Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NNhxTIfw-_5xFw2filMVpRX4ZXs.roa
File: NNhxTIfw-_5xFw2filMVpRX4ZXs.roa (raw, json)
Hash identifier: TbI9d8hLHsOc72eiDSZTew8iceUtSuEpvhPlyEVgPDA=
Subject key identifier: 34:D8:71:4C:87:F0:FB:FE:71:17:0D:9F:8A:53:15:A5:15:F8:65:7B
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019584922B72D64E46CBA4372D9479CAABC5
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NNhxTIfw-_5xFw2filMVpRX4ZXs.roa
Signing time: Tue 11 Mar 2025 09:38:46 +0000
ROA not before: Tue 11 Mar 2025 09:38:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:92:2b:72:d6:4e:46:cb:a4:37:2d:94:79:ca:ab:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 11 09:38:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34d8714c87f0fbfe71170d9f8a5315a515f8657b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:66:a8:a0:25:75:91:57:b2:3a:d0:c9:19:f8:
34:0e:e9:fd:90:9f:57:49:3a:3c:4b:aa:4a:35:a0:
51:53:a7:ce:9b:58:9a:f0:c0:aa:b7:99:0b:4c:45:
21:37:a4:44:14:cb:48:38:e8:b4:17:6e:ba:e6:98:
10:de:7b:46:99:ce:b3:2f:03:fa:2d:f0:3b:f4:9e:
71:c6:1f:ce:f3:86:ad:5c:a9:59:61:5b:93:ce:bb:
bc:48:33:7d:3d:fe:ef:30:7b:9e:a4:c6:51:f2:95:
ca:3b:7a:a4:ca:9b:54:fd:64:ba:c8:e5:c8:65:a7:
b7:f6:56:7e:7c:94:d7:01:9e:5a:90:b7:c9:f7:3e:
81:55:6a:d8:8c:27:b1:54:fa:04:be:ca:f0:9f:68:
19:49:6c:c4:c6:7e:56:2b:b2:4c:7c:3f:b1:3f:44:
38:8e:f3:9e:75:cb:b7:18:71:92:2c:03:34:14:ff:
57:ad:d3:31:88:10:e3:65:98:46:a7:67:cf:a7:5f:
31:01:f3:71:03:4d:53:57:64:f7:a9:cb:e4:10:ed:
b2:25:d8:23:61:9a:13:21:7c:88:db:30:34:13:f5:
62:28:68:a9:ff:24:bd:be:1f:e8:bd:4b:64:32:8c:
3d:c0:95:07:2f:49:50:52:20:40:e4:b2:7b:0f:f7:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D8:71:4C:87:F0:FB:FE:71:17:0D:9F:8A:53:15:A5:15:F8:65:7B
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/NNhxTIfw-_5xFw2filMVpRX4ZXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.236.0/22
193.160.140.0/22
193.223.104.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:a0:40:84:cd:52:0b:88:73:f5:b9:19:d8:a4:15:9a:13:d9:
39:e6:64:79:98:23:44:de:ec:89:95:af:95:93:47:03:8c:46:
33:ac:7a:78:21:b0:47:90:af:b9:f1:91:bc:be:b0:e2:c3:6e:
20:d6:f5:a3:2e:07:f9:5b:f8:22:11:a8:94:82:12:60:bb:56:
94:5b:0e:a5:2e:01:ab:b5:a9:f5:05:89:0a:93:75:e4:c9:8d:
13:5e:ef:52:fa:69:f2:0e:90:ab:17:c1:30:24:a2:8d:9c:7c:
50:f5:c1:13:6e:2c:28:0f:77:58:ff:bf:50:f3:1c:61:f0:2c:
e2:90:56:fa:6f:08:b6:f9:66:33:ff:b6:df:75:19:65:d9:47:
de:8c:26:0c:84:1a:32:8c:b9:4f:ce:4f:1a:2c:7c:7c:52:e7:
20:9c:c8:38:da:9c:1f:e4:98:c3:dc:00:76:d7:eb:db:85:3f:
b6:18:55:73:84:30:17:2c:3e:1b:2d:83:69:99:91:26:75:bb:
83:5c:cd:01:fc:8b:5f:d6:dd:da:2a:ca:89:e2:92:73:d0:fa:
cc:db:1f:d8:25:b2:c8:34:7a:e7:e0:cf:0f:e7:ff:0a:4a:28:
95:ab:d6:87:f0:6a:14:1b:c0:af:ae:33:22:cc:6f:98:51:65:
3d:ce:ac:04
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZWEkity1k5Gy6Q3LZR5yqvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMzExMDkzODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ4NzE0Yzg3ZjBmYmZlNzExNzBkOWY4YTUzMTVhNTE1Zjg2NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWaooCV1kVeyOtDJGfg0Dun9kJ9X
STo8S6pKNaBRU6fOm1ia8MCqt5kLTEUhN6REFMtIOOi0F2665pgQ3ntGmc6zLwP6
LfA79J5xxh/O84atXKlZYVuTzru8SDN9Pf7vMHuepMZR8pXKO3qkyptU/WS6yOXI
Zae39lZ+fJTXAZ5akLfJ9z6BVWrYjCexVPoEvsrwn2gZSWzExn5WK7JMfD+xP0Q4
jvOedcu3GHGSLAM0FP9XrdMxiBDjZZhGp2fPp18xAfNxA01TV2T3qcvkEO2yJdgj
YZoTIXyI2zA0E/ViKGip/yS9vh/ovUtkMow9wJUHL0lQUiBA5LJ7D/eNAQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFDTYcUyH8Pv+cRcNn4pTFaUV+GV7MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTk5oeFRJZnctXzV4RncyZmlsTVZwUlg0WlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBlwQCAAEwgZADBABb
wjcDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5Vg4DBAC5VpgDBAC5VpsDBAC5
V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0hAwQCuY0gAwQCubgYMAwDBAO5
uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAK5/uwDBALBoIwDBALB32gwIgQC
AAIwHAMFAyoFvwADBQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQAD
ggEBABmgQITNUguIc/W5GdikFZoT2TnmZHmYI0Te7ImVr5WTRwOMRjOsenghsEeQ
r7nxkby+sOLDbiDW9aMuB/lb+CIRqJSCEmC7VpRbDqUuAau1qfUFiQqTdeTJjRNe
71L6afIOkKsXwTAkoo2cfFD1wRNuLCgPd1j/v1DzHGHwLOKQVvpvCLb5ZjP/tt91
GWXZR96MJgyEGjKMuU/OTxosfHxS5yCcyDjanB/kmMPcAHbX69uFP7YYVXOEMBcs
Phstg2mZkSZ1u4NczQH8i1/W3doqyoniknPQ+szbH9glssg0eufgzw/n/wpKKJWr
1ofwahQbwK+uMyLMb5hRZT3OrAQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:37:05 2025 by rpki-client