Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NR36i5LrVioH475Xt1h-OcWdEMY.roa
File: NR36i5LrVioH475Xt1h-OcWdEMY.roa (raw, json)
Hash identifier: db3ir3eBYUnHWf5NTRe4KtKvJ9ef0/HNFc51ICY8lEU=
Subject key identifier: 35:1D:FA:8B:92:EB:56:2A:07:E3:BE:57:B7:58:7E:39:C5:9D:10:C6
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0C600397
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NR36i5LrVioH475Xt1h-OcWdEMY.roa
Signing time: Thu 03 Mar 2022 10:31:15 +0000
ROA not before: Thu 03 Mar 2022 10:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 195.180.132.0/22 maxlen: 22
195.180.140.0/22 maxlen: 22
212.224.0.0/22 maxlen: 24
195.252.160.0/22 maxlen: 24
194.233.16.0/22 maxlen: 24
194.233.20.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.163.68.0/22 maxlen: 22
194.163.72.0/22 maxlen: 22
194.163.76.0/22 maxlen: 22
195.179.80.0/22 maxlen: 22
194.64.148.0/22 maxlen: 22
195.179.32.0/21 maxlen: 24
194.64.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 207618967 (0xc600397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Mar 3 10:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=351dfa8b92eb562a07e3be57b7587e39c59d10c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4e:71:19:d0:8a:7d:ab:0e:b4:49:a3:2d:33:
b1:36:d0:46:6e:48:ee:53:0d:37:4b:88:35:0a:39:
61:d5:7f:dc:13:7e:62:fb:8e:d5:f0:58:61:0b:65:
12:57:e5:bb:25:c2:ed:af:a0:7d:ab:b0:4f:60:ad:
9e:92:fe:45:89:6b:c3:08:53:7d:50:ad:d4:57:72:
8f:cd:fc:1b:09:38:f4:15:27:4e:5e:d7:d0:c4:ca:
b8:50:27:14:89:81:68:38:aa:72:ae:0f:64:4b:9f:
a4:47:ac:45:84:a5:02:15:e9:f3:ae:55:13:05:1e:
38:fc:35:a2:c4:9f:8a:fe:27:13:1e:82:b7:88:9f:
0c:6a:c4:d8:87:9d:12:b5:1b:4f:9a:32:6a:23:2f:
a6:e4:ca:19:a0:82:ae:e4:e0:16:e8:0b:ed:e3:e3:
63:9c:01:cd:3c:9b:a7:d0:8e:a7:f4:52:73:7a:5c:
63:8a:d1:d3:80:d7:6f:1e:19:b5:13:e6:e1:27:8d:
6f:34:16:d3:0d:11:a8:7b:c3:25:ed:24:13:b6:15:
41:bd:ef:21:7c:89:fa:68:6e:c8:df:7a:53:0a:f8:
4e:bc:bb:2f:5d:30:ff:4e:b8:3f:3e:d8:06:18:83:
dd:57:28:6b:39:9c:45:7b:b9:37:97:2c:1d:bb:4e:
17:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1D:FA:8B:92:EB:56:2A:07:E3:BE:57:B7:58:7E:39:C5:9D:10:C6
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NR36i5LrVioH475Xt1h-OcWdEMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.148.0/22
194.64.156.0/22
194.64.172.0/22
194.163.68.0-194.163.79.255
194.233.16.0/21
195.179.32.0/21
195.179.80.0/22
195.180.132.0/22
195.180.140.0/22
195.252.160.0/22
212.224.0.0/22
Signature Algorithm: sha256WithRSAEncryption
75:80:cf:7e:b6:83:03:e0:e6:b1:91:1a:1d:75:50:c6:12:c0:
19:b3:81:ce:32:8f:55:c9:48:a7:36:7d:02:ce:ff:bc:f1:26:
75:ce:76:56:2a:9f:25:a4:27:6a:24:7d:16:48:98:e3:ae:55:
d5:e6:b0:1e:db:95:70:0c:42:c5:dc:4a:19:8d:e1:cc:01:6d:
70:2f:36:67:6a:1d:9c:44:c5:ea:45:3f:de:90:4b:e9:d3:b8:
ce:ae:ff:a5:4f:20:df:9f:f4:91:a9:aa:ce:1a:b0:d0:e2:7a:
54:50:86:ac:14:66:03:44:8e:ff:1e:83:f3:4b:0e:50:82:2c:
4f:f2:b1:ef:4c:0e:92:c3:a8:f7:2b:6a:d3:9a:38:e3:d0:4b:
bc:00:5d:c7:fb:5a:92:66:0a:d5:60:8d:ef:1e:06:ef:a5:ba:
f7:80:27:fd:39:76:15:6c:56:5e:ce:4a:6f:23:49:40:55:80:
d9:79:16:57:bb:df:62:d0:31:3d:63:b3:0c:ac:e2:68:d9:bb:
71:d3:a8:2b:99:6e:d2:a7:bc:e4:95:03:4c:83:0e:71:c9:60:
b4:ec:6a:63:21:e7:d3:ac:31:60:89:4c:87:58:25:4d:70:a1:
26:3a:91:c7:1e:af:11:70:fd:67:a6:c1:93:65:7e:0b:f5:cd:
f8:ca:a9:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEDGADlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDMw
MzEwMzExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUxZGZhOGI5MmVi
NTYyYTA3ZTNiZTU3Yjc1ODdlMzljNTlkMTBjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMROcRnQin2rDrRJoy0zsTbQRm5I7lMNN0uINQo5YdV/3BN+
YvuO1fBYYQtlElfluyXC7a+gfauwT2CtnpL+RYlrwwhTfVCt1Fdyj838Gwk49BUn
Tl7X0MTKuFAnFImBaDiqcq4PZEufpEesRYSlAhXp865VEwUeOPw1osSfiv4nEx6C
t4ifDGrE2IedErUbT5oyaiMvpuTKGaCCruTgFugL7ePjY5wBzTybp9COp/RSc3pc
Y4rR04DXbx4ZtRPm4SeNbzQW0w0RqHvDJe0kE7YVQb3vIXyJ+mhuyN96Uwr4Try7
L10w/064Pz7YBhiD3VcoazmcRXu5N5csHbtOF/kCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBQ1HfqLkutWKgfjvle3WH45xZ0QxjAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L05SMzZpNUxyVmlvSDQ3NVh0MWgtT2NXZEVNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAsJAlAMEAsJAnAMEAsJArDAMAwQC
wqNEAwQEwqNAAwQDwukQAwQDw7MgAwQCw7NQAwQCw7SEAwQCw7SMAwQCw/ygAwQC
1OAAMA0GCSqGSIb3DQEBCwUAA4IBAQB1gM9+toMD4OaxkRoddVDGEsAZs4HOMo9V
yUinNn0Czv+88SZ1znZWKp8lpCdqJH0WSJjjrlXV5rAe25VwDELF3EoZjeHMAW1w
LzZnah2cRMXqRT/ekEvp07jOrv+lTyDfn/SRqarOGrDQ4npUUIasFGYDRI7/HoPz
Sw5QgixP8rHvTA6Sw6j3K2rTmjjj0Eu8AF3H+1qSZgrVYI3vHgbvpbr3gCf9OXYV
bFZezkpvI0lAVYDZeRZXu99i0DE9Y7MMrOJo2btx06grmW7Sp7zklQNMgw5xyWC0
7GpjIefTrDFgiUyHWCVNcKEmOpHHHq8RcP1npsGTZX4L9c34yqkN
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:30 2025 by rpki-client