Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/ngX-mhV2SRQ0ZEw0rnf2UBUYeNE.roa
File: ngX-mhV2SRQ0ZEw0rnf2UBUYeNE.roa (raw, json)
Hash identifier: k8Lzi4hajFiz/j6Czvzj7Px2dJ/lLl1bEpnzEfmJ1Z4=
Subject key identifier: 9E:05:FE:9A:15:76:49:14:34:64:4C:34:AE:77:F6:50:15:18:78:D1
Certificate issuer: /CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Certificate serial: 018570427B39DA12C22DE8BBC99AD28D744C
Authority key identifier: 51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/ngX-mhV2SRQ0ZEw0rnf2UBUYeNE.roa
Signing time: Mon 02 Jan 2023 02:14:43 +0000
ROA not before: Mon 02 Jan 2023 02:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51469
IP address blocks: 217.170.242.0/23 maxlen: 23
217.170.246.0/23 maxlen: 23
217.170.244.0/23 maxlen: 23
217.170.248.0/23 maxlen: 23
217.170.252.0/23 maxlen: 23
217.170.250.0/23 maxlen: 23
31.171.216.0/23 maxlen: 23
217.170.254.0/23 maxlen: 23
185.16.232.0/23 maxlen: 23
31.171.218.0/23 maxlen: 23
31.171.222.0/23 maxlen: 23
185.16.234.0/23 maxlen: 23
31.171.220.0/23 maxlen: 23
217.170.240.0/23 maxlen: 23
2a00:6380::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:7b:39:da:12:c2:2d:e8:bb:c9:9a:d2:8d:74:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Validity
Not Before: Jan 2 02:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e05fe9a1576491434644c34ae77f650151878d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b9:97:dc:07:f4:74:f7:f1:ae:69:81:ed:63:
a4:9a:07:d6:01:e1:ef:c8:f7:ef:9c:37:1d:78:ed:
d3:41:2d:34:f5:43:a3:65:da:d6:76:72:27:ca:dd:
9f:45:29:d3:9f:21:21:29:82:81:40:b1:12:59:06:
df:14:0e:4f:92:66:c0:4b:61:80:85:94:01:27:d5:
03:c5:fb:2a:f4:a5:b8:c8:1b:e6:c8:e7:87:30:86:
83:ad:df:f6:3e:4f:a8:f4:89:dc:f8:14:cc:7c:d3:
2c:a7:5b:d4:53:ad:b5:cb:e5:23:a9:6e:bd:ac:10:
e0:2c:4b:56:aa:da:46:96:c5:35:d5:2b:80:65:43:
6e:8a:34:f9:9a:92:ba:29:b9:83:c4:a1:22:3b:c8:
ad:50:ba:f9:93:8f:3b:5c:52:47:b9:86:61:a6:07:
c5:e7:40:17:fd:62:3b:05:e0:b2:dc:b7:e2:5d:c6:
e8:42:b3:0c:fe:21:4a:21:3a:ae:74:b2:01:1c:65:
87:5d:e2:96:0e:1b:f4:2f:58:3e:50:70:38:11:93:
97:0d:e0:32:45:8d:75:3c:e2:31:56:f1:50:b6:c2:
6e:4c:c8:74:d1:ce:7d:aa:1d:f9:59:ec:7e:04:df:
ff:c1:e1:ea:df:51:83:68:f1:f9:8a:f6:ff:dd:07:
32:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:05:FE:9A:15:76:49:14:34:64:4C:34:AE:77:F6:50:15:18:78:D1
X509v3 Authority Key Identifier:
keyid:51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/ngX-mhV2SRQ0ZEw0rnf2UBUYeNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/Ue4aZ3JetKdkpYe8Nwed676B-2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.216.0/21
185.16.232.0/22
