Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NduKpuh8bqHZW3QBngpLwN0nnPg.roa
File: NduKpuh8bqHZW3QBngpLwN0nnPg.roa (raw, json)
Hash identifier: hiwRVS/g5cpwEZyOJZdRApheP50mbWp9SAun5gwSkBg=
Subject key identifier: 35:DB:8A:A6:E8:7C:6E:A1:D9:5B:74:01:9E:0A:4B:C0:DD:27:9C:F8
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01943CA9F5DCA95097A811ABF4A779F993A7
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NduKpuh8bqHZW3QBngpLwN0nnPg.roa
Signing time: Mon 06 Jan 2025 17:29:19 +0000
ROA not before: Mon 06 Jan 2025 17:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.232.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
94.229.210.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:a9:f5:dc:a9:50:97:a8:11:ab:f4:a7:79:f9:93:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 6 17:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35db8aa6e87c6ea1d95b74019e0a4bc0dd279cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:81:cf:4a:4d:b9:aa:71:63:61:de:2d:bb:f3:
b6:e0:a7:fc:8c:d6:dc:72:8c:c0:ed:83:b8:92:5a:
be:5c:3b:83:67:a8:6a:b2:ef:ec:64:bc:30:9b:23:
78:28:86:3e:44:6f:91:5c:ff:cb:b2:27:48:1d:63:
e0:d5:c4:bb:d5:c5:a8:ed:55:26:92:f1:70:fd:cf:
e5:3c:52:44:5f:e2:59:3f:c3:f3:a4:24:49:3b:05:
25:74:64:47:90:e2:90:03:55:86:97:b4:75:ca:f7:
9d:99:8a:fe:2d:4a:39:4b:a8:07:78:9f:ff:3c:2f:
da:98:9a:3c:bd:d8:2a:b3:30:0f:86:45:7b:21:c2:
af:44:b2:67:4c:19:f0:09:c7:36:d1:1b:bc:91:5e:
9e:17:3b:1d:4f:c5:e8:01:45:c7:6c:d5:81:c2:03:
56:3f:b8:dd:3e:f6:11:e2:61:6a:4b:2b:bc:de:56:
7d:d5:4c:4c:5d:89:c6:2a:92:37:5e:73:2e:00:42:
2a:b4:92:b3:4e:fe:d2:8f:5e:5c:90:39:41:34:57:
18:48:f7:b7:77:39:6b:1c:b5:fd:41:51:c4:e6:3e:
3c:4c:fb:22:cc:73:ea:d4:03:26:3a:29:67:2d:ef:
e8:48:0b:8a:cd:ab:10:84:1e:92:46:71:b7:11:99:
55:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:8A:A6:E8:7C:6E:A1:D9:5B:74:01:9E:0A:4B:C0:DD:27:9C:F8
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/NduKpuh8bqHZW3QBngpLwN0nnPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.232.0/24
77.111.96.0/22
94.229.210.0/24
94.229.212.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:74:c6:be:7d:45:5d:0d:bb:f6:7f:c7:f7:73:e9:e5:d6:41:
a2:93:0e:b2:06:8c:e4:64:6c:09:97:9e:94:d6:a1:d1:90:f3:
29:81:33:f2:59:27:de:ee:49:3b:02:3a:84:dc:81:d7:ba:65:
ae:53:03:70:22:4f:b4:99:2a:0f:12:6f:e1:9e:a1:96:0a:12:
d4:82:a5:e3:28:02:14:17:48:e1:e6:f3:f9:c2:5d:fb:62:a4:
7b:b2:15:b4:84:a1:19:f6:56:3e:a3:da:cc:e1:da:83:e1:e1:
16:50:48:dc:f1:c3:e0:5e:61:b2:47:44:52:2a:67:2d:44:3c:
af:06:8a:0c:bb:06:2d:10:cd:0f:05:f0:08:43:a2:07:b4:99:
61:94:21:79:28:c1:d7:34:3d:b0:d0:6a:ad:13:09:5b:29:61:
02:8a:fa:08:89:f2:d5:6b:0b:a4:d5:4e:1b:16:f8:8e:af:bd:
cb:b2:ef:e4:ae:ec:23:c0:86:fc:df:33:7a:9b:48:5d:d6:4d:
23:8d:77:1c:3e:a6:75:24:0b:5d:8c:a7:82:9b:6d:49:70:a9:
e2:be:3f:51:4f:16:16:41:1e:39:aa:8e:23:f1:6a:ff:e6:95:
d2:db:74:d6:6f:96:c8:e3:e0:8c:ed:2e:ff:88:43:44:6f:f2:
a4:b3:31:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQ8qfXcqVCXqBGr9Kd5+ZOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTA2MTcyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRiOGFhNmU4N2M2ZWExZDk1Yjc0MDE5ZTBhNGJjMGRkMjc5Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IHPSk25qnFjYd4tu/O24Kf8jNbc
cozA7YO4klq+XDuDZ6hqsu/sZLwwmyN4KIY+RG+RXP/LsidIHWPg1cS71cWo7VUm
kvFw/c/lPFJEX+JZP8PzpCRJOwUldGRHkOKQA1WGl7R1yvedmYr+LUo5S6gHeJ//
PC/amJo8vdgqszAPhkV7IcKvRLJnTBnwCcc20Ru8kV6eFzsdT8XoAUXHbNWBwgNW
P7jdPvYR4mFqSyu83lZ91UxMXYnGKpI3XnMuAEIqtJKzTv7Sj15ckDlBNFcYSPe3
dzlrHLX9QVHE5j48TPsizHPq1AMmOilnLe/oSAuKzasQhB6SRnG3EZlVGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDXbiqbofG6h2Vt0AZ4KS8DdJ5z4MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTmR1S3B1aDhicUhaVzNRQm5ncEx3TjBublBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQADmboAwQC
TW9gAwQAXuXSAwQAXuXUMA0GCSqGSIb3DQEBCwUAA4IBAQBqdMa+fUVdDbv2f8f3
c+nl1kGikw6yBozkZGwJl56U1qHRkPMpgTPyWSfe7kk7AjqE3IHXumWuUwNwIk+0
mSoPEm/hnqGWChLUgqXjKAIUF0jh5vP5wl37YqR7shW0hKEZ9lY+o9rM4dqD4eEW
UEjc8cPgXmGyR0RSKmctRDyvBooMuwYtEM0PBfAIQ6IHtJlhlCF5KMHXND2w0Gqt
EwlbKWECivoIifLVawuk1U4bFviOr73Lsu/kruwjwIb83zN6m0hd1k0jjXccPqZ1
JAtdjKeCm21JcKnivj9RTxYWQR45qo4j8Wr/5pXS23TWb5bI4+CM7S7/iENEb/Kk
szE1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:42 2025 by rpki-client