Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/Nu6PzktHZPkZpTfNWDAC1WQ31fs.roa
File: Nu6PzktHZPkZpTfNWDAC1WQ31fs.roa (raw, json)
Hash identifier: 0olptWKqLuwlqgvdBxIZwPcl+HWoWf7gPYNB7LvpZJo=
Subject key identifier: 36:EE:8F:CE:4B:47:64:F9:19:A5:37:CD:58:30:02:D5:64:37:D5:FB
Certificate issuer: /CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Certificate serial: 019421B16C15852E832BA81BA3D963E3387A
Authority key identifier: 8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/Nu6PzktHZPkZpTfNWDAC1WQ31fs.roa
Signing time: Wed 01 Jan 2025 11:47:42 +0000
ROA not before: Wed 01 Jan 2025 11:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57356
IP address blocks: 31.216.0.0/20 maxlen: 20
31.216.0.0/21 maxlen: 21
31.216.8.0/21 maxlen: 21
86.111.160.0/20 maxlen: 20
86.111.160.0/21 maxlen: 21
86.111.168.0/22 maxlen: 22
86.111.172.0/23 maxlen: 23
86.111.174.0/23 maxlen: 23
87.117.80.0/20 maxlen: 20
87.117.80.0/22 maxlen: 22
87.117.84.0/23 maxlen: 23
87.117.86.0/23 maxlen: 23
87.117.88.0/22 maxlen: 22
87.117.92.0/22 maxlen: 22
91.185.176.0/21 maxlen: 21
91.185.176.0/22 maxlen: 22
91.185.180.0/22 maxlen: 22
185.20.164.0/22 maxlen: 22
185.20.164.0/23 maxlen: 23
185.20.166.0/23 maxlen: 23
194.140.208.0/20 maxlen: 20
194.140.208.0/22 maxlen: 22
194.140.208.0/23 maxlen: 23
194.140.210.0/23 maxlen: 23
194.140.212.0/22 maxlen: 22
194.140.212.0/24 maxlen: 24
194.140.213.0/24 maxlen: 24
194.140.214.0/24 maxlen: 24
194.140.215.0/24 maxlen: 24
194.140.216.0/22 maxlen: 22
194.140.220.0/23 maxlen: 23
194.140.222.0/23 maxlen: 23
194.140.222.0/24 maxlen: 24
194.140.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:6c:15:85:2e:83:2b:a8:1b:a3:d9:63:e3:38:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Validity
Not Before: Jan 1 11:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36ee8fce4b4764f919a537cd583002d56437d5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:d1:09:05:39:af:1c:a6:66:98:a2:a2:8d:
ef:06:7f:79:5d:23:7c:ed:97:71:9c:b2:79:83:16:
f2:33:13:4c:e5:5d:9e:da:54:4c:14:f0:76:48:16:
02:ac:98:20:2a:96:d3:6b:09:1d:6c:7d:68:f4:16:
98:a0:98:4f:8b:d7:0f:cb:1c:dd:d8:db:ee:d7:0e:
f0:7d:93:24:fd:2c:03:a5:8f:cd:c1:0d:b6:51:57:
fa:48:62:ce:53:cb:05:5c:aa:d1:f4:dd:39:59:e6:
fe:e7:da:49:8b:e6:2b:06:a7:90:fc:22:0e:90:56:
0d:7a:18:7a:6a:8b:c8:8f:89:91:06:87:3b:be:0d:
ba:38:e6:87:eb:cd:2f:7f:05:67:4b:f8:09:c5:bc:
2f:dd:ad:2a:86:11:ac:93:4e:fe:08:9b:12:d2:f2:
0c:6a:e7:01:fc:6e:2a:6c:98:2f:45:9c:15:7a:dd:
db:9a:05:81:e6:b0:ec:d0:12:24:28:86:70:11:20:
22:27:25:bd:57:7e:36:82:9f:ca:e6:59:f8:1b:47:
db:01:9c:f9:32:49:81:85:43:ca:f8:7f:b5:87:6e:
37:52:3a:81:06:ba:1f:82:14:83:66:56:cf:d4:3d:
4b:ba:69:48:f4:c4:ff:8c:c8:22:19:4f:19:ba:d3:
98:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EE:8F:CE:4B:47:64:F9:19:A5:37:CD:58:30:02:D5:64:37:D5:FB
X509v3 Authority Key Identifier:
