Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/NlvMkPZn5ykNcIArduldQ2gvLwk.roa
File: NlvMkPZn5ykNcIArduldQ2gvLwk.roa (raw, json)
Hash identifier: 5PNzjoi0TVJoqN04xzDCOAwSudfA6d0BQM/WfLTAPFo=
Subject key identifier: 36:5B:CC:90:F6:67:E7:29:0D:70:80:2B:76:E9:5D:43:68:2F:2F:09
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 019427B5F49DFFD1F9EB39BAD92EA114BE76
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/NlvMkPZn5ykNcIArduldQ2gvLwk.roa
Signing time: Thu 02 Jan 2025 15:50:23 +0000
ROA not before: Thu 02 Jan 2025 15:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 91.200.253.0/24 maxlen: 24
110.172.188.0/24 maxlen: 24
114.69.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f4:9d:ff:d1:f9:eb:39:ba:d9:2e:a1:14:be:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 15:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=365bcc90f667e7290d70802b76e95d43682f2f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:34:5a:f0:87:8f:d3:8f:bc:b1:59:5f:df:c6:
c0:9f:35:a6:d9:e2:90:fc:66:9a:ee:1a:93:00:f3:
22:e2:9e:a3:b7:8d:03:17:2b:d3:ef:dc:42:38:27:
6f:66:d3:45:72:a0:ca:de:88:e3:e8:15:db:84:bb:
c2:91:19:fe:bb:41:be:23:5d:70:0f:35:7c:39:6a:
ab:f9:16:4a:a5:3c:67:4c:e2:2d:9d:e4:f9:27:8e:
90:75:1e:36:70:b1:a2:87:3a:31:80:44:bb:ba:95:
ff:4c:c1:89:d5:7c:01:07:a6:29:a7:61:7f:8a:ed:
68:59:d9:9a:bd:61:00:a4:b7:91:e6:60:03:14:bd:
dd:81:16:0a:19:56:97:9a:5b:4d:e1:0c:e0:48:eb:
22:a4:52:7a:40:c4:a2:50:a0:78:8e:e5:b4:26:b4:
44:75:9e:1c:b2:a3:b0:a8:f6:36:eb:71:03:6b:21:
40:d1:6a:dd:8f:74:98:f5:2b:3e:c1:bd:0a:de:96:
b5:cd:2c:2e:9f:40:5a:c3:ca:5c:2b:cb:b9:00:bd:
66:68:2a:e8:ae:07:b1:05:47:94:cf:74:36:c6:69:
e6:33:40:26:48:0d:fd:16:92:78:b7:c1:c3:92:78:
6c:e0:0e:cd:98:9a:f5:4d:d8:0a:47:84:32:22:ed:
3b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5B:CC:90:F6:67:E7:29:0D:70:80:2B:76:E9:5D:43:68:2F:2F:09
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/NlvMkPZn5ykNcIArduldQ2gvLwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.253.0/24
110.172.188.0/24
114.69.246.0/24
Signature Algorithm: sha256WithRSAEncryption
76:96:98:37:8e:63:d6:e8:96:9f:60:10:0a:d3:a6:fb:18:7d:
ef:91:99:14:a7:5a:47:d5:88:47:d9:ce:7e:ae:8b:23:64:a8:
fd:e3:23:cc:ff:e8:af:df:13:8b:bc:a0:f1:ef:c7:0a:cc:86:
67:de:99:3a:83:b9:a7:ce:b4:9f:5f:35:0c:60:7b:76:54:c4:
90:8a:96:1e:90:81:be:60:28:8f:11:25:f6:4c:b7:15:f9:ec:
cd:6e:c6:69:ea:a1:84:08:fb:0d:13:02:97:d9:fd:7a:19:9d:
66:38:76:eb:34:14:f7:e3:12:10:ee:99:16:4a:cd:53:26:ee:
4d:54:66:28:5c:17:50:08:0f:0c:aa:91:07:36:c1:bf:0c:2a:
47:ec:9c:9d:fa:a0:21:7b:c4:d8:7d:da:bd:3a:76:f5:56:2b:
24:2c:4c:b1:9d:b4:a6:4e:66:48:ad:da:95:54:11:40:23:0f:
da:10:cb:6f:85:c3:54:6d:22:2d:01:ff:89:5d:02:ca:41:ba:
9e:60:96:16:c5:22:12:f0:55:b4:cf:f0:87:89:51:1d:dd:27:
9f:0f:8c:c8:8a:ca:b9:93:5b:33:a3:a4:2e:5f:4d:aa:de:c1:
35:a2:7e:57:f9:8e:1a:66:5f:90:a5:31:11:e4:6f:4b:2f:85:
51:66:dc:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntfSd/9H56zm62S6hFL52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMTAyMTU1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjViY2M5MGY2NjdlNzI5MGQ3MDgwMmI3NmU5NWQ0MzY4MmYyZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TRa8IeP04+8sVlf38bAnzWm2eKQ
/Gaa7hqTAPMi4p6jt40DFyvT79xCOCdvZtNFcqDK3ojj6BXbhLvCkRn+u0G+I11w
DzV8OWqr+RZKpTxnTOItneT5J46QdR42cLGihzoxgES7upX/TMGJ1XwBB6Ypp2F/
iu1oWdmavWEApLeR5mADFL3dgRYKGVaXmltN4QzgSOsipFJ6QMSiUKB4juW0JrRE
dZ4csqOwqPY263EDayFA0Wrdj3SY9Ss+wb0K3pa1zSwun0Baw8pcK8u5AL1maCro
rgexBUeUz3Q2xmnmM0AmSA39FpJ4t8HDknhs4A7NmJr1TdgKR4QyIu07TQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZbzJD2Z+cpDXCAK3bpXUNoLy8JMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvTmx2TWtQWm41eWtOY0lBcmR1bGRRMmd2THdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8j9AwQA
bqy8AwQAckX2MA0GCSqGSIb3DQEBCwUAA4IBAQB2lpg3jmPW6JafYBAK06b7GH3v
kZkUp1pH1YhH2c5+rosjZKj94yPM/+iv3xOLvKDx78cKzIZn3pk6g7mnzrSfXzUM
YHt2VMSQipYekIG+YCiPESX2TLcV+ezNbsZp6qGECPsNEwKX2f16GZ1mOHbrNBT3
4xIQ7pkWSs1TJu5NVGYoXBdQCA8MqpEHNsG/DCpH7Jyd+qAhe8TYfdq9Onb1Visk
LEyxnbSmTmZIrdqVVBFAIw/aEMtvhcNUbSItAf+JXQLKQbqeYJYWxSIS8FW0z/CH
iVEd3SefD4zIisq5k1szo6QuX02q3sE1on5X+Y4aZl+QpTER5G9LL4VRZtxg
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:42:56 2025 by rpki-client