Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/NuMMBH0myPNP7aVEVLyXgB5OryA.roa
File: NuMMBH0myPNP7aVEVLyXgB5OryA.roa (raw, json)
Hash identifier: xNZo+ozAvbBPhGH0iyuaSXCD/7Lm6uLBbTXBweJZYB4=
Subject key identifier: 36:E3:0C:04:7D:26:C8:F3:4F:ED:A5:44:54:BC:97:80:1E:4E:AF:20
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 018D662C02406825E16BAD443D81A78534F9
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/NuMMBH0myPNP7aVEVLyXgB5OryA.roa
Signing time: Thu 01 Feb 2024 19:36:16 +0000
ROA not before: Thu 01 Feb 2024 19:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.204.181.0/24 maxlen: 24
86.104.199.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.35.14.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.117.131.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
94.176.72.0/23 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:2c:02:40:68:25:e1:6b:ad:44:3d:81:a7:85:34:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Feb 1 19:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36e30c047d26c8f34feda54454bc97801e4eaf20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e5:b0:a1:43:61:15:f9:d2:ab:ba:9e:92:19:
c9:65:da:f5:af:38:72:22:9b:45:05:97:be:73:19:
62:eb:38:f5:de:f8:14:1f:4c:f7:40:b4:7c:39:40:
90:61:76:c9:d6:49:e7:3a:14:71:d8:af:b2:44:e2:
30:55:84:60:31:5c:99:c7:8b:f5:a4:4e:44:41:31:
45:07:af:32:20:db:d2:0e:52:d3:3c:f3:00:68:c7:
bc:34:5f:f2:b8:7a:58:ae:70:90:f3:50:6a:69:7c:
27:a2:68:ac:66:65:37:6b:dc:13:44:90:43:ac:1a:
30:07:d0:5e:12:ab:3d:8a:ec:36:7e:26:c1:f5:07:
ae:b1:16:ef:16:45:84:05:e4:22:e4:d1:40:a1:58:
b5:ea:fc:65:2c:82:14:10:b6:ed:50:34:6f:3b:44:
ad:bc:25:59:9e:76:9e:b1:5b:c9:17:4d:31:ae:6e:
28:10:49:76:fd:2f:6d:f4:48:bb:8b:ce:86:50:db:
94:27:d7:0a:d6:a0:74:a8:23:fe:00:11:2b:6b:3c:
23:99:67:63:ab:a7:81:eb:3c:56:68:e1:93:56:c2:
c9:c8:0b:86:f8:09:8b:c0:93:7a:40:b6:2b:b3:21:
ca:28:6c:90:f6:58:e9:95:58:29:c3:c1:9d:8e:48:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E3:0C:04:7D:26:C8:F3:4F:ED:A5:44:54:BC:97:80:1E:4E:AF:20
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/NuMMBH0myPNP7aVEVLyXgB5OryA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.104.199.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.35.14.0/24
89.39.97.0/24
93.113.70.0/24
93.117.131.0/24
93.119.144.0/24
93.119.201.0/24
93.119.232.0/24
94.176.72.0-94.176.74.255
94.176.79.0/24
188.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
87:b5:0a:a8:bd:52:84:b8:39:ac:13:da:4e:d0:dd:47:4c:be:
b5:dd:0b:a4:a5:f8:76:32:b1:34:fe:6d:0c:b5:2d:55:53:3d:
51:3f:fa:f3:4f:16:98:e5:07:ff:f1:1e:de:f6:c9:a5:6b:0a:
44:07:fb:33:ae:ab:e4:63:27:9d:4c:74:f7:71:d6:9d:ed:fe:
42:17:65:21:e0:f0:df:85:47:19:fa:d1:31:dd:9e:00:6d:ab:
61:5f:72:5e:9b:f2:85:35:cd:fa:cc:0e:7a:da:c6:46:e5:56:
29:53:e7:ca:9d:64:b1:0e:29:b0:2a:07:5a:f0:31:a8:e4:a1:
6b:ea:e2:d9:5f:be:18:f2:84:55:c9:a4:32:66:2d:c8:b5:c4:
94:80:87:30:9c:61:53:30:88:77:b6:27:1d:93:c6:d3:6a:81:
c3:28:44:bb:88:58:dd:07:05:de:5f:a5:68:1b:94:19:78:0c:
8e:b6:7a:a7:b0:c2:e3:cc:97:35:86:76:03:db:d7:df:68:42:
60:b5:54:b9:a2:64:77:5b:af:e3:89:4f:b2:07:de:20:43:38:
4f:51:4e:83:83:31:bc:83:6e:a5:b7:a9:79:23:61:67:01:82:
53:80:c9:1c:4a:be:c3:a7:b6:56:5f:3f:f2:0e:94:56:0b:59:
e8:5f:a6:e0
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY1mLAJAaCXha61EPYGnhTT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQwMjAxMTkzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUzMGMwNDdkMjZjOGYzNGZlZGE1NDQ1NGJjOTc4MDFlNGVhZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOWwoUNhFfnSq7qekhnJZdr1rzhy
IptFBZe+cxli6zj13vgUH0z3QLR8OUCQYXbJ1knnOhRx2K+yROIwVYRgMVyZx4v1
pE5EQTFFB68yINvSDlLTPPMAaMe8NF/yuHpYrnCQ81BqaXwnomisZmU3a9wTRJBD
rBowB9BeEqs9iuw2fibB9QeusRbvFkWEBeQi5NFAoVi16vxlLIIUELbtUDRvO0St
vCVZnnaesVvJF00xrm4oEEl2/S9t9Ei7i86GUNuUJ9cK1qB0qCP+ABErazwjmWdj
q6eB6zxWaOGTVsLJyAuG+AmLwJN6QLYrsyHKKGyQ9ljplVgpw8GdjkjSIwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFDbjDAR9JsjzT+2lRFS8l4AeTq8gMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvTnVNTUJIMG15UE5QN2FWRVZMeVhnQjVPcnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAVcy1AwQA
VmjHAwQAVmk6AwQAVmnTAwQAVmukAwQAWSMOAwQAWSdhAwQAXXFGAwQAXXWDAwQA
XXeQAwQAXXfJAwQAXXfoMAwDBANesEgDBABesEoDBABesE8DBAC80d8wDQYJKoZI
hvcNAQELBQADggEBAIe1Cqi9UoS4OawT2k7Q3UdMvrXdC6Sl+HYysTT+bQy1LVVT
PVE/+vNPFpjlB//xHt72yaVrCkQH+zOuq+RjJ51MdPdx1p3t/kIXZSHg8N+FRxn6
0THdngBtq2Ffcl6b8oU1zfrMDnraxkblVilT58qdZLEOKbAqB1rwMajkoWvq4tlf
vhjyhFXJpDJmLci1xJSAhzCcYVMwiHe2Jx2TxtNqgcMoRLuIWN0HBd5fpWgblBl4
DI62eqewwuPMlzWGdgPb199oQmC1VLmiZHdbr+OJT7IH3iBDOE9RToODMbyDbqW3
qXkjYWcBglOAyRxKvsOntlZfP/IOlFYLWehfpuA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:51 2025 by rpki-client