iRTC6ffu1EZQo3a
hqY1rsNKMksEAOdEHpaqp7JHbCInZTORSQjOsc8XBBVVr2HN8HxvxSO3JbPDZ7cn
NzUVD87iJtLxvVhIBiXlZAA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:20:37 2025 by rpki-client