Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/NVd8LXx_N2OnP7Dz0qYfp0BrwyE.roa
File: NVd8LXx_N2OnP7Dz0qYfp0BrwyE.roa (raw, json)
Hash identifier: KXS5t23U3JN9IkH4G9USA7r6qnruCVWmREWySxRe2Ns=
Subject key identifier: 35:57:7C:2D:7C:7F:37:63:A7:3F:B0:F3:D2:A6:1F:A7:40:6B:C3:21
Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Certificate serial: 0194228E4447CD6293AD2A93A9EA35234B03
Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/NVd8LXx_N2OnP7Dz0qYfp0BrwyE.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48635
IP address blocks: 77.94.248.0/21 maxlen: 24
91.198.106.0/24 maxlen: 24
91.238.176.0/23 maxlen: 24
176.117.58.0/23 maxlen: 24
185.28.56.0/22 maxlen: 24
185.232.248.0/22 maxlen: 24
193.23.143.0/24 maxlen: 24
193.164.192.0/23 maxlen: 24
194.247.30.0/23 maxlen: 24
195.20.8.0/22 maxlen: 24
2001:67c:28fc::/48 maxlen: 48
2a00:f60::/32 maxlen: 48
2a00:9b60::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:44:47:cd:62:93:ad:2a:93:a9:ea:35:23:4b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35577c2d7c7f3763a73fb0f3d2a61fa7406bc321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:11:52:7a:c3:60:9f:d8:c7:8f:6c:ce:0d:
df:ca:37:ce:fa:d7:f2:30:0b:ce:6d:5e:43:55:ca:
52:c4:7e:fe:14:23:c7:17:4a:90:58:d6:53:79:a2:
e0:a9:4b:f2:95:9a:48:05:01:5c:00:3e:62:29:9a:
cf:9b:38:59:f8:30:65:bc:2d:08:1d:90:f8:e0:12:
28:71:ba:cb:03:21:dd:39:95:00:e7:a4:5f:0f:40:
d8:3c:45:74:8e:96:82:28:9d:5b:c9:d6:71:d2:67:
89:58:c6:2a:72:8e:09:3b:7c:92:ef:6d:e3:ca:36:
17:c9:73:e1:ee:6e:70:f3:d5:53:a5:7f:74:11:0b:
b3:a6:75:3d:e6:48:7d:77:a2:37:fd:00:22:8c:ca:
94:64:24:43:39:89:76:01:10:db:07:20:60:3e:6c:
03:9a:c6:86:da:53:70:4a:05:4b:53:8e:07:89:bf:
19:3d:22:ff:79:9a:c3:cc:25:b4:37:e7:70:63:a1:
bd:68:23:18:73:80:83:b0:52:90:00:c6:7a:f6:75:
c3:41:ad:f2:97:fd:3a:0b:64:d9:ec:52:bf:27:06:
4e:ca:7c:8f:4c:2d:5f:e0:44:5b:5d:ff:8b:27:4f:
b4:3f:6d:a0:3d:54:4b:00:b6:eb:ec:53:3b:43:17:
61:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:57:7C:2D:7C:7F:37:63:A7:3F:B0:F3:D2:A6:1F:A7:40:6B:C3:21
X509v3 Authority Key Identifier:
keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/NVd8LXx_N2OnP7Dz0qYfp0BrwyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.248.0/21
91.198.106.0/24
91.238.176.0/23
176.117.58.0/23
185.28.56.0/22
185.232.248.0/22
193.23.143.0/24
193.164.192.0/23
194.247.30.0/23
195.20.8.0/22
IPv6:
2001:67c:28fc::/48
2a00:f60::/32
