Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nGBjAS50ZWUQyHsLXp8W0vAh4k4.roa
File: nGBjAS50ZWUQyHsLXp8W0vAh4k4.roa (raw, json)
Hash identifier: y81IxGz/LY+K47msFHejuuSsIzM8aNAmxxFGmm2VV2Y=
Subject key identifier: 9C:60:63:01:2E:74:65:65:10:C8:7B:0B:5E:9F:16:D2:F0:21:E2:4E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427486CC7ADB44F07867025EF35C872B1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nGBjAS50ZWUQyHsLXp8W0vAh4k4.roa
Signing time: Thu 02 Jan 2025 13:50:45 +0000
ROA not before: Thu 02 Jan 2025 13:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200606
IP address blocks: 192.36.31.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
193.182.110.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
194.14.135.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6c:c7:ad:b4:4f:07:86:70:25:ef:35:c8:72:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c6063012e74656510c87b0b5e9f16d2f021e24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:9e:09:16:4b:9c:0e:7d:41:f5:14:f4:7c:
2c:51:52:4f:6a:c1:ab:43:ac:86:2e:c8:4b:93:13:
5b:33:c8:fc:0f:74:88:63:61:dc:d4:97:69:0c:9b:
81:7c:58:45:b1:cb:97:be:d3:a1:fc:22:30:e6:4f:
fb:39:cf:c9:50:ff:36:90:c3:15:95:d8:3c:86:31:
cc:f9:60:32:6a:74:e0:82:96:3b:aa:35:0c:8c:cc:
29:17:d6:f8:eb:ff:5a:0e:a3:51:10:b9:d8:ac:98:
7e:3d:f6:6f:e2:4e:f7:5b:cf:5a:c4:51:75:68:0f:
24:ce:82:80:f7:47:59:e6:c0:fd:56:bb:f0:ad:c5:
32:a3:63:65:d8:3c:66:db:70:b4:fb:c6:9c:af:6c:
d6:13:f0:45:0f:91:4b:3c:80:a8:4e:77:2d:72:d2:
fc:95:18:47:3f:f8:9e:e3:b3:08:b5:21:9d:ea:de:
3a:e5:78:56:23:98:e7:85:eb:af:c9:3a:58:71:30:
e8:64:43:98:a2:4e:33:1e:0a:df:b4:5e:72:89:c8:
76:d8:cc:4d:06:8d:e0:ce:dc:fe:62:9d:21:7a:0f:
7d:a6:16:25:d6:fa:25:ba:a6:cb:96:30:d3:0c:46:
d8:72:0e:79:1d:95:ea:9b:24:1f:78:03:97:67:88:
56:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:63:01:2E:74:65:65:10:C8:7B:0B:5E:9F:16:D2:F0:21:E2:4E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nGBjAS50ZWUQyHsLXp8W0vAh4k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.121.226.0/24
192.165.131.0/24
193.182.110.0/24
193.234.76.0/23
193.235.51.0/24
194.14.135.0/24
194.71.245.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
09:59:72:11:1a:bd:b3:3b:81:d8:d1:c5:97:5a:81:38:59:bd:
66:c2:02:b2:f3:46:a2:1b:52:60:ac:f0:9f:e0:ad:a8:03:ff:
24:33:92:56:79:47:f8:0b:0b:c7:ff:e5:13:a2:2a:7d:ae:6d:
d1:37:c1:cf:8a:99:64:49:32:2a:ca:65:5d:bc:13:f9:92:6c:
36:0e:49:3a:e5:d2:0b:c2:f1:6b:99:7a:15:7b:3f:8a:80:62:
8a:fe:08:15:6d:d1:23:67:6f:e7:c6:ff:d8:e7:53:48:a9:91:
da:6f:90:b2:bb:80:25:fb:33:3e:ae:12:98:3d:40:99:44:80:
97:6c:45:78:14:d4:e2:1e:1c:df:ee:93:e3:43:b4:69:78:79:
8c:14:04:19:ec:e8:70:75:4a:8b:ef:80:3a:05:52:2c:44:d3:
f4:39:96:43:2b:b5:20:ed:3c:f5:b9:ff:45:a8:04:7a:23:88:
a8:85:56:4d:8d:cd:b8:ec:91:8b:5f:8b:50:dd:50:c0:66:cc:
ca:f5:4b:15:fa:9b:45:86:e3:a0:60:69:41:55:d5:95:dd:15:
be:58:27:14:3e:91:64:ac:a0:a2:0a:5a:3b:7c:67:3e:96:a1:
0d:0a:df:e7:2d:9a:b2:ba:fa:2b:85:ad:cd:22:da:27:e6:36:
e4:10:be:cb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQnSGzHrbRPB4ZwJe81yHKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYwNjMwMTJlNzQ2NTY1MTBjODdiMGI1ZTlmMTZkMmYwMjFlMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyameCRZLnA59QfUU9HwsUVJPasGr
Q6yGLshLkxNbM8j8D3SIY2Hc1JdpDJuBfFhFscuXvtOh/CIw5k/7Oc/JUP82kMMV
ldg8hjHM+WAyanTggpY7qjUMjMwpF9b46/9aDqNRELnYrJh+PfZv4k73W89axFF1
aA8kzoKA90dZ5sD9VrvwrcUyo2Nl2Dxm23C0+8acr2zWE/BFD5FLPICoTnctctL8
lRhHP/ie47MItSGd6t465XhWI5jnheuvyTpYcTDoZEOYok4zHgrftF5yich22MxN
Bo3gztz+Yp0heg99phYl1voluqbLljDTDEbYcg55HZXqmyQfeAOXZ4hWLQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJxgYwEudGVlEMh7C16fFtLwIeJOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbkdCakFTNTBaV1VReUhzTFhwOFcwdkFoNGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwCQfAwQA
wHniAwQAwKWDAwQAwbZuAwQBwepMAwQAweszAwQAwg6HAwQAwkf1AwQAwmcrMA0G
CSqGSIb3DQEBCwUAA4IBAQAJWXIRGr2zO4HY0cWXWoE4Wb1mwgKy80aiG1JgrPCf
4K2oA/8kM5JWeUf4CwvH/+UToip9rm3RN8HPiplkSTIqymVdvBP5kmw2Dkk65dIL
wvFrmXoVez+KgGKK/ggVbdEjZ2/nxv/Y51NIqZHab5Cyu4Al+zM+rhKYPUCZRICX
bEV4FNTiHhzf7pPjQ7RpeHmMFAQZ7OhwdUqL74A6BVIsRNP0OZZDK7Ug7Tz1uf9F
qAR6I4iohVZNjc247JGLX4tQ3VDAZszK9UsV+ptFhuOgYGlBVdWV3RW+WCcUPpFk
rKCiClo7fGc+lqENCt/nLZqyuvorha3NIton5jbkEL7L
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:32 2025 by rpki-client