keyid:8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/Nu6PzktHZPkZpTfNWDAC1WQ31fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/jV8GavgNDp8H6oeyS9r6WdH18m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.0.0/20
86.111.160.0/20
87.117.80.0/20
91.185.176.0/21
185.20.164.0/22
194.140.208.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:49:7c:23:e5:15:7e:6f:74:9f:38:90:5c:e9:ab:85:7f:2f:
2f:81:c2:c2:da:6f:fd:e1:22:93:21:4c:d8:bb:4f:da:f0:7d:
91:20:b7:00:3d:ff:27:93:86:da:f8:cd:83:da:f1:ba:81:e0:
67:ed:88:4b:01:b9:bc:bb:16:65:6e:c1:b6:6c:85:1f:51:72:
b7:d3:b4:76:cf:c5:3a:2b:8e:54:01:d3:ab:55:fc:e6:07:6e:
b3:71:04:a7:d3:1e:19:44:10:fb:5d:1a:35:0b:16:00:d7:93:
ea:22:83:06:9a:ac:9c:0a:d7:81:b4:a1:b5:c6:8b:ed:61:f9:
54:55:b7:12:52:09:d4:13:e4:92:80:dc:7b:02:df:26:29:64:
60:c8:e8:20:b7:67:9f:6d:00:ee:16:bc:76:e4:4b:19:87:8b:
4b:36:db:c6:f1:0a:fc:4f:99:d6:40:f2:7a:e9:97:90:0a:5d:
d5:59:0e:11:c0:a6:9b:ff:06:29:9a:0e:cf:28:f7:32:ca:7f:
6c:1e:fa:6d:78:cf:83:eb:79:20:52:e1:11:55:73:6d:1c:2f:
75:25:e7:bf:7d:d5:63:64:21:5f:a3:a7:71:db:2e:11:75:e2:
e4:50:c3:ca:14:ac:e7:31:ee:e1:34:3a:77:b1:d5:3a:77:e9:
d8:94:80:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhsWwVhS6DK6gbo9lj4zh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNWYwNjZhZjgwZDBlOWYwN2VhODdiMjRiZGFmYTU5ZDFm
NWYyNmYwHhcNMjUwMTAxMTE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVlOGZjZTRiNDc2NGY5MTlhNTM3Y2Q1ODMwMDJkNTY0MzdkNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NHRCQU5rxymZpiioo3vBn95XSN8
7ZdxnLJ5gxbyMxNM5V2e2lRMFPB2SBYCrJggKpbTawkdbH1o9BaYoJhPi9cPyxzd
2Nvu1w7wfZMk/SwDpY/NwQ22UVf6SGLOU8sFXKrR9N05Web+59pJi+YrBqeQ/CIO
kFYNehh6aovIj4mRBoc7vg26OOaH680vfwVnS/gJxbwv3a0qhhGsk07+CJsS0vIM
aucB/G4qbJgvRZwVet3bmgWB5rDs0BIkKIZwESAiJyW9V342gp/K5ln4G0fbAZz5
MkmBhUPK+H+1h243UjqBBrofghSDZlbP1D1LumlI9MT/jMgiGU8ZutOY8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDbuj85LR2T5GaU3zVgwAtVkN9X7MB8GA1UdIwQY
MBaAFI1fBmr4DQ6fB+qHskva+lnR9fJvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalY4R2F2Z05EcDhINm9leVM5cjZXZEgxOG04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zMzBlNGQtYTlkOS00YjdlLTg2M2Mt
NmYzYWE4OTQzZTY4LzEvTnU2UHprdEhaUGtacFRmTldEQUMxV1EzMWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zMzBlNGQtYTlkOS00YjdlLTg2M2MtNmYzYWE4OTQzZTY4
LzEvalY4R2F2Z05EcDhINm9leVM5cjZXZEgxOG04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEH9gAAwQE
Vm+gAwQEV3VQAwQDW7mwAwQCuRSkAwQEwozQMA0GCSqGSIb3DQEBCwUAA4IBAQCa
SXwj5RV+b3SfOJBc6auFfy8vgcLC2m/94SKTIUzYu0/a8H2RILcAPf8nk4ba+M2D
2vG6geBn7YhLAbm8uxZlbsG2bIUfUXK307R2z8U6K45UAdOrVfzmB26zcQSn0x4Z
RBD7XRo1CxYA15PqIoMGmqycCteBtKG1xovtYflUVbcSUgnUE+SSgNx7At8mKWRg
yOggt2efbQDuFrx25EsZh4tLNtvG8Qr8T5nWQPJ66ZeQCl3VWQ4RwKab/wYpmg7P
KPcyyn9sHvpteM+D63kgUuERVXNtHC91Jee/fdVjZCFfo6dx2y4RdeLkUMPKFKzn
Me7hNDp3sdU6d+nYlIDO
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:51:19 2025 by rpki-client