Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/nChyDb158g4ETV6S1h4UKmIWYw8.roa
File: nChyDb158g4ETV6S1h4UKmIWYw8.roa (raw, json)
Hash identifier: nll+aElSurSjLSWtf0Qc8rCb0mOo9oC+4mUSWL5RZno=
Subject key identifier: 9C:28:72:0D:BD:79:F2:0E:04:4D:5E:92:D6:1E:14:2A:62:16:63:0F
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 0194252045BCC31DD87AE6E7C60F1D35919C
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/nChyDb158g4ETV6S1h4UKmIWYw8.roa
Signing time: Thu 02 Jan 2025 03:47:39 +0000
ROA not before: Thu 02 Jan 2025 03:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209202
IP address blocks: 2.57.128.0/22 maxlen: 22
2a09:d940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:45:bc:c3:1d:d8:7a:e6:e7:c6:0f:1d:35:91:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 2 03:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c28720dbd79f20e044d5e92d61e142a6216630f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:dd:16:27:a1:f5:07:78:00:0f:63:9c:d8:07:
22:00:33:cc:e1:84:64:e0:3f:9b:4b:30:ca:54:33:
d2:fe:78:87:d3:35:ae:7f:38:48:6c:fb:43:8a:10:
32:58:b5:c0:1d:fb:eb:8b:50:fe:76:e4:10:86:1a:
1e:38:04:58:67:d7:4a:d7:9b:31:ff:c8:05:a5:18:
6d:e7:6c:93:bb:48:74:7b:d7:55:16:9c:62:f3:c8:
76:cc:1f:9c:f0:4c:ef:0d:bb:b6:c1:22:ef:03:7f:
ce:42:88:cb:4d:8c:01:61:e3:59:99:8f:23:e5:09:
3a:d7:06:f0:0c:ce:b0:35:6d:ee:de:6d:cb:18:5c:
43:a8:a7:be:27:9c:b2:9a:4b:d6:ba:37:d3:bb:85:
4a:09:fe:4d:e8:76:e1:b5:c5:8c:ee:59:c9:34:c7:
b2:74:1e:80:e7:87:51:b0:91:f8:51:26:54:22:db:
37:54:8b:39:3a:1a:47:6b:94:5d:d9:f9:0a:57:df:
20:2b:6f:35:54:7c:5a:fd:90:cb:dc:54:e7:9a:a8:
51:35:7a:ca:17:62:6b:bf:38:dc:73:dd:8d:c8:2e:
1b:66:b3:cc:ff:42:db:0e:1b:22:3f:3f:fe:ef:a1:
ff:a0:51:e8:f1:7f:81:ea:d7:c6:83:d7:83:aa:4e:
40:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:28:72:0D:BD:79:F2:0E:04:4D:5E:92:D6:1E:14:2A:62:16:63:0F
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/nChyDb158g4ETV6S1h4UKmIWYw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.128.0/22
IPv6:
2a09:d940::/29
Signature Algorithm: sha256WithRSAEncryption
a9:eb:98:14:fc:d3:46:a0:30:af:76:53:64:06:91:da:f7:ab:
7c:be:f3:6a:83:85:1c:f6:01:7f:bd:e3:91:68:41:f7:2d:e5:
b0:51:7b:a7:88:11:94:30:a2:96:9a:a7:c6:4c:fc:df:b4:c3:
01:d6:12:76:a2:c1:30:39:0f:06:88:f4:c1:05:ea:7a:68:35:
d2:50:e7:93:e7:a2:cf:3a:80:7d:06:b8:3d:e1:0c:06:b4:ff:
5f:59:a8:24:25:d6:83:e9:b6:fe:8b:cb:12:1b:42:12:e6:b3:
5d:1e:41:7d:69:40:44:21:27:03:b3:c5:5b:b0:5d:22:ed:06:
bc:51:b2:f9:ae:b4:f9:a9:8c:4c:f3:60:bb:e3:18:85:69:31:
d7:45:78:db:7d:9d:fe:9e:a0:13:8f:ba:79:c9:b7:3b:38:be:
e1:22:24:75:3b:53:18:9f:c0:92:28:25:8b:cd:fc:4a:5b:16:
d4:c0:9f:86:e2:a1:69:f0:68:3d:36:47:43:92:76:c6:66:6c:
32:82:26:36:df:77:3d:ef:e6:10:1c:d1:79:73:ed:25:e7:68:
fc:f0:f8:12:2e:74:9c:55:99:cd:5a:33:4c:93:5c:3a:41:5e:
02:2a:6f:c6:fc:af:83:57:4b:36:d6:60:45:83:68:c2:f9:01:
b0:57:71:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIEW8wx3Yeubnxg8dNZGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjUwMTAyMDM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI4NzIwZGJkNzlmMjBlMDQ0ZDVlOTJkNjFlMTQyYTYyMTY2MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4t0WJ6H1B3gAD2Oc2AciADPM4YRk
4D+bSzDKVDPS/niH0zWufzhIbPtDihAyWLXAHfvri1D+duQQhhoeOARYZ9dK15sx
/8gFpRht52yTu0h0e9dVFpxi88h2zB+c8EzvDbu2wSLvA3/OQojLTYwBYeNZmY8j
5Qk61wbwDM6wNW3u3m3LGFxDqKe+J5yymkvWujfTu4VKCf5N6HbhtcWM7lnJNMey
dB6A54dRsJH4USZUIts3VIs5OhpHa5Rd2fkKV98gK281VHxa/ZDL3FTnmqhRNXrK
F2Jrvzjcc92NyC4bZrPM/0LbDhsiPz/+76H/oFHo8X+B6tfGg9eDqk5A1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwocg29efIOBE1ektYeFCpiFmMPMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvbkNoeURiMTU4ZzRFVFY2UzFoNFVLbUlXWXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjmAMA0E
AgACMAcDBQMqCdlAMA0GCSqGSIb3DQEBCwUAA4IBAQCp65gU/NNGoDCvdlNkBpHa
96t8vvNqg4Uc9gF/veORaEH3LeWwUXuniBGUMKKWmqfGTPzftMMB1hJ2osEwOQ8G
iPTBBep6aDXSUOeT56LPOoB9Brg94QwGtP9fWagkJdaD6bb+i8sSG0IS5rNdHkF9
aUBEIScDs8VbsF0i7Qa8UbL5rrT5qYxM82C74xiFaTHXRXjbfZ3+nqATj7p5ybc7
OL7hIiR1O1MYn8CSKCWLzfxKWxbUwJ+G4qFp8Gg9NkdDknbGZmwygiY233c97+YQ
HNF5c+0l52j88PgSLnScVZnNWjNMk1w6QV4CKm/G/K+DV0s21mBFg2jC+QGwV3EB
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:53:10 2025 by rpki-client