Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/nEhO-4IOflDc16smasjo46yXDrU.roa
File: nEhO-4IOflDc16smasjo46yXDrU.roa (raw, json)
Hash identifier: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=
Subject key identifier: 9C:48:4E:FB:82:0E:7E:50:DC:D7:AB:26:6A:C8:E8:E3:AC:97:0E:B5
Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial: 0194228DF5C279138C0491C8555CEB5959CD
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/nEhO-4IOflDc16smasjo46yXDrU.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41872
IP address blocks: 37.110.200.0/21 maxlen: 24
37.110.200.0/22 maxlen: 22
37.110.205.0/24 maxlen: 24
37.110.206.0/24 maxlen: 24
37.209.176.0/20 maxlen: 20
81.92.96.0/20 maxlen: 20
91.190.0.0/19 maxlen: 19
94.100.144.0/20 maxlen: 20
94.198.248.0/21 maxlen: 22
185.161.20.0/22 maxlen: 22
212.35.0.0/19 maxlen: 19
2a02:6500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f5:c2:79:13:8c:04:91:c8:55:5c:eb:59:59:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c484efb820e7e50dcd7ab266ac8e8e3ac970eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ce:60:7b:07:98:1a:a4:70:eb:83:0b:2d:23:
f0:1b:e8:20:a7:3f:67:f4:4e:2f:3d:cc:d3:fc:fa:
d8:aa:2a:a1:da:d5:ac:48:4c:aa:7d:5c:54:b8:3e:
02:8a:20:67:a1:b6:1a:2e:b9:22:71:b0:f5:6b:54:
c6:71:f5:3a:77:62:47:0d:b8:e8:5a:ba:1f:a4:15:
33:19:b6:4e:1b:4c:e2:aa:e6:6b:d5:61:4f:9f:2a:
b1:f0:09:60:8a:1a:f3:1a:ee:2d:fa:4b:e5:13:00:
c6:15:4d:29:8f:e0:2c:e4:50:db:25:95:9b:02:71:
4a:8f:8e:05:5a:6c:d5:4c:53:90:7c:bc:f8:0e:89:
88:2a:6c:74:21:05:b0:26:22:43:a1:9f:25:a8:ab:
31:7a:9e:f7:56:fe:2d:24:b1:8d:de:a1:e7:80:4c:
66:88:a9:01:b1:7a:ce:b9:8c:a2:26:a5:ba:73:85:
79:e8:fd:28:be:a4:05:cf:0f:d6:df:01:0d:aa:9b:
53:d0:e6:bc:0d:43:b2:51:ad:21:44:30:5f:b5:fa:
9a:ed:04:98:20:38:45:ea:05:c6:92:6c:cc:da:4f:
0f:cc:0e:ad:3d:28:eb:6c:02:fa:31:5c:d9:dc:8b:
4c:ee:71:8a:d2:fb:64:f7:2f:27:07:0a:40:98:be:
b4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:48:4E:FB:82:0E:7E:50:DC:D7:AB:26:6A:C8:E8:E3:AC:97:0E:B5
X509v3 Authority Key Identifier:
keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/nEhO-4IOflDc16smasjo46yXDrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.110.200.0/21
37.209.176.0/20
81.92.96.0/20
91.190.0.0/19
94.100.144.0/20
94.198.248.0/21
185.161.20.0/22
212.35.0.0/19
IPv6:
2a02:6500::/32
Signature Algorithm: sha256WithRSAEncryption
4f:8a:fd:39:d5:2a:a9:71:f4:39:69:57:16:9f:35:28:fe:a5:
61:c1:38:94:02:dc:27:e5:eb:ea:67:a6:23:70:c6:37:12:a2:
de:a7:88:db:67:97:8b:27:04:bb:0d:2c:af:a3:69:1e:cd:32:
e8:62:2d:d4:0c:ac:5a:01:0d:a6:c7:a3:3c:26:18:e6:6a:68:
9d:d6:bf:ca:fd:3f:c0:9d:50:af:b3:97:40:ae:ef:7d:6f:a3:
dc:1e:bf:eb:50:26:9d:b5:dd:ab:c3:78:5e:c4:57:8d:ad:ad:
40:a6:f2:10:60:c1:59:c3:f5:2e:0a:bc:54:71:e5:59:a4:c0:
8f:9d:51:bd:b8:76:b0:fe:bc:e6:5a:90:62:50:9e:f6:d9:b4:
53:65:57:a0:e2:07:9d:dd:6e:22:ee:3a:cf:f8:9e:10:7a:64:
24:16:9f:d6:1d:24:02:56:62:e7:a3:ea:13:f6:e9:dc:b4:0a:
3f:e3:cf:32:da:55:68:4b:8b:c8:27:71:f6:9e:85:9a:03:f2:
5f:22:eb:69:b5:ba:54:4c:00:a3:9d:83:b9:48:01:79:14:e9:
28:cf:03:9f:04:04:7b:4e:cc:9b:4c:2f:a0:9e:ce:72:c4:45:
42:e1:e1:96:e9:87:16:7f:bd:28:5d:ea:fd:97:b9:e2:4d:ae:
9d:5c:f9:17
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQijfXCeROMBJHIVVzrWVnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ4NGVmYjgyMGU3ZTUwZGNkN2FiMjY2YWM4ZThlM2FjOTcwZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo85geweYGqRw64MLLSPwG+ggpz9n
9E4vPczT/PrYqiqh2tWsSEyqfVxUuD4CiiBnobYaLrkicbD1a1TGcfU6d2JHDbjo
WrofpBUzGbZOG0ziquZr1WFPnyqx8AlgihrzGu4t+kvlEwDGFU0pj+As5FDbJZWb
AnFKj44FWmzVTFOQfLz4DomIKmx0IQWwJiJDoZ8lqKsxep73Vv4tJLGN3qHngExm
iKkBsXrOuYyiJqW6c4V56P0ovqQFzw/W3wENqptT0Oa8DUOyUa0hRDBftfqa7QSY
IDhF6gXGkmzM2k8PzA6tPSjrbAL6MVzZ3ItM7nGK0vtk9y8nBwpAmL606wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJxITvuCDn5Q3NerJmrI6OOslw61MB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEvbkVoTy00SU9mbERjMTZzbWFzam80NnlYRHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJW7IAwQE
JdGwAwQEUVxgAwQFW74AAwQEXmSQAwQDXsb4AwQCuaEUAwQF1CMAMA0EAgACMAcD
BQAqAmUAMA0GCSqGSIb3DQEBCwUAA4IBAQBPiv051SqpcfQ5aVcWnzUo/qVhwTiU
Atwn5evqZ6YjcMY3EqLep4jbZ5eLJwS7DSyvo2kezTLoYi3UDKxaAQ2mx6M8Jhjm
amid1r/K/T/AnVCvs5dAru99b6PcHr/rUCadtd2rw3hexFeNra1ApvIQYMFZw/Uu
CrxUceVZpMCPnVG9uHaw/rzmWpBiUJ722bRTZVeg4ged3W4i7jrP+J4QemQkFp/W
HSQCVmLno+oT9unctAo/488y2lVoS4vIJ3H2noWaA/JfIutptbpUTACjnYO5SAF5
FOkozwOfBAR7TsybTC+gns5yxEVC4eGW6YcWf70oXer9l7niTa6dXPkX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:41 2025 by rpki-client