Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/nCj-HurrM8I6ZuYeTftMdm0Nisw.roa
File: nCj-HurrM8I6ZuYeTftMdm0Nisw.roa (raw, json)
Hash identifier: f4dhcwMgx6vMMDpRWe3qOH6ZusltLaqZhMj8z/Gm8hQ=
Subject key identifier: 9C:28:FE:1E:EA:EB:33:C2:3A:66:E6:1E:4D:FB:4C:76:6D:0D:8A:CC
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 019427481E0742BEBA06131BD44E95DC635F
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/nCj-HurrM8I6ZuYeTftMdm0Nisw.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12642
IP address blocks: 213.170.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1e:07:42:be:ba:06:13:1b:d4:4e:95:dc:63:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c28fe1eeaeb33c23a66e61e4dfb4c766d0d8acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:44:3a:02:f6:03:5c:7f:dc:b8:10:ee:eb:
b6:ab:da:51:35:cb:63:1e:0b:4e:b1:8c:86:df:18:
e8:e3:3a:ab:ce:c8:56:56:06:e9:d4:16:87:45:8a:
0c:44:c4:c4:62:f7:ce:a3:84:85:88:39:a1:75:d4:
3e:c8:8c:e0:95:94:48:81:d0:92:44:30:27:1f:1d:
f7:eb:4f:1d:9c:86:84:e6:93:95:c4:82:f6:ff:f7:
e4:2c:40:99:3c:1c:8b:08:e0:eb:04:9b:88:ef:11:
b9:be:ae:e9:c9:46:ba:2a:8c:87:f2:e2:fc:ac:b6:
b8:74:f5:b9:cc:75:3a:7d:2b:df:9c:a6:b3:fe:97:
5d:0a:81:b9:48:89:a5:ef:cb:bb:c5:6b:db:73:1e:
3e:d6:70:38:91:1d:9a:8d:8b:8b:98:03:7b:1c:c0:
40:aa:74:49:7d:3c:e8:47:0a:83:b6:71:f9:7c:99:
55:26:77:ba:7b:50:52:61:fd:89:0c:8d:b5:bb:0f:
f7:31:d9:26:20:e9:bc:61:70:79:aa:66:b7:19:0f:
b6:29:93:89:dd:cb:e4:5a:dd:2d:76:9e:34:10:7d:
d7:c4:e7:4a:f4:d2:77:43:c1:7a:74:46:80:5c:bc:
cf:92:35:34:34:ee:cd:6c:12:f5:d2:32:48:51:69:
da:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:28:FE:1E:EA:EB:33:C2:3A:66:E6:1E:4D:FB:4C:76:6D:0D:8A:CC
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/nCj-HurrM8I6ZuYeTftMdm0Nisw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.49.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:24:c3:ff:47:a2:db:da:9a:84:b9:b0:77:c0:fa:a3:3a:18:
96:72:eb:30:bc:7a:a7:00:d6:5b:2e:9c:81:c7:7e:75:30:3d:
ea:df:24:bf:08:aa:90:93:87:9d:c8:5a:57:02:0f:3e:56:6a:
ef:a5:77:15:6a:99:67:6d:be:e2:23:69:76:a2:d6:f7:2a:54:
ea:80:2e:76:0a:74:ad:b7:c1:4a:fc:7c:c7:f3:92:2f:4b:78:
f8:b9:79:52:d1:b1:28:0c:5f:f6:4e:c1:0c:ae:bd:06:0d:44:
e2:57:c1:c2:92:9e:80:1c:57:e5:85:da:27:3a:bd:72:b2:0d:
2c:11:a9:7a:da:59:e1:39:8d:a4:ff:f2:76:a1:55:f5:e5:2b:
1d:c2:ae:de:01:7f:e7:87:37:b4:2f:2d:4d:09:c9:d0:8a:36:
99:58:9f:c8:d5:e7:50:d7:52:7e:fa:01:f9:72:8d:88:81:6c:
f5:16:e5:59:8c:02:09:f4:ed:35:92:74:27:1d:58:69:28:8a:
de:50:12:8e:54:8d:19:a3:f9:fb:4b:d0:b8:74:30:ff:ad:e3:
3f:9b:b7:d7:9e:ec:5e:4a:1e:f6:32:a0:18:0e:92:60:b4:7d:
2d:c5:49:99:6b:07:63:8e:01:b3:f6:59:14:76:c0:06:4e:22:
b0:ff:fe:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSB4HQr66BhMb1E6V3GNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI4ZmUxZWVhZWIzM2MyM2E2NmU2MWU0ZGZiNGM3NjZkMGQ4YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvphEOgL2A1x/3LgQ7uu2q9pRNctj
HgtOsYyG3xjo4zqrzshWVgbp1BaHRYoMRMTEYvfOo4SFiDmhddQ+yIzglZRIgdCS
RDAnHx33608dnIaE5pOVxIL2//fkLECZPByLCODrBJuI7xG5vq7pyUa6KoyH8uL8
rLa4dPW5zHU6fSvfnKaz/pddCoG5SIml78u7xWvbcx4+1nA4kR2ajYuLmAN7HMBA
qnRJfTzoRwqDtnH5fJlVJne6e1BSYf2JDI21uw/3MdkmIOm8YXB5qma3GQ+2KZOJ
3cvkWt0tdp40EH3XxOdK9NJ3Q8F6dEaAXLzPkjU0NO7NbBL10jJIUWnarQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwo/h7q6zPCOmbmHk37THZtDYrMMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvbkNqLUh1cnJNOEk2WnVZZVRmdE1kbTBOaXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aoxMA0G
CSqGSIb3DQEBCwUAA4IBAQC1JMP/R6Lb2pqEubB3wPqjOhiWcuswvHqnANZbLpyB
x351MD3q3yS/CKqQk4edyFpXAg8+VmrvpXcVaplnbb7iI2l2otb3KlTqgC52CnSt
t8FK/HzH85IvS3j4uXlS0bEoDF/2TsEMrr0GDUTiV8HCkp6AHFflhdonOr1ysg0s
Eal62lnhOY2k//J2oVX15Ssdwq7eAX/nhze0Ly1NCcnQijaZWJ/I1edQ11J++gH5
co2IgWz1FuVZjAIJ9O01knQnHVhpKIreUBKOVI0Zo/n7S9C4dDD/reM/m7fXnuxe
Sh72MqAYDpJgtH0txUmZawdjjgGz9lkUdsAGTiKw//5j
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net