217.170.240.0/20
IPv6:
2a00:6380::/32
Signature Algorithm: sha256WithRSAEncryption
0a:e4:79:4c:e0:67:55:8c:2e:e3:f3:34:da:8e:e6:9b:49:16:
ed:35:41:ad:da:19:87:d8:d1:a7:28:22:04:c3:13:12:a2:02:
13:47:b2:8f:34:52:ae:da:dd:e3:9f:48:9f:a9:b0:4f:f7:d9:
73:65:23:c1:bb:c2:8d:b9:f4:ce:b9:96:77:84:ef:b8:1a:43:
14:44:14:c0:9d:f2:35:4f:86:0d:56:69:44:2b:c0:7d:1e:86:
91:b3:4b:94:aa:4d:0f:93:d0:6a:1b:37:23:d7:98:eb:ff:9a:
58:91:86:4a:4f:3a:38:d4:d3:8c:10:66:63:36:a7:cc:6a:be:
6a:d6:96:e9:8c:9e:cb:27:45:09:a5:f0:dd:6a:05:fd:49:74:
d9:4d:c7:78:71:59:55:69:4f:7c:57:ae:34:45:95:17:1d:98:
57:5d:81:84:21:1d:a1:24:bf:bb:47:24:f8:48:b7:64:eb:ce:
b6:28:a7:4c:dc:9a:2c:7e:33:e9:73:83:c4:be:07:ec:bf:35:
ee:b6:65:fd:4e:17:8e:d2:1c:72:d6:ee:54:ad:d4:28:42:ea:
ee:73:7b:6d:54:06:df:10:de:12:16:91:31:60:8e:15:24:f9:
09:20:70:54:ae:ae:82:99:0d:97:c6:8b:f7:d8:fc:b0:11:b1:
5b:85:38:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwQns52hLCLei7yZrSjXRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWUxYTY3NzI1ZWI0YTc2NGE1ODdiYzM3MDc5ZGViYmU4
MWZiNjQwHhcNMjMwMTAyMDIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA1ZmU5YTE1NzY0OTE0MzQ2NDRjMzRhZTc3ZjY1MDE1MTg3OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLmX3Af0dPfxrmmB7WOkmgfWAeHv
yPfvnDcdeO3TQS009UOjZdrWdnInyt2fRSnTnyEhKYKBQLESWQbfFA5PkmbAS2GA
hZQBJ9UDxfsq9KW4yBvmyOeHMIaDrd/2Pk+o9Inc+BTMfNMsp1vUU621y+UjqW69
rBDgLEtWqtpGlsU11SuAZUNuijT5mpK6KbmDxKEiO8itULr5k487XFJHuYZhpgfF
50AX/WI7BeCy3LfiXcboQrMM/iFKITqudLIBHGWHXeKWDhv0L1g+UHA4EZOXDeAy
RY11POIxVvFQtsJuTMh00c59qh35Wex+BN//weHq31GDaPH5ivb/3QcyjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ4F/poVdkkUNGRMNK539lAVGHjRMB8GA1UdIwQY
MBaAFFHuGmdyXrSnZKWHvDcHneu+gftkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWU0YVozSmV0S2RrcFllOE53ZWQ2NzZCLTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lMGYzYmItYTA5OS00Nzg1LTg5Mjkt
M2Q3ZjkyYzIzYThiLzEvbmdYLW1oVjJTUlEwWkV3MHJuZjJVQlVZZU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lMGYzYmItYTA5OS00Nzg1LTg5MjktM2Q3ZjkyYzIzYThi
LzEvVWU0YVozSmV0S2RrcFllOE53ZWQ2NzZCLTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6vYAwQC
uRDoAwQE2arwMA0EAgACMAcDBQAqAGOAMA0GCSqGSIb3DQEBCwUAA4IBAQAK5HlM
4GdVjC7j8zTajuabSRbtNUGt2hmH2NGnKCIEwxMSogITR7KPNFKu2t3jn0ifqbBP
99lzZSPBu8KNufTOuZZ3hO+4GkMURBTAnfI1T4YNVmlEK8B9HoaRs0uUqk0Pk9Bq
Gzcj15jr/5pYkYZKTzo41NOMEGZjNqfMar5q1pbpjJ7LJ0UJpfDdagX9SXTZTcd4
cVlVaU98V640RZUXHZhXXYGEIR2hJL+7RyT4SLdk6862KKdM3JosfjPpc4PEvgfs
vzXutmX9TheO0hxy1u5UrdQoQuruc3ttVAbfEN4SFpExYI4VJPkJIHBUrq6CmQ2X
xov32PywEbFbhThO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:33 2025 by rpki-client