Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/nCYRFHxESiPTOP0DiwWAA3vf6pc.roa
File: nCYRFHxESiPTOP0DiwWAA3vf6pc.roa (raw, json)
Hash identifier: n1iHEUmqWKjUYGzT2fByz8YLuqOJY83LkJFmv6uksFE=
Subject key identifier: 9C:26:11:14:7C:44:4A:23:D3:38:FD:03:8B:05:80:03:7B:DF:EA:97
Certificate issuer: /CN=37af48131ecd9dca3def2b2de788f15060627755
Certificate serial: 0194236A23AFC0B1CFDE95C6F8E75FB181CF
Authority key identifier: 37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/nCYRFHxESiPTOP0DiwWAA3vf6pc.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 5.179.32.0/19 maxlen: 19
5.179.32.0/20 maxlen: 20
5.179.48.0/20 maxlen: 20
5.179.64.0/21 maxlen: 21
5.179.64.0/22 maxlen: 22
5.179.68.0/22 maxlen: 22
37.228.192.0/18 maxlen: 18
37.228.192.0/19 maxlen: 19
37.228.224.0/19 maxlen: 19
46.7.0.0/16 maxlen: 16
46.7.0.0/17 maxlen: 17
46.7.128.0/17 maxlen: 17
46.255.152.0/21 maxlen: 21
46.255.152.0/22 maxlen: 22
46.255.156.0/22 maxlen: 22
78.24.16.0/21 maxlen: 21
78.24.16.0/22 maxlen: 22
78.24.20.0/22 maxlen: 22
79.97.0.0/16 maxlen: 16
79.97.0.0/17 maxlen: 17
79.97.128.0/17 maxlen: 17
89.100.0.0/15 maxlen: 15
89.100.0.0/16 maxlen: 16
89.101.0.0/16 maxlen: 16
109.255.0.0/16 maxlen: 16
109.255.0.0/17 maxlen: 17
109.255.128.0/17 maxlen: 17
176.61.0.0/17 maxlen: 17
176.61.0.0/18 maxlen: 18
176.61.64.0/18 maxlen: 18
185.54.224.0/22 maxlen: 22
185.54.224.0/23 maxlen: 23
185.54.226.0/23 maxlen: 23
188.141.0.0/17 maxlen: 17
188.141.0.0/18 maxlen: 18
188.141.64.0/18 maxlen: 18
2a02:8080::/29 maxlen: 29
2a02:8080::/30 maxlen: 30
2a02:8084::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:23:af:c0:b1:cf:de:95:c6:f8:e7:5f:b1:81:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37af48131ecd9dca3def2b2de788f15060627755
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c2611147c444a23d338fd038b0580037bdfea97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:97:31:09:bf:f6:d0:f4:ed:b2:4b:b3:ac:89:
35:a5:2e:7b:b2:8b:e0:a9:b8:07:b3:7d:40:6a:22:
f6:82:3f:d8:60:f5:7b:b3:2a:d4:35:45:35:11:52:
31:08:1a:83:d9:f9:ff:6b:0c:c6:39:2c:13:29:d8:
c6:a9:4d:67:e9:d4:48:0f:cd:98:1f:a4:c5:1a:2d:
66:6a:99:30:0b:db:9b:37:13:29:ac:af:6c:e3:24:
69:89:0b:b6:bb:13:dd:7d:e1:5c:24:40:7c:a5:6f:
9d:5b:65:50:e6:1e:73:f2:c3:9c:6e:36:40:0d:9e:
d0:09:0c:5a:13:15:e7:ca:d5:da:9d:b1:44:49:6e:
e1:0f:76:ee:a5:df:3d:df:4a:3b:f8:7d:a9:05:06:
73:b8:2e:04:13:d8:a6:a6:f9:b5:12:54:1d:70:50:
53:4d:b3:48:cf:be:7e:ee:f6:bb:b8:22:b2:97:e6:
c3:df:07:f0:46:9c:12:cf:7c:0a:ab:aa:4d:69:31:
65:60:6c:0a:4f:49:6f:86:17:c0:44:4d:3d:61:d5:
3f:84:84:6e:86:42:4b:51:87:2e:fa:c8:d3:a8:9c:
53:dc:b0:e1:46:11:b2:a2:2d:ff:d7:a2:87:02:a3:
bd:50:0d:2d:79:e9:1d:cc:67:43:fb:a8:6e:38:8f:
88:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:26:11:14:7C:44:4A:23:D3:38:FD:03:8B:05:80:03:7B:DF:EA:97
X509v3 Authority Key Identifier:
