Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/NyrZFNY0uejKVVI5JPC7FPtdUjc.roa
File: NyrZFNY0uejKVVI5JPC7FPtdUjc.roa (raw, json)
Hash identifier: F1z0p2TvKAcesacsMKTiWmQh7lfOeilS7Yll9HRgTgE=
Subject key identifier: 37:2A:D9:14:D6:34:B9:E8:CA:55:52:39:24:F0:BB:14:FB:5D:52:37
Certificate issuer: /CN=d0de618822b8af6f9ecaffcd7d5459b7cc11449a
Certificate serial: 0194221FECE600E925F1456335381473D597
Authority key identifier: D0:DE:61:88:22:B8:AF:6F:9E:CA:FF:CD:7D:54:59:B7:CC:11:44:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0N5hiCK4r2-eyv_NfVRZt8wRRJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/NyrZFNY0uejKVVI5JPC7FPtdUjc.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 185.156.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ec:e6:00:e9:25:f1:45:63:35:38:14:73:d5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0de618822b8af6f9ecaffcd7d5459b7cc11449a
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=372ad914d634b9e8ca55523924f0bb14fb5d5237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:8e:85:0c:bf:c9:e4:19:44:ff:24:a8:5a:
19:89:33:7b:40:e8:94:65:3a:0b:58:0c:09:26:35:
a2:be:66:e2:62:53:fa:f8:63:32:25:78:73:c0:9a:
68:50:4a:4b:6b:9f:f3:0e:20:7f:0c:aa:9d:36:60:
dd:67:4d:42:da:ac:e5:d8:8c:5b:1a:2f:b0:20:97:
c1:13:88:9b:af:07:43:ff:c0:ce:1d:a0:31:99:b6:
f4:e8:66:7b:04:fc:43:b8:eb:b5:ba:a4:e6:48:d5:
8d:db:1b:08:da:94:51:c8:5e:c6:22:4e:ad:3d:1f:
d5:ea:69:0a:90:58:b5:82:15:90:06:60:6c:38:32:
48:d2:f8:aa:07:47:12:52:7f:de:0c:f6:5a:1d:c1:
49:ab:ea:dc:10:8c:43:c7:41:b8:fc:67:81:92:5d:
a2:cb:6b:b3:39:16:99:69:11:50:6b:35:49:20:e6:
74:6c:6e:28:e9:0a:4c:9a:e3:18:b2:71:1d:2d:f2:
1b:e7:96:02:05:df:8c:86:64:c9:ac:40:88:86:bf:
3b:23:cb:b7:9b:b4:2d:45:e6:4c:a9:22:f7:0b:a2:
41:3c:52:c2:e1:7c:fb:1d:4d:b7:11:37:ff:85:e0:
93:8a:8b:5c:1f:15:4f:7a:fa:04:08:3d:80:c5:cd:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2A:D9:14:D6:34:B9:E8:CA:55:52:39:24:F0:BB:14:FB:5D:52:37
X509v3 Authority Key Identifier:
keyid:D0:DE:61:88:22:B8:AF:6F:9E:CA:FF:CD:7D:54:59:B7:CC:11:44:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0N5hiCK4r2-eyv_NfVRZt8wRRJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/NyrZFNY0uejKVVI5JPC7FPtdUjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5acd78-d670-4192-b564-040e0644fbe8/1/0N5hiCK4r2-eyv_NfVRZt8wRRJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.4.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e1:f1:fd:a1:20:8b:bf:5b:57:3e:e4:5b:ff:30:b8:7b:22:
