Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/NiSzMrytAc8pG6y4GNS4PpP6AE4.roa
File: NiSzMrytAc8pG6y4GNS4PpP6AE4.roa (raw, json)
Hash identifier: Jxr1qs0XLoDp4T/w35e5nCWKStruDvPhZVvhz33L3dk=
Subject key identifier: 36:24:B3:32:BC:AD:01:CF:29:1B:AC:B8:18:D4:B8:3E:93:FA:00:4E
Certificate issuer: /CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Certificate serial: 01859069F68E09AC18DD010F021333B9F0A8
Authority key identifier: C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/NiSzMrytAc8pG6y4GNS4PpP6AE4.roa
Signing time: Sun 08 Jan 2023 08:05:41 +0000
ROA not before: Sun 08 Jan 2023 08:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39758
IP address blocks: 93.113.25.0/24 maxlen: 24
77.81.138.0/24 maxlen: 24
77.81.137.0/24 maxlen: 24
89.36.21.0/24 maxlen: 24
89.42.110.0/23 maxlen: 23
193.203.204.0/23 maxlen: 23
93.113.212.0/24 maxlen: 24
46.102.232.0/23 maxlen: 23
93.115.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:90:69:f6:8e:09:ac:18:dd:01:0f:02:13:33:b9:f0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Validity
Not Before: Jan 8 08:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3624b332bcad01cf291bacb818d4b83e93fa004e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ca:5a:f5:c2:27:3e:fd:2c:77:5c:e9:e1:d6:
c6:88:84:4c:41:f3:13:a0:54:97:75:f4:92:73:ed:
ae:65:02:82:34:32:7e:fb:a7:0f:14:d2:48:d7:fa:
ed:50:54:6d:e6:81:ff:3b:76:fb:7a:a9:38:5f:49:
1a:c0:2f:7d:68:d2:60:d0:02:06:cd:1c:03:b6:90:
13:32:52:22:fb:63:4d:5c:a4:3d:f9:17:5f:5d:5d:
62:9c:05:80:db:da:a3:03:07:29:ee:0e:2d:5d:bd:
9b:74:9d:3f:f9:82:9b:44:c1:e1:5b:65:af:b0:34:
7b:85:73:13:d7:67:bb:6b:b3:b7:45:49:7e:93:7c:
89:a6:cc:f8:0b:05:8a:a6:a1:0d:62:c3:a9:34:1a:
2d:3d:e3:a0:3d:ff:c4:16:2d:af:23:1a:cb:e9:09:
7b:1c:71:3c:ec:a4:29:f6:ac:1e:fd:2b:6b:66:aa:
57:22:d3:15:c5:8c:aa:d6:9c:c4:f6:b2:fa:42:39:
dc:f5:1c:22:d0:1f:6d:30:ba:f6:fd:83:b3:0c:57:
99:35:a9:cd:e2:d7:5a:2d:a7:49:71:2a:22:ec:b6:
b6:20:b9:b9:1d:a7:83:bf:79:1b:b9:48:0d:52:9d:
43:0d:e3:6b:e5:34:51:10:b4:12:33:2b:78:5a:b4:
57:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:24:B3:32:BC:AD:01:CF:29:1B:AC:B8:18:D4:B8:3E:93:FA:00:4E
X509v3 Authority Key Identifier:
keyid:C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/NiSzMrytAc8pG6y4GNS4PpP6AE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/xRhkSsRh3dLPS8WtXCtCYlNcOMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.232.0/23
77.81.137.0-77.81.138.255
89.36.21.0/24
89.42.110.0/23
93.113.25.0/24
