Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/NyHVrksLe2Hn3Rm4aOA5bG9KCzI.roa
File: NyHVrksLe2Hn3Rm4aOA5bG9KCzI.roa (raw, json)
Hash identifier: x4841E7DdCjPkedIOZGSUNqct72TSqSukJDikmWgkNQ=
Subject key identifier: 37:21:D5:AE:4B:0B:7B:61:E7:DD:19:B8:68:E0:39:6C:6F:4A:0B:32
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 0186C471BAB3E67853D1F2E8D64BC099E41A
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/NyHVrksLe2Hn3Rm4aOA5bG9KCzI.roa
Signing time: Thu 09 Mar 2023 03:37:13 +0000
ROA not before: Thu 09 Mar 2023 03:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399976
IP address blocks: 185.127.166.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:71:ba:b3:e6:78:53:d1:f2:e8:d6:4b:c0:99:e4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Mar 9 03:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3721d5ae4b0b7b61e7dd19b868e0396c6f4a0b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:0a:66:87:2d:45:80:79:4c:48:b6:8f:85:
a3:c9:75:4c:c5:59:84:80:21:05:ca:f8:8d:d8:12:
d7:b1:74:ed:c9:36:9e:20:83:c7:7f:98:6a:ea:6e:
99:b7:34:b3:54:d3:e3:80:ed:d7:24:24:f9:de:30:
49:70:15:cf:dd:1f:11:84:cd:17:5b:f6:70:60:de:
a1:39:cc:cf:f0:83:89:dc:b3:20:dc:d1:e6:ed:4f:
a6:fc:60:e8:2e:94:f2:7a:32:19:c2:2c:04:65:ff:
07:47:53:b0:9b:09:e5:b2:e0:1e:75:a5:d3:75:44:
fb:0e:8b:3c:47:da:83:71:9c:04:fa:0f:db:3e:c9:
9d:6a:1e:c4:c4:ba:1a:4f:74:34:34:45:39:45:85:
1f:2c:07:5c:2b:74:68:ed:92:f9:f6:8a:f0:12:e2:
66:52:8a:00:9f:43:5a:e7:0f:63:86:9a:f1:07:d5:
cd:64:1a:40:15:18:fd:21:0e:a1:00:2b:ec:5d:b2:
a7:af:65:8d:ad:a7:ed:74:85:a4:82:dc:c2:bd:85:
07:ed:f0:b2:23:e0:92:29:ec:b9:3d:fd:04:36:b1:
ab:33:14:5d:1d:b4:3b:0e:ec:84:af:96:ee:94:e7:
b4:31:10:1d:5d:fd:35:39:9d:92:94:14:12:1a:1d:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:21:D5:AE:4B:0B:7B:61:E7:DD:19:B8:68:E0:39:6C:6F:4A:0B:32
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/NyHVrksLe2Hn3Rm4aOA5bG9KCzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.166.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:57:d4:87:26:37:98:53:1c:94:96:46:99:e4:54:0b:96:3b:
b5:31:40:35:bd:24:ff:af:72:f5:06:70:75:40:16:82:a0:4b:
75:e2:50:8b:f4:be:00:22:33:16:3b:0c:f4:58:4d:cb:07:fc:
34:33:92:b9:9c:9c:83:7b:84:04:04:8a:e7:6f:e2:b1:08:7b:
2d:14:68:44:46:b4:be:b1:78:70:5f:f7:7d:cf:89:3e:f9:5c:
3b:bc:4b:fc:42:62:ff:25:92:51:6d:9b:6a:8e:3e:40:2b:da:
91:2b:aa:c0:b2:c2:ed:82:65:c5:54:89:56:64:4d:9c:dd:d6:
28:1d:78:be:b4:ea:64:fd:fa:da:10:34:40:a0:7d:7a:1a:55:
32:ed:80:3f:48:dc:8f:d5:28:9e:5a:e6:2c:ec:95:73:5f:fa:
26:d6:d8:01:f9:09:da:36:06:b6:50:ee:67:7a:7e:c3:14:c8:
3b:89:3b:8d:f3:be:0a:86:52:96:30:fd:58:5e:a4:64:6a:fb:
90:62:3a:72:8f:7e:c6:03:d4:0c:1f:b7:cd:b1:fc:25:1f:46:
6b:1e:8b:39:ec:5b:00:e5:3f:96:2b:aa:fc:e9:83:94:a0:8a:
3a:5c:ac:13:8d:3b:5c:b0:ac:db:c9:be:8c:c3:f7:22:a4:7d:
a2:91:c2:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbEcbqz5nhT0fLo1kvAmeQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwMzA5MDMzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIxZDVhZTRiMGI3YjYxZTdkZDE5Yjg2OGUwMzk2YzZmNGEwYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CYKZoctRYB5TEi2j4WjyXVMxVmE
gCEFyviN2BLXsXTtyTaeIIPHf5hq6m6ZtzSzVNPjgO3XJCT53jBJcBXP3R8RhM0X
W/ZwYN6hOczP8IOJ3LMg3NHm7U+m/GDoLpTyejIZwiwEZf8HR1OwmwnlsuAedaXT
dUT7Dos8R9qDcZwE+g/bPsmdah7ExLoaT3Q0NEU5RYUfLAdcK3Ro7ZL59orwEuJm
UooAn0Na5w9jhprxB9XNZBpAFRj9IQ6hACvsXbKnr2WNraftdIWkgtzCvYUH7fCy
I+CSKey5Pf0ENrGrMxRdHbQ7DuyEr5bulOe0MRAdXf01OZ2SlBQSGh3fTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDch1a5LC3th590ZuGjgOWxvSgsyMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvTnlIVnJrc0xlMkhuM1JtNGFPQTViRzlLQ3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX+mMA0G
CSqGSIb3DQEBCwUAA4IBAQA8V9SHJjeYUxyUlkaZ5FQLlju1MUA1vST/r3L1BnB1
QBaCoEt14lCL9L4AIjMWOwz0WE3LB/w0M5K5nJyDe4QEBIrnb+KxCHstFGhERrS+
sXhwX/d9z4k++Vw7vEv8QmL/JZJRbZtqjj5AK9qRK6rAssLtgmXFVIlWZE2c3dYo
HXi+tOpk/fraEDRAoH16GlUy7YA/SNyP1SieWuYs7JVzX/om1tgB+QnaNga2UO5n
en7DFMg7iTuN874KhlKWMP1YXqRkavuQYjpyj37GA9QMH7fNsfwlH0ZrHos57FsA
5T+WK6r86YOUoIo6XKwTjTtcsKzbyb6Mw/cipH2ikcKz
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:10:47 2025 by rpki-client