Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/nyss7FejNtDGTUXRBz8EpK-bUtQ.roa
File: nyss7FejNtDGTUXRBz8EpK-bUtQ.roa (raw, json)
Hash identifier: 1YbJTbv2jhWedSFo8tfV4w9Efzyk/as9DY0FQwn+kas=
Subject key identifier: 9F:2B:2C:EC:57:A3:36:D0:C6:4D:45:D1:07:3F:04:A4:AF:9B:52:D4
Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Certificate serial: 0194228DFF8DD346F52156585B79E04D3B79
Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/nyss7FejNtDGTUXRBz8EpK-bUtQ.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57535
IP address blocks: 91.232.210.0/24 maxlen: 24
91.232.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ff:8d:d3:46:f5:21:56:58:5b:79:e0:4d:3b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f2b2cec57a336d0c64d45d1073f04a4af9b52d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:ce:a9:07:34:c5:4b:0b:6c:94:a6:fe:72:
5e:33:e5:5d:ba:e7:15:46:f5:2a:95:0a:3c:92:88:
da:a0:f5:74:43:9f:27:9d:ab:b4:5b:be:d8:63:e1:
70:ae:0e:3b:57:f3:19:e3:4d:0a:5e:f9:cd:eb:2f:
a6:fa:9a:de:73:7b:26:03:5f:9a:81:8c:c0:20:aa:
93:a0:c2:24:62:b2:ba:a1:43:01:18:f9:77:43:9c:
db:de:25:c7:58:4b:20:16:40:f0:ea:2f:76:ca:a7:
ec:3f:4f:7e:da:b3:2e:22:72:1d:b2:26:59:7b:63:
9d:ff:5c:db:4f:6b:87:29:86:f4:f2:3c:6d:e3:1c:
98:9d:d8:b2:ef:4c:d0:49:3a:eb:f1:88:f7:02:be:
26:cf:7c:3a:9a:c8:0f:1c:a7:54:89:5e:8c:c8:c4:
02:f6:8f:ec:34:76:48:5d:17:e3:8b:24:5b:11:3f:
3c:ff:f1:9d:b5:ee:98:79:11:9c:08:c4:86:10:e3:
a0:01:d1:45:5e:66:e9:f0:0e:e7:62:97:67:f4:a6:
41:12:35:c3:09:99:c8:8f:a3:13:06:d2:13:fb:be:
ee:60:bb:22:93:f4:42:37:6d:a3:8e:a8:cc:aa:29:
b1:99:17:6a:77:ed:08:32:2a:b5:dc:dd:f9:d2:cf:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2B:2C:EC:57:A3:36:D0:C6:4D:45:D1:07:3F:04:A4:AF:9B:52:D4
X509v3 Authority Key Identifier:
keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/nyss7FejNtDGTUXRBz8EpK-bUtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.210.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:27:5c:15:74:c7:9a:8a:c0:1f:90:8f:e7:9a:63:bf:eb:c0:
f5:e9:1d:60:e0:25:9e:a9:ab:02:c4:1a:b3:78:af:54:21:94:
06:88:5e:1f:ec:4a:6d:2c:56:9b:df:99:64:03:01:d7:3c:f9:
81:d4:d8:99:12:c0:61:d2:f5:0a:11:db:2e:81:d6:8d:a7:cb:
67:91:c2:b3:5c:8f:39:38:55:2f:05:1e:ea:17:d3:56:67:08:
90:87:03:75:5e:01:96:b6:0c:64:9c:37:21:89:87:b0:6b:9f:
f1:dc:f9:94:02:db:01:6f:16:3b:fd:e4:5c:ca:7c:02:ae:6d:
b3:4e:ea:d7:79:7a:93:fe:f2:c7:7e:50:46:d7:ed:59:ba:b1:
a6:b7:a4:68:c2:94:ef:51:f4:2a:e8:a6:c9:e0:38:34:13:9e:
e1:11:96:d0:48:9b:b6:4b:eb:9c:9c:57:41:b1:42:78:a1:5a:
36:e8:28:ca:b8:c2:cc:57:bb:b1:81:cf:94:fb:28:1a:67:8b:
2f:9f:7d:e3:f8:a4:06:66:a7:94:6f:24:1e:02:ba:ed:9c:a6:
82:69:46:7f:a4:0a:56:f6:c9:d8:09:81:79:4b:e5:90:97:db:
d0:39:a6:ca:98:e4:d5:c7:32:54:79:92:92:4e:d4:b5:a9:82:
07:1d:89:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijf+N00b1IVZYW3ngTTt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz
MDg4MjAwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJiMmNlYzU3YTMzNmQwYzY0ZDQ1ZDEwNzNmMDRhNGFmOWI1MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaLOqQc0xUsLbJSm/nJeM+VduucV
RvUqlQo8kojaoPV0Q58nnau0W77YY+Fwrg47V/MZ400KXvnN6y+m+prec3smA1+a
gYzAIKqToMIkYrK6oUMBGPl3Q5zb3iXHWEsgFkDw6i92yqfsP09+2rMuInIdsiZZ
e2Od/1zbT2uHKYb08jxt4xyYndiy70zQSTrr8Yj3Ar4mz3w6msgPHKdUiV6MyMQC
9o/sNHZIXRfjiyRbET88//Gdte6YeRGcCMSGEOOgAdFFXmbp8A7nYpdn9KZBEjXD
CZnIj6MTBtIT+77uYLsik/RCN22jjqjMqimxmRdqd+0IMiq13N350s+LlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8rLOxXozbQxk1F0Qc/BKSvm1LUMB8GA1UdIwQY
MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt
MWU3MzAwY2NkYTM2LzEvbnlzczdGZWpOdERHVFVYUkJ6OEVwSy1iVXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2
LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jSMA0G
CSqGSIb3DQEBCwUAA4IBAQB+J1wVdMeaisAfkI/nmmO/68D16R1g4CWeqasCxBqz
eK9UIZQGiF4f7EptLFab35lkAwHXPPmB1NiZEsBh0vUKEdsugdaNp8tnkcKzXI85
OFUvBR7qF9NWZwiQhwN1XgGWtgxknDchiYewa5/x3PmUAtsBbxY7/eRcynwCrm2z
TurXeXqT/vLHflBG1+1ZurGmt6RowpTvUfQq6KbJ4Dg0E57hEZbQSJu2S+ucnFdB
sUJ4oVo26CjKuMLMV7uxgc+U+ygaZ4svn33j+KQGZqeUbyQeArrtnKaCaUZ/pApW
9snYCYF5S+WQl9vQOabKmOTVxzJUeZKSTtS1qYIHHYmH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:37 2025 by rpki-client