2a00:9b60::/40
Signature Algorithm: sha256WithRSAEncryption
06:4e:01:7c:66:e7:fd:de:00:d3:9b:14:ba:f9:bc:39:8d:97:
b0:8a:fa:72:08:de:60:bd:c1:2b:53:3b:11:10:c4:03:44:ab:
07:68:68:db:b3:43:12:dd:d3:57:33:3d:60:82:99:21:ce:98:
b5:fa:d3:d2:15:bf:c9:00:66:f5:0d:2a:04:93:86:e0:df:e0:
e3:1c:05:50:ee:ce:f2:64:10:1c:95:5a:ba:49:d3:af:d1:98:
f6:48:51:4e:22:4b:63:30:7c:56:7f:67:7d:c2:6a:65:8b:9a:
8a:73:d3:d2:a9:b0:54:11:b7:65:23:3f:81:3d:d2:a5:37:c9:
5f:ac:36:a5:ca:b6:a8:3a:2a:83:62:50:ca:d0:b1:1f:7a:3e:
a5:4b:47:1d:0f:90:8f:4b:96:cd:0b:74:f8:e7:0f:f4:6e:8d:
c0:b0:00:5c:ff:bd:5a:29:aa:7a:04:e7:1d:b7:e0:b3:a1:23:
01:23:b9:58:e6:6f:05:87:19:61:3d:c8:64:4e:ff:d2:8c:31:
3d:0a:ca:7b:3b:da:f4:d2:15:f7:9a:19:ea:33:f0:e6:49:b6:
3e:84:a5:bd:a2:73:c4:fa:6a:2c:64:44:c4:9f:51:47:db:4a:
af:01:0f:f3:a4:01:e4:d3:1a:d4:d3:75:03:ce:72:ce:0d:1a:
79:bf:c3:94
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQijkRHzWKTrSqTqeo1I0sDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4
NGU4YzYwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTU3N2MyZDdjN2YzNzYzYTczZmIwZjNkMmE2MWZhNzQwNmJjMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNsRUnrDYJ/Yx49szg3fyjfO+tfy
MAvObV5DVcpSxH7+FCPHF0qQWNZTeaLgqUvylZpIBQFcAD5iKZrPmzhZ+DBlvC0I
HZD44BIocbrLAyHdOZUA56RfD0DYPEV0jpaCKJ1bydZx0meJWMYqco4JO3yS723j
yjYXyXPh7m5w89VTpX90EQuzpnU95kh9d6I3/QAijMqUZCRDOYl2ARDbByBgPmwD
msaG2lNwSgVLU44Hib8ZPSL/eZrDzCW0N+dwY6G9aCMYc4CDsFKQAMZ69nXDQa3y
l/06C2TZ7FK/JwZOynyPTC1f4ERbXf+LJ0+0P22gPVRLALbr7FM7Qxdh8QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDVXfC18fzdjpz+w89KmH6dAa8MhMB8GA1UdIwQY
MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt
YjBkNzJlOTEwZWZlLzEvTlZkOExYeF9OMk9uUDdEejBxWWZwMEJyd3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl
LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBCBAIAATA8AwQDTV74AwQA
W8ZqAwQBW+6wAwQBsHU6AwQCuRw4AwQCuej4AwQAwRePAwQBwaTAAwQBwvceAwQC
wxQIMB4EAgACMBgDBwAgAQZ8KPwDBQAqAA9gAwYAKgCbYAAwDQYJKoZIhvcNAQEL
BQADggEBAAZOAXxm5/3eANObFLr5vDmNl7CK+nII3mC9wStTOxEQxANEqwdoaNuz
QxLd01czPWCCmSHOmLX609IVv8kAZvUNKgSThuDf4OMcBVDuzvJkEByVWrpJ06/R
mPZIUU4iS2MwfFZ/Z33CamWLmopz09KpsFQRt2UjP4E90qU3yV+sNqXKtqg6KoNi
UMrQsR96PqVLRx0PkI9Lls0LdPjnD/RujcCwAFz/vVopqnoE5x234LOhIwEjuVjm
bwWHGWE9yGRO/9KMMT0Kyns72vTSFfeaGeoz8OZJtj6Epb2ic8T6aixkRMSfUUfb
Sq8BD/OkAeTTGtTTdQPOcs4NGnm/w5Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:04 2025 by rpki-client