93.113.212.0/24
93.115.248.0/22
193.203.204.0/23
Signature Algorithm: sha256WithRSAEncryption
93:57:1c:50:91:07:65:88:f5:d3:a7:d7:ed:b6:2a:ec:a5:a2:
23:f2:18:82:33:6f:19:ec:51:a8:45:83:fb:99:16:16:b6:1a:
85:71:51:66:51:d2:86:fe:d3:46:e7:65:f2:77:1d:41:6c:89:
87:a1:10:9f:e3:32:4d:9f:e9:21:b7:ac:57:0f:3f:da:0f:67:
32:5e:1f:f3:80:e3:fb:01:11:9e:fc:f9:45:65:11:91:81:8b:
8e:b3:d2:a4:6c:7c:04:39:75:0a:b6:56:0b:27:5a:1e:94:58:
7e:ab:f0:a7:bd:77:3c:b8:d7:d2:13:a3:21:51:90:5d:38:34:
21:87:13:88:5c:4e:b0:f7:c5:1e:84:3a:82:31:06:a2:de:29:
eb:2e:4e:ef:6f:fb:1c:91:a2:10:88:2a:b2:ff:a3:7d:be:1c:
aa:1e:c7:e1:8c:09:c2:d3:67:dd:89:f4:9e:cb:b4:3d:c1:86:
58:01:d6:19:f5:26:a3:46:1f:46:41:b5:26:b0:39:bc:6c:39:
eb:9b:b3:96:f6:e2:d0:b7:75:af:10:3f:35:95:95:55:13:30:
9f:b6:6c:4a:45:9a:11:1e:b3:e6:20:15:aa:db:cc:88:14:81:
20:dc:ab:49:01:8f:5a:99:dd:b6:f9:52:da:37:e1:02:ad:7f:
7d:fc:b3:f4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWQafaOCawY3QEPAhMzufCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTg2NDRhYzQ2MWRkZDJjZjRiYzVhZDVjMmI0MjYyNTM1
YzM4YzgwHhcNMjMwMTA4MDgwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI0YjMzMmJjYWQwMWNmMjkxYmFjYjgxOGQ0YjgzZTkzZmEwMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMpa9cInPv0sd1zp4dbGiIRMQfMT
oFSXdfSSc+2uZQKCNDJ++6cPFNJI1/rtUFRt5oH/O3b7eqk4X0kawC99aNJg0AIG
zRwDtpATMlIi+2NNXKQ9+RdfXV1inAWA29qjAwcp7g4tXb2bdJ0/+YKbRMHhW2Wv
sDR7hXMT12e7a7O3RUl+k3yJpsz4CwWKpqENYsOpNBotPeOgPf/EFi2vIxrL6Ql7
HHE87KQp9qwe/StrZqpXItMVxYyq1pzE9rL6Qjnc9Rwi0B9tMLr2/YOzDFeZNanN
4tdaLadJcSoi7La2ILm5HaeDv3kbuUgNUp1DDeNr5TRRELQSMyt4WrRXGQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDYkszK8rQHPKRusuBjUuD6T+gBOMB8GA1UdIwQY
MBaAFMUYZErEYd3Sz0vFrVwrQmJTXDjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAt
Y2ViZGVkMzZmODc4LzEvTmlTek1yeXRBYzhwRzZ5NEdOUzRQcFA2QUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAtY2ViZGVkMzZmODc4
LzEveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBLmboMAwD
BABNUYkDBABNUYoDBABZJBUDBAFZKm4DBABdcRkDBABdcdQDBAJdc/gDBAHBy8ww
DQYJKoZIhvcNAQELBQADggEBAJNXHFCRB2WI9dOn1+22KuyloiPyGIIzbxnsUahF
g/uZFha2GoVxUWZR0ob+00bnZfJ3HUFsiYehEJ/jMk2f6SG3rFcPP9oPZzJeH/OA
4/sBEZ78+UVlEZGBi46z0qRsfAQ5dQq2VgsnWh6UWH6r8Ke9dzy419IToyFRkF04
NCGHE4hcTrD3xR6EOoIxBqLeKesuTu9v+xyRohCIKrL/o32+HKoex+GMCcLTZ92J
9J7LtD3BhlgB1hn1JqNGH0ZBtSawObxsOeubs5b24tC3da8QPzWVlVUTMJ+2bEpF
mhEes+YgFarbzIgUgSDcq0kBj1qZ3bb5Uto34QKtf338s/Q=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:53:50 2025 by rpki-client