Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nWnH8WPTfSdR60oLxL3nr-UJkhI.roa
File: nWnH8WPTfSdR60oLxL3nr-UJkhI.roa (raw, json)
Hash identifier: FxuOP6ygbp9zK5v8GpOJ4G8YtyPvftUx6fSyYI0XByg=
Subject key identifier: 9D:69:C7:F1:63:D3:7D:27:51:EB:4A:0B:C4:BD:E7:AF:E5:09:92:12
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193BA1D9B8B77CD6BE56ABB3C1041B0F0CD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nWnH8WPTfSdR60oLxL3nr-UJkhI.roa
Signing time: Thu 12 Dec 2024 09:05:22 +0000
ROA not before: Thu 12 Dec 2024 09:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.143.0/24 maxlen: 24
5.175.233.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:1d:9b:8b:77:cd:6b:e5:6a:bb:3c:10:41:b0:f0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 12 09:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d69c7f163d37d2751eb4a0bc4bde7afe5099212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:97:e8:72:9d:6d:64:02:e2:a3:35:92:47:b3:
82:74:77:43:ef:a2:9a:90:56:27:42:a7:3d:83:c8:
4f:08:3c:ab:ae:af:ed:ac:51:b8:81:8d:b7:ba:a8:
ae:14:5b:ce:f5:08:da:1f:b9:89:a7:0e:9b:4d:ae:
25:36:d5:c6:e5:5d:b1:2a:02:08:b7:f3:d1:38:5b:
1a:20:45:fd:eb:44:44:b5:93:6c:3e:43:50:59:84:
59:0a:3b:2f:32:dc:5c:4a:f9:34:96:44:cc:d2:1b:
30:56:df:ad:94:87:41:e5:3a:72:77:a3:a7:61:22:
cf:c7:bd:4f:5e:95:18:32:d7:f4:ca:96:db:3b:67:
e2:81:7f:5e:f3:66:c3:7c:95:11:98:79:9d:71:58:
93:9e:8e:1f:45:6f:ba:99:dc:fa:ab:d7:24:8c:3f:
61:72:f0:db:dd:c8:84:44:16:26:65:e1:96:d5:14:
52:23:4e:a9:22:8f:f9:74:9c:8c:fa:c5:d1:df:91:
a6:74:e3:61:5a:83:b1:2b:33:96:91:16:a7:76:35:
e4:47:28:a4:d1:f3:16:c3:e3:bf:02:f2:60:9f:8a:
53:93:73:30:b1:fd:5c:f3:a1:54:1b:3b:f3:36:e2:
11:bd:fa:dd:e9:0a:1f:67:44:ba:8e:8f:98:59:67:
43:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:69:C7:F1:63:D3:7D:27:51:EB:4A:0B:C4:BD:E7:AF:E5:09:92:12
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nWnH8WPTfSdR60oLxL3nr-UJkhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.143.0/24
5.175.233.0/24
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
71:56:10:46:31:ca:65:3a:5b:49:1d:b1:9b:38:25:fb:74:cd:
93:0c:5a:63:0c:ea:9d:44:8d:3c:34:55:f3:37:2c:83:1c:8d:
1d:fb:4a:28:ea:00:f0:fa:f2:74:ea:57:8d:91:63:12:33:4e:
f1:7d:36:5c:d2:d4:17:ce:4d:47:8c:4c:5e:a7:c3:b0:f2:55:
67:b9:95:0e:0e:bf:03:85:8a:cc:80:9d:b0:40:10:b2:5a:cf:
98:18:3c:bc:cf:08:0a:5a:bf:d9:cb:e4:e3:5a:5f:1f:93:fd:
12:39:18:b6:c6:6f:68:e8:48:b4:3e:bb:14:d8:fa:c8:70:f5:
20:3e:09:0a:03:a8:ed:43:7e:11:da:90:04:d3:60:53:7f:4d:
56:1c:6d:60:85:d0:d8:ef:04:28:e5:3a:c2:8b:c1:09:fd:50:
a5:77:bc:a0:cd:5a:18:65:b8:06:48:db:ce:4a:ba:31:18:50:
07:d4:63:68:c6:a2:6c:26:3e:fd:7b:12:5f:de:6a:49:21:9c:
dd:25:07:35:64:3f:c1:b6:d0:81:d7:15:9b:16:05:3d:d8:e1:
9c:43:4a:40:8d:f1:c2:d8:79:37:b1:c0:a8:95:d9:72:f2:bf:
2a:82:87:c7:d1:ff:e0:9a:0f:08:32:e1:2f:b2:89:ab:1d:e9:
34:99:74:e9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZO6HZuLd81r5Wq7PBBBsPDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjEyMDkwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY5YzdmMTYzZDM3ZDI3NTFlYjRhMGJjNGJkZTdhZmU1MDk5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25focp1tZALiozWSR7OCdHdD76Ka
kFYnQqc9g8hPCDyrrq/trFG4gY23uqiuFFvO9QjaH7mJpw6bTa4lNtXG5V2xKgII
t/PROFsaIEX960REtZNsPkNQWYRZCjsvMtxcSvk0lkTM0hswVt+tlIdB5Tpyd6On
YSLPx71PXpUYMtf0ypbbO2figX9e82bDfJURmHmdcViTno4fRW+6mdz6q9ckjD9h
cvDb3ciERBYmZeGW1RRSI06pIo/5dJyM+sXR35GmdONhWoOxKzOWkRandjXkRyik
0fMWw+O/AvJgn4pTk3Mwsf1c86FUGzvzNuIRvfrd6QofZ0S6jo+YWWdDYwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ1px/Fj030nUetKC8S956/lCZISMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvblduSDhXUFRmU2RSNjBvTHhMM25yLVVKa2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABa+PAwQA
Ba/pAwQATVoAAwQATVoCAwQATVoIAwQATVoNAwQATVozMA0GCSqGSIb3DQEBCwUA
A4IBAQBxVhBGMcplOltJHbGbOCX7dM2TDFpjDOqdRI08NFXzNyyDHI0d+0oo6gDw
+vJ06leNkWMSM07xfTZc0tQXzk1HjExep8Ow8lVnuZUODr8DhYrMgJ2wQBCyWs+Y
GDy8zwgKWr/Zy+TjWl8fk/0SORi2xm9o6Ei0PrsU2PrIcPUgPgkKA6jtQ34R2pAE
02BTf01WHG1ghdDY7wQo5TrCi8EJ/VCld7ygzVoYZbgGSNvOSroxGFAH1GNoxqJs
Jj79exJf3mpJIZzdJQc1ZD/BttCB1xWbFgU92OGcQ0pAjfHC2Hk3scColdly8r8q
gofH0f/gmg8IMuEvsomrHek0mXTp
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:16:00 2025 by rpki-client