Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/nyb0R-h__Mic6GDdyNWGNxBzot4.roa
File: nyb0R-h__Mic6GDdyNWGNxBzot4.roa (raw, json)
Hash identifier: fgTFT13/lPyU/NB1je1ug0Uwy5bGAtYnZFu7LeFmdpg=
Subject key identifier: 9F:26:F4:47:E8:7F:FC:C8:9C:E8:60:DD:C8:D5:86:37:10:73:A2:DE
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 019427B60A5CA32059EF5A65DB905B168A91
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/nyb0R-h__Mic6GDdyNWGNxBzot4.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204979
IP address blocks: 185.234.0.0/22 maxlen: 22
185.234.0.0/24 maxlen: 24
2a01:40:4949::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0a:5c:a3:20:59:ef:5a:65:db:90:5b:16:8a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f26f447e87ffcc89ce860ddc8d586371073a2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:82:97:33:01:e1:a5:54:d7:fc:f5:19:e2:
81:96:c5:23:6e:e0:ef:88:e4:d9:e4:74:7f:f3:37:
11:26:fd:3b:27:ac:7b:57:26:0f:f5:2c:c3:86:56:
3e:3f:49:4c:8f:27:32:41:e2:32:1c:9f:44:b9:6f:
77:22:3a:f8:f1:e9:36:2e:92:f8:69:6c:47:1b:e7:
fc:73:62:f5:70:b2:54:75:8e:91:59:20:f3:63:c8:
e3:de:d6:fb:81:99:f1:9b:3d:a9:44:a7:51:d5:c9:
4b:f3:ba:02:e0:6d:0e:53:d6:d9:60:a5:c9:59:62:
ea:ee:19:b9:ea:fa:22:20:22:f2:29:48:74:d9:12:
17:c4:11:c8:05:37:59:6b:f2:02:5b:bc:91:f0:ef:
54:08:dc:4c:fc:81:1d:08:b6:68:e3:f4:7a:95:6e:
79:46:05:c4:b7:83:b6:1d:5f:5c:ae:a9:f8:d1:15:
8c:f2:66:85:e7:d6:ef:d3:5e:b6:80:a3:13:84:6b:
d3:5e:9d:d4:28:bc:fd:7a:f7:84:9b:94:84:5e:c1:
03:eb:33:9c:28:7d:d2:a9:7a:68:14:8f:3d:50:3b:
d7:a9:ba:e2:ec:89:e3:7a:45:00:28:f3:49:59:04:
d5:75:26:5f:1f:cb:f4:92:50:31:fe:a5:bf:2e:56:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:26:F4:47:E8:7F:FC:C8:9C:E8:60:DD:C8:D5:86:37:10:73:A2:DE
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/nyb0R-h__Mic6GDdyNWGNxBzot4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.0.0/22
IPv6:
2a01:40:4949::/48
Signature Algorithm: sha256WithRSAEncryption
82:06:61:83:53:f9:25:70:d5:af:4b:de:17:db:e8:f5:eb:d5:
46:d5:8d:4a:69:f8:b2:d6:e6:94:d4:22:b0:e0:2b:c2:51:0b:
30:38:56:83:fa:e2:ad:8e:98:06:77:25:0e:24:e4:a9:5f:1e:
b2:a9:f0:0c:84:38:9b:61:28:8a:a2:1b:2f:9e:15:d5:f7:0f:
df:27:2b:6c:69:16:8d:22:1a:9d:00:43:69:f3:4c:fa:e6:c7:
bc:72:cc:4c:27:15:19:2e:fb:e5:5c:5e:5f:6a:3a:21:dc:e9:
c8:83:72:eb:ee:64:e5:f6:b4:f9:2a:80:3b:fc:af:94:65:86:
8f:65:2c:ad:0e:fc:f8:48:97:c4:13:84:f9:e5:91:b5:3d:31:
e0:d4:f9:58:bb:da:89:48:33:fa:cd:e4:72:9e:1a:95:4c:9e:
54:94:60:d4:71:81:98:ad:93:e7:f3:15:8b:4a:e6:e1:d1:b7:
5e:0a:61:37:64:d7:57:d3:23:71:08:bb:37:e6:71:a1:33:a7:
65:b2:e5:04:d1:8f:3d:30:6d:64:31:ca:92:aa:18:ee:61:ff:
4c:3c:5c:79:81:fa:63:6d:3d:49:bb:7e:89:09:89:ef:d7:76:
db:67:fa:60:1e:7c:83:ee:67:0a:c9:b1:56:9a:6c:49:e5:59:
23:81:6b:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntgpcoyBZ71pl25BbFoqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI2ZjQ0N2U4N2ZmY2M4OWNlODYwZGRjOGQ1ODYzNzEwNzNhMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmyClzMB4aVU1/z1GeKBlsUjbuDv
iOTZ5HR/8zcRJv07J6x7VyYP9SzDhlY+P0lMjycyQeIyHJ9EuW93Ijr48ek2LpL4
aWxHG+f8c2L1cLJUdY6RWSDzY8jj3tb7gZnxmz2pRKdR1clL87oC4G0OU9bZYKXJ
WWLq7hm56voiICLyKUh02RIXxBHIBTdZa/ICW7yR8O9UCNxM/IEdCLZo4/R6lW55
RgXEt4O2HV9crqn40RWM8maF59bv0162gKMThGvTXp3UKLz9eveEm5SEXsED6zOc
KH3SqXpoFI89UDvXqbri7InjekUAKPNJWQTVdSZfH8v0klAx/qW/LlYxiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8m9Efof/zInOhg3cjVhjcQc6LeMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvbnliMFItaF9fTWljNkdEZHlOV0dOeEJ6b3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCueoAMA8E
AgACMAkDBwAqAQBASUkwDQYJKoZIhvcNAQELBQADggEBAIIGYYNT+SVw1a9L3hfb
6PXr1UbVjUpp+LLW5pTUIrDgK8JRCzA4VoP64q2OmAZ3JQ4k5KlfHrKp8AyEOJth
KIqiGy+eFdX3D98nK2xpFo0iGp0AQ2nzTPrmx7xyzEwnFRku++VcXl9qOiHc6ciD
cuvuZOX2tPkqgDv8r5Rlho9lLK0O/PhIl8QThPnlkbU9MeDU+Vi72olIM/rN5HKe
GpVMnlSUYNRxgZitk+fzFYtK5uHRt14KYTdk11fTI3EIuzfmcaEzp2Wy5QTRjz0w
bWQxypKqGO5h/0w8XHmB+mNtPUm7fokJie/Xdttn+mAefIPuZwrJsVaabEnlWSOB
a9g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:25 2025 by rpki-client