Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/nX3cTT6Z46ia8ilRpYoy76Qfcpw.roa
File: nX3cTT6Z46ia8ilRpYoy76Qfcpw.roa (raw, json)
Hash identifier: F4TTBGUA2s+p/RqFI1oEdgWOkMdt1tt+q5E1F92GVRQ=
Subject key identifier: 9D:7D:DC:4D:3E:99:E3:A8:9A:F2:29:51:A5:8A:32:EF:A4:1F:72:9C
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 0190BACCFD0213DFE3F5650AFDA673F13D75
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/nX3cTT6Z46ia8ilRpYoy76Qfcpw.roa
Signing time: Tue 16 Jul 2024 09:08:34 +0000
ROA not before: Tue 16 Jul 2024 09:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.229.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.132.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.144.0/21 maxlen: 32
212.110.154.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:cc:fd:02:13:df:e3:f5:65:0a:fd:a6:73:f1:3d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jul 16 09:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d7ddc4d3e99e3a89af22951a58a32efa41f729c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:93:ad:21:f9:95:39:02:e8:3f:aa:90:6a:b7:
c5:dd:59:cd:18:57:7d:59:52:ce:df:75:f2:4c:17:
b9:1f:39:c6:09:d1:d1:0b:16:54:87:7a:48:2b:ef:
8f:1d:32:7a:c3:3d:ff:c3:2e:c7:48:3c:1a:0f:7d:
4e:d2:3b:09:9c:41:46:e6:b6:3a:44:ca:6e:86:90:
e5:84:3d:c9:eb:2e:7f:95:95:bc:43:e1:d6:f4:07:
a7:c2:36:a7:e4:de:fb:e0:b7:a9:f0:ab:f0:79:99:
ab:79:ff:75:67:f1:25:98:a4:68:31:91:a7:c2:c7:
be:5f:ee:3b:a7:e7:f9:21:5a:29:39:a8:68:17:72:
3b:7f:eb:fc:a9:b8:b2:90:b3:28:8b:2e:8f:f8:28:
fb:85:2c:b2:71:e8:48:d0:96:93:49:a0:15:03:6f:
cd:80:9c:a1:f1:fb:71:95:5d:fe:ea:ac:e7:73:76:
40:4d:32:55:12:22:65:bd:6c:a9:65:15:5c:4b:92:
a1:fb:fd:97:2d:2a:5b:dc:24:ee:48:43:b9:58:84:
cf:71:bd:89:23:e5:63:24:7b:af:86:e6:e8:23:b4:
fe:9e:cb:69:43:80:06:2d:f4:38:84:64:d4:46:c7:
8e:04:d8:74:db:26:9f:9a:23:62:dd:cb:e5:f6:43:
6a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7D:DC:4D:3E:99:E3:A8:9A:F2:29:51:A5:8A:32:EF:A4:1F:72:9C
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/nX3cTT6Z46ia8ilRpYoy76Qfcpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
85.90.223.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
193.111.0.0/23
193.111.48.0/22
212.110.129.0-212.110.133.255
212.110.136.0-212.110.141.255
212.110.144.0/21
212.110.154.0/23
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
39:c9:1f:f1:a4:bd:7e:6b:76:b4:e0:50:56:c8:8a:bc:23:3f:
b9:03:b4:9d:6c:15:ca:51:c7:c6:72:8f:aa:0b:c5:1f:21:a1:
c8:8e:38:cd:cf:75:24:f9:29:45:08:b1:b4:76:1c:c1:a9:88:
e6:04:d5:82:ea:37:35:81:3f:8e:4f:13:b5:c8:6b:7b:da:69:
4b:1f:0e:59:60:c8:0f:6d:a1:3d:5c:8b:6f:25:78:e6:4b:1e:
40:f3:55:44:b4:7b:e5:cd:8d:42:e6:14:02:d1:62:e9:14:19:
8f:89:af:a5:ea:6b:ee:94:64:11:f1:a5:80:75:6f:25:0f:02:
18:61:fa:a3:e0:80:93:b0:00:30:d2:69:4a:bb:3e:e1:ab:fd:
1c:e2:73:51:ee:84:76:37:bb:dc:2b:6b:9d:ad:9c:76:ef:0b:
4f:2a:be:c5:29:88:87:0c:0c:34:61:72:57:70:e3:21:35:a7:
dd:5d:4e:44:8e:14:7f:a7:3d:de:54:15:7e:c8:f5:c4:6e:4d:
31:f4:f8:97:f1:48:5d:b7:0c:f0:d6:ba:d9:c0:79:5d:e8:bb:
fb:34:21:1d:67:26:81:c3:66:91:07:c4:70:bc:42:7e:dc:08:
ed:3d:94:0c:9b:4d:76:38:24:10:c0:3d:dd:fa:1f:7c:bf:65:
2b:30:d4:52
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZC6zP0CE9/j9WUK/aZz8T11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwNzE2MDkwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdkZGM0ZDNlOTllM2E4OWFmMjI5NTFhNThhMzJlZmE0MWY3MjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5OtIfmVOQLoP6qQarfF3VnNGFd9
WVLO33XyTBe5HznGCdHRCxZUh3pIK++PHTJ6wz3/wy7HSDwaD31O0jsJnEFG5rY6
RMpuhpDlhD3J6y5/lZW8Q+HW9Aenwjan5N774Lep8KvweZmref91Z/ElmKRoMZGn
wse+X+47p+f5IVopOahoF3I7f+v8qbiykLMoiy6P+Cj7hSyycehI0JaTSaAVA2/N
gJyh8ftxlV3+6qznc3ZATTJVEiJlvWypZRVcS5Kh+/2XLSpb3CTuSEO5WITPcb2J
I+VjJHuvhuboI7T+nstpQ4AGLfQ4hGTURseOBNh02yafmiNi3cvl9kNqYwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJ193E0+meOomvIpUaWKMu+kH3KcMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvblgzY1RUNlo0NmlhOGlsUnBZb3k3NlFmY3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQDH6yI
AwQEUFzgAwQAUnXlAwQAVVrfAwQEXDywAwQCXHfcAwQDgACoAwQBuSbQAwQCuSfE
AwQBwW8AAwQCwW8wMAwDBADUboEDBAHUboQwDAMEA9RuiAMEAdRujAMEA9RukAME
AdRumgMEBdkUoDANBAIAAjAHAwUAKgEGsDANBgkqhkiG9w0BAQsFAAOCAQEAOckf
8aS9fmt2tOBQVsiKvCM/uQO0nWwVylHHxnKPqgvFHyGhyI44zc91JPkpRQixtHYc
wamI5gTVguo3NYE/jk8Ttchre9ppSx8OWWDID22hPVyLbyV45kseQPNVRLR75c2N
QuYUAtFi6RQZj4mvpepr7pRkEfGlgHVvJQ8CGGH6o+CAk7AAMNJpSrs+4av9HOJz
Ue6Edje73Ctrna2cdu8LTyq+xSmIhwwMNGFyV3DjITWn3V1ORI4Uf6c93lQVfsj1
xG5NMfT4l/FIXbcM8Na62cB5Xei7+zQhHWcmgcNmkQfEcLxCftwI7T2UDJtNdjgk
EMA93foffL9lKzDUUg==
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:23:08 2025 by rpki-client