Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/nD4yzDe8gN70BN6Uz9ud-RgMLcw.roa
File: nD4yzDe8gN70BN6Uz9ud-RgMLcw.roa (raw, json)
Hash identifier: 7QOqgSW5O1ke2t+FI1SJBMG+D851WexAWFy5Iq9dI8I=
Subject key identifier: 9C:3E:32:CC:37:BC:80:DE:F4:04:DE:94:CF:DB:9D:F9:18:0C:2D:CC
Certificate issuer: /CN=e122e2b58233a193d1f72778565d6c98d76163a7
Certificate serial: 019565FB41189F1FB68C13EB9C994BBB66CB
Authority key identifier: E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/nD4yzDe8gN70BN6Uz9ud-RgMLcw.roa
Signing time: Wed 05 Mar 2025 11:05:19 +0000
ROA not before: Wed 05 Mar 2025 11:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211757
IP address blocks: 31.43.172.0/23 maxlen: 24
31.43.172.0/24 maxlen: 24
31.43.173.0/24 maxlen: 24
141.138.152.0/21 maxlen: 24
141.138.152.0/24 maxlen: 24
141.138.153.0/24 maxlen: 24
141.138.154.0/24 maxlen: 24
141.138.155.0/24 maxlen: 24
141.138.156.0/24 maxlen: 24
141.138.157.0/24 maxlen: 24
141.138.158.0/24 maxlen: 24
141.138.159.0/24 maxlen: 24
185.242.186.0/24 maxlen: 24
2a10:9840::/29 maxlen: 48
2a10:9840:1::/48 maxlen: 48
2a10:9840:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:fb:41:18:9f:1f:b6:8c:13:eb:9c:99:4b:bb:66:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e122e2b58233a193d1f72778565d6c98d76163a7
Validity
Not Before: Mar 5 11:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c3e32cc37bc80def404de94cfdb9df9180c2dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ab:39:77:ec:ff:fb:14:33:85:45:68:52:27:
47:ad:1a:b5:e6:9f:04:16:7a:b8:3a:84:16:5e:da:
ac:b5:e4:a1:53:cb:fb:3e:e7:10:63:e1:30:c8:9d:
9a:86:e6:0c:97:ed:ce:29:90:87:51:99:20:4c:73:
26:7c:f0:99:63:ff:64:71:72:18:6c:eb:76:f8:b9:
c1:56:77:08:1f:15:76:b0:78:4f:96:6f:ff:22:1b:
05:a1:fb:c3:43:7d:4c:bc:63:3d:24:b5:22:7e:39:
fe:cb:5b:c6:9a:a8:e0:c3:97:35:c3:d2:39:38:b3:
a7:01:6a:dc:21:61:52:e9:5e:2c:45:58:9e:73:ac:
5a:c5:f2:85:06:20:1b:c6:40:45:f4:97:9b:04:02:
1c:93:83:19:63:9d:cf:8a:d9:9c:83:ac:29:17:96:
78:9b:db:8d:ac:f2:2a:f3:7a:9d:45:36:59:ca:4c:
dc:00:9a:b8:e5:cb:a0:39:36:a0:6b:d2:e8:bd:f5:
d6:78:28:12:cc:ad:86:12:8c:31:d4:fb:a1:50:44:
32:c2:66:ff:f2:f2:07:7d:8f:39:41:2e:b9:71:b6:
86:8d:7a:25:23:f2:e4:44:9a:51:0f:2f:2d:33:c1:
e3:e6:ef:94:0f:52:c2:10:2d:00:7c:22:4c:66:e4:
ac:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3E:32:CC:37:BC:80:DE:F4:04:DE:94:CF:DB:9D:F9:18:0C:2D:CC
X509v3 Authority Key Identifier:
keyid:E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/nD4yzDe8gN70BN6Uz9ud-RgMLcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/4SLitYIzoZPR9yd4Vl1smNdhY6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.172.0/23