92:0e:a7:4f:e0:18:26:50:1d:4a:78:7a:fc:e9:c3:2b:7a:0a:
c8:8c:1e:f7:f2:45:26:25:0f:a4:31:a5:27:84:7a:bf:2f:2a:
bd:65:25:da:e1:6c:60:34:24:6a:6f:aa:22:1e:8b:fb:79:29:
24:e1:16:62:a9:62:dd:9b:61:75:79:99:d9:ff:7c:3b:11:44:
d9:39:99:ee:f3:40:4d:8d:f8:bc:32:02:b0:43:3f:2f:2c:a2:
c6:eb:0c:d8:f2:b6:33:5e:cb:eb:a2:6c:60:3f:26:97:36:76:
d6:d1:b8:c8:f7:41:75:46:02:4f:f7:7c:5d:82:38:0e:3b:81:
57:99:13:2e:20:16:8d:80:01:00:46:23:31:a9:2c:f1:b6:13:
4a:7d:34:50:15:12:a5:be:5b:af:f4:bb:56:24:6a:0c:9b:d5:
e7:8c:ff:5b:40:f2:df:4c:72:59:32:f9:40:de:19:9c:65:c4:
0a:69:f9:e4:e5:75:4f:eb:e2:b5:94:51:6b:58:85:67:5b:20:
de:80:f8:8c:46:c4:f0:08:32:ba:4c:26:05:b9:a0:fd:00:dd:
47:59:3d:61:b4:f9:5c:2e:f1:a5:22:3e:a4:34:dd:3d:07:d1:
ee:36:5f:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+zmAOkl8UVjNTgUc9WXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGU2MTg4MjJiOGFmNmY5ZWNhZmZjZDdkNTQ1OWI3Y2Mx
MTQ0OWEwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzJhZDkxNGQ2MzRiOWU4Y2E1NTUyMzkyNGYwYmIxNGZiNWQ1MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfOOhQy/yeQZRP8kqFoZiTN7QOiU
ZToLWAwJJjWivmbiYlP6+GMyJXhzwJpoUEpLa5/zDiB/DKqdNmDdZ01C2qzl2Ixb
Gi+wIJfBE4ibrwdD/8DOHaAxmbb06GZ7BPxDuOu1uqTmSNWN2xsI2pRRyF7GIk6t
PR/V6mkKkFi1ghWQBmBsODJI0viqB0cSUn/eDPZaHcFJq+rcEIxDx0G4/GeBkl2i
y2uzORaZaRFQazVJIOZ0bG4o6QpMmuMYsnEdLfIb55YCBd+MhmTJrECIhr87I8u3
m7QtReZMqSL3C6JBPFLC4Xz7HU23ETf/heCTiotcHxVPevoECD2Axc2dAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcq2RTWNLnoylVSOSTwuxT7XVI3MB8GA1UdIwQY
MBaAFNDeYYgiuK9vnsr/zX1UWbfMEUSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME41aGlDSzRyMi1leXZfTmZWUlp0OHdSUkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81YWNkNzgtZDY3MC00MTkyLWI1NjQt
MDQwZTA2NDRmYmU4LzEvTnlyWkZOWTB1ZWpLVlZJNUpQQzdGUHRkVWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81YWNkNzgtZDY3MC00MTkyLWI1NjQtMDQwZTA2NDRmYmU4
LzEvME41aGlDSzRyMi1leXZfTmZWUlp0OHdSUkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZwEMA0G
CSqGSIb3DQEBCwUAA4IBAQCT4fH9oSCLv1tXPuRb/zC4eyKSDqdP4BgmUB1KeHr8
6cMregrIjB738kUmJQ+kMaUnhHq/Lyq9ZSXa4WxgNCRqb6oiHov7eSkk4RZiqWLd
m2F1eZnZ/3w7EUTZOZnu80BNjfi8MgKwQz8vLKLG6wzY8rYzXsvromxgPyaXNnbW
0bjI90F1RgJP93xdgjgOO4FXmRMuIBaNgAEARiMxqSzxthNKfTRQFRKlvluv9LtW
JGoMm9XnjP9bQPLfTHJZMvlA3hmcZcQKafnk5XVP6+K1lFFrWIVnWyDegPiMRsTw
CDK6TCYFuaD9AN1HWT1htPlcLvGlIj6kNN09B9HuNl+l
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:10:06 2025 by rpki-client