keyid:37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/nCYRFHxESiPTOP0DiwWAA3vf6pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/N69IEx7Nnco97yst54jxUGBid1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.32.0-5.179.71.255
37.228.192.0/18
46.7.0.0/16
46.255.152.0/21
78.24.16.0/21
79.97.0.0/16
89.100.0.0/15
109.255.0.0/16
176.61.0.0/17
185.54.224.0/22
188.141.0.0/17
IPv6:
2a02:8080::/29
Signature Algorithm: sha256WithRSAEncryption
3f:8d:35:98:04:c4:c5:34:1a:af:53:b1:ad:8a:10:b1:f0:88:
21:b2:e0:ba:ed:cd:f5:00:0f:c6:3e:02:92:b8:8b:bf:cd:5c:
8f:cf:3e:31:eb:23:c4:3d:45:b4:bc:05:44:c0:b6:8c:5f:17:
6a:e5:61:d7:6d:8d:7d:e7:0c:0a:1e:3a:ce:62:91:0d:8e:fd:
7e:a6:41:b4:9a:29:5d:46:74:52:a6:b8:c7:23:e8:be:dc:d0:
a6:86:96:8e:41:61:64:b9:31:05:a2:02:b7:78:58:a2:e3:54:
a0:36:81:4b:4e:1b:a1:1e:e1:1f:43:c7:22:0d:9b:e3:1e:1b:
e0:51:70:70:2c:f4:31:ac:94:9e:5d:f7:d3:a0:a7:04:fb:fb:
c9:6e:d0:96:73:34:54:69:a0:91:b2:dd:c6:aa:2b:8f:77:a9:
7c:66:1e:6b:c7:9b:0a:97:42:f0:25:37:4a:34:02:60:d1:1c:
94:3a:6e:d5:b5:0c:a7:8a:11:ef:e9:79:ef:ca:84:a1:5f:86:
f3:7a:fc:c9:14:b6:ed:04:ed:fa:d3:87:67:ca:b2:e0:7b:92:
ee:12:8b:6f:5e:11:7b:a0:ed:bb:d6:98:8f:f0:f6:8d:64:ea:
22:e7:62:d1:4e:b8:cd:af:7d:53:73:d7:f6:f4:1c:89:b8:b3:
b6:54:98:85
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQjaiOvwLHP3pXG+OdfsYHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YWY0ODEzMWVjZDlkY2EzZGVmMmIyZGU3ODhmMTUwNjA2
Mjc3NTUwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI2MTExNDdjNDQ0YTIzZDMzOGZkMDM4YjA1ODAwMzdiZGZlYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJcxCb/20PTtskuzrIk1pS57sovg
qbgHs31AaiL2gj/YYPV7syrUNUU1EVIxCBqD2fn/awzGOSwTKdjGqU1n6dRID82Y
H6TFGi1mapkwC9ubNxMprK9s4yRpiQu2uxPdfeFcJEB8pW+dW2VQ5h5z8sOcbjZA
DZ7QCQxaExXnytXanbFESW7hD3bupd8930o7+H2pBQZzuC4EE9impvm1ElQdcFBT
TbNIz75+7va7uCKyl+bD3wfwRpwSz3wKq6pNaTFlYGwKT0lvhhfARE09YdU/hIRu
hkJLUYcu+sjTqJxT3LDhRhGyoi3/16KHAqO9UA0teekdzGdD+6huOI+IFQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFJwmERR8REoj0zj9A4sFgAN73+qXMB8GA1UdIwQY
MBaAFDevSBMezZ3KPe8rLeeI8VBgYndVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUt
ZGY2ZjIwZGNiOTRiLzEvbkNZUkZIeEVTaVBUT1AwRGl3V0FBM3ZmNnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUtZGY2ZjIwZGNiOTRi
LzEvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAUFsyAD
BAMFs0ADBAYl5MADAwAuBwMEAy7/mAMEA04YEAMDAE9hAwMBWWQDAwBt/wMEB7A9
AAMEArk24AMEB7yNADANBAIAAjAHAwUDKgKAgDANBgkqhkiG9w0BAQsFAAOCAQEA
P401mATExTQar1OxrYoQsfCIIbLguu3N9QAPxj4CkriLv81cj88+MesjxD1FtLwF
RMC2jF8XauVh122NfecMCh46zmKRDY79fqZBtJopXUZ0Uqa4xyPovtzQpoaWjkFh
ZLkxBaICt3hYouNUoDaBS04boR7hH0PHIg2b4x4b4FFwcCz0MayUnl3306CnBPv7
yW7QlnM0VGmgkbLdxqorj3epfGYea8ebCpdC8CU3SjQCYNEclDpu1bUMp4oR7+l5
78qEoV+G83r8yRS27QTt+tOHZ8qy4HuS7hKLb14Re6Dtu9aYj/D2jWTqIudi0U64
za99U3PX9vQcibiztlSYhQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:25 2025 by rpki-client