141.138.152.0/21
185.242.186.0/24
IPv6:
2a10:9840::/29
Signature Algorithm: sha256WithRSAEncryption
6e:7e:bd:04:c5:f3:79:9a:e6:67:d3:b8:ea:91:40:4f:38:6b:
59:d3:4f:95:ff:81:01:c4:94:87:2a:77:e1:b4:aa:a0:97:63:
65:0c:69:5b:fa:3a:14:90:f9:b3:9f:ff:ae:ec:44:7c:09:e7:
b3:6e:e1:63:96:96:b8:76:df:ac:43:c2:a0:1e:3f:29:16:ce:
82:52:9a:61:4a:06:d3:06:4d:e8:0e:96:cc:b7:db:ff:73:1a:
4c:1f:d3:f7:ef:41:6f:17:eb:8e:3f:d5:bc:f5:8f:b5:01:c3:
01:40:27:ca:7a:01:a9:13:be:bf:a0:96:36:b3:85:38:7d:4f:
c7:00:5a:a9:ee:db:71:bd:1c:2b:fd:77:b1:0f:dc:63:b9:1a:
87:ce:64:16:8c:00:6f:56:8d:94:b8:09:16:11:f0:ea:23:28:
69:e5:a4:84:07:33:3a:b7:2a:db:51:71:9b:71:7b:ed:a2:b3:
07:fc:5a:98:e3:a1:bc:ad:48:3e:22:39:74:15:8e:64:07:0e:
ce:3d:3c:f8:68:7e:72:9c:4c:c4:71:fe:38:d8:4e:28:42:a2:
96:7c:d6:60:8e:85:4c:94:2a:ad:3b:c8:0e:12:e1:93:06:a7:
30:0e:85:6f:d3:05:78:7a:c4:74:6f:b7:d6:6b:a0:96:08:8a:
8c:d1:78:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZVl+0EYnx+2jBPrnJlLu2bLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjJlMmI1ODIzM2ExOTNkMWY3Mjc3ODU2NWQ2Yzk4ZDc2
MTYzYTcwHhcNMjUwMzA1MTEwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNlMzJjYzM3YmM4MGRlZjQwNGRlOTRjZmRiOWRmOTE4MGMyZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAras5d+z/+xQzhUVoUidHrRq15p8E
Fnq4OoQWXtqsteShU8v7PucQY+EwyJ2ahuYMl+3OKZCHUZkgTHMmfPCZY/9kcXIY
bOt2+LnBVncIHxV2sHhPlm//IhsFofvDQ31MvGM9JLUifjn+y1vGmqjgw5c1w9I5
OLOnAWrcIWFS6V4sRViec6xaxfKFBiAbxkBF9JebBAIck4MZY53Pitmcg6wpF5Z4
m9uNrPIq83qdRTZZykzcAJq45cugOTaga9LovfXWeCgSzK2GEowx1PuhUEQywmb/
8vIHfY85QS65cbaGjXolI/LkRJpRDy8tM8Hj5u+UD1LCEC0AfCJMZuSsFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJw+Msw3vIDe9ATelM/bnfkYDC3MMB8GA1UdIwQY
MBaAFOEi4rWCM6GT0fcneFZdbJjXYWOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNMaXRZSXpvWlBSOXlkNFZsMXNtTmRoWTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kODE1ZmQtY2ZhYi00YTRhLTk1OTUt
NDE2NmI3NWIwOGFmLzEvbkQ0eXpEZThnTjcwQk42VXo5dWQtUmdNTGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kODE1ZmQtY2ZhYi00YTRhLTk1OTUtNDE2NmI3NWIwOGFm
LzEvNFNMaXRZSXpvWlBSOXlkNFZsMXNtTmRoWTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyusAwQD
jYqYAwQAufK6MA0EAgACMAcDBQMqEJhAMA0GCSqGSIb3DQEBCwUAA4IBAQBufr0E
xfN5muZn07jqkUBPOGtZ00+V/4EBxJSHKnfhtKqgl2NlDGlb+joUkPmzn/+u7ER8
CeezbuFjlpa4dt+sQ8KgHj8pFs6CUpphSgbTBk3oDpbMt9v/cxpMH9P370FvF+uO
P9W89Y+1AcMBQCfKegGpE76/oJY2s4U4fU/HAFqp7ttxvRwr/XexD9xjuRqHzmQW
jABvVo2UuAkWEfDqIyhp5aSEBzM6tyrbUXGbcXvtorMH/FqY46G8rUg+Ijl0FY5k
Bw7OPTz4aH5ynEzEcf442E4oQqKWfNZgjoVMlCqtO8gOEuGTBqcwDoVv0wV4esR0
b7fWa6CWCIqM0XiC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:41 2025 by rpki-client on console.sobornost.net