Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/nuwLQIg-lK2envR_t0a0TNPRBGQ.roa
File: nuwLQIg-lK2envR_t0a0TNPRBGQ.roa (raw, json)
Hash identifier: 6zkhxyKXAGxELCe57hpSnoaGWnhmysqwWNpKa980lyo=
Subject key identifier: 9E:EC:0B:40:88:3E:94:AD:9E:9E:F4:7F:B7:46:B4:4C:D3:D1:04:64
Certificate issuer: /CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644
Certificate serial: 01942369BC6D6154AFA509BEC02C0FBCA678
Authority key identifier: D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/nuwLQIg-lK2envR_t0a0TNPRBGQ.roa
Signing time: Wed 01 Jan 2025 19:48:39 +0000
ROA not before: Wed 01 Jan 2025 19:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50779
IP address blocks: 185.106.12.0/22 maxlen: 24
2001:67c:2698::/48 maxlen: 48
2a0c:db80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:bc:6d:61:54:af:a5:09:be:c0:2c:0f:bc:a6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644
Validity
Not Before: Jan 1 19:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eec0b40883e94ad9e9ef47fb746b44cd3d10464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:24:aa:3b:d0:ab:0d:8e:3b:84:1c:4f:02:8d:
f1:64:77:55:2c:a3:61:d5:c9:3b:ae:b7:74:4c:ff:
b8:cf:df:25:89:ec:0f:b2:0e:5a:5c:bb:17:e0:8a:
be:10:6d:96:99:a0:78:10:74:fe:67:e8:63:a4:3c:
90:0c:52:7c:41:6d:57:0f:62:74:a0:1d:10:15:80:
da:dc:ba:54:37:0f:a0:05:70:d0:03:39:7f:35:5d:
29:08:fc:6a:c3:e3:2b:95:ce:6f:57:4b:30:2c:94:
46:54:81:98:a4:72:60:63:48:4c:40:ba:f5:7d:1f:
08:15:ad:e0:cf:30:18:fc:72:81:b1:5c:c0:dc:06:
a6:0d:66:9b:1e:67:91:ab:fa:01:fb:64:05:c6:4e:
20:e1:e1:72:65:da:ff:82:f8:ab:fe:4a:fb:c9:7d:
53:4f:91:bd:51:d3:65:30:f9:1e:a1:ad:51:45:d3:
65:b0:3f:93:9a:e0:6f:39:8c:d8:33:b6:81:cb:2a:
33:e3:44:74:ad:69:c2:98:b5:ad:28:da:22:e0:51:
3b:84:52:36:72:34:ed:12:9c:32:7c:dd:1f:6c:d3:
4c:28:18:55:3f:1d:d2:a2:26:de:c8:87:db:31:00:
27:79:1a:91:b7:cd:30:81:96:a7:7a:0f:78:a1:73:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EC:0B:40:88:3E:94:AD:9E:9E:F4:7F:B7:46:B4:4C:D3:D1:04:64
X509v3 Authority Key Identifier:
keyid:D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/nuwLQIg-lK2envR_t0a0TNPRBGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.12.0/22
IPv6:
2001:67c:2698::/48
2a0c:db80::/29
Signature Algorithm: sha256WithRSAEncryption
87:1c:a8:39:37:20:99:d5:6f:10:7d:fb:b7:d8:bd:09:96:d7:
f9:2e:f9:9e:7b:15:07:a5:15:a1:e3:24:c0:47:d2:36:40:ba:
7b:69:d7:16:4d:2e:4d:e7:24:3c:42:9f:ca:b8:6c:53:84:45:
1b:59:47:c0:34:fc:95:18:cd:14:c0:88:e4:68:59:78:04:f5:
84:b2:e5:b3:53:28:2a:34:ea:3b:29:51:3b:1c:2c:6c:0f:c9:
f8:3c:08:26:57:79:cd:f2:d6:62:4a:6a:cf:94:ce:61:1c:31:
5a:81:96:3d:6b:f3:2f:cd:be:bd:26:61:ab:0b:02:3f:6f:01:
1f:ab:d4:ee:ce:fb:41:a7:99:b2:55:3d:ee:1a:d9:af:49:41:
bf:d9:0a:fa:5a:34:70:45:0e:c9:3d:a0:d9:0a:88:be:1e:e9:
5f:b0:da:9c:80:87:25:0a:b1:8b:8a:70:40:14:f5:17:c8:9f:
29:c5:cc:91:6c:33:e9:13:8d:ca:be:bd:a2:2a:80:8a:0c:27:
38:74:9d:fa:94:f1:22:e7:df:d5:4f:c7:28:d2:59:32:5a:d8:
d0:8e:14:5f:8e:fc:46:62:08:78:66:4a:cf:d2:ac:f4:5f:de:
5a:2a:fd:94:22:d2:6b:b8:4e:de:d5:1d:ac:d4:bc:e5:29:f3:
6e:b0:f2:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjabxtYVSvpQm+wCwPvKZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjBmNGJhYzVmOWE1MDIyZmMyZGNiYzRhM2RiNGNjNmIx
MTY2NDQwHhcNMjUwMTAxMTk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVjMGI0MDg4M2U5NGFkOWU5ZWY0N2ZiNzQ2YjQ0Y2QzZDEwNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ySqO9CrDY47hBxPAo3xZHdVLKNh
1ck7rrd0TP+4z98liewPsg5aXLsX4Iq+EG2WmaB4EHT+Z+hjpDyQDFJ8QW1XD2J0
oB0QFYDa3LpUNw+gBXDQAzl/NV0pCPxqw+Mrlc5vV0swLJRGVIGYpHJgY0hMQLr1
fR8IFa3gzzAY/HKBsVzA3AamDWabHmeRq/oB+2QFxk4g4eFyZdr/gvir/kr7yX1T
T5G9UdNlMPkeoa1RRdNlsD+TmuBvOYzYM7aByyoz40R0rWnCmLWtKNoi4FE7hFI2
cjTtEpwyfN0fbNNMKBhVPx3SoibeyIfbMQAneRqRt80wgZaneg94oXOYgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ7sC0CIPpStnp70f7dGtEzT0QRkMB8GA1UdIwQY
MBaAFNXw9LrF+aUCL8LcvEo9tMxrEWZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAt
OTkyNTQxZmRlYmVhLzEvbnV3TFFJZy1sSzJlbnZSX3QwYTBUTlBSQkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAtOTkyNTQxZmRlYmVh
LzEvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWoMMBYE
AgACMBADBwAgAQZ8JpgDBQMqDNuAMA0GCSqGSIb3DQEBCwUAA4IBAQCHHKg5NyCZ
1W8Qffu32L0Jltf5LvmeexUHpRWh4yTAR9I2QLp7adcWTS5N5yQ8Qp/KuGxThEUb
WUfANPyVGM0UwIjkaFl4BPWEsuWzUygqNOo7KVE7HCxsD8n4PAgmV3nN8tZiSmrP
lM5hHDFagZY9a/Mvzb69JmGrCwI/bwEfq9TuzvtBp5myVT3uGtmvSUG/2Qr6WjRw
RQ7JPaDZCoi+HulfsNqcgIclCrGLinBAFPUXyJ8pxcyRbDPpE43Kvr2iKoCKDCc4
dJ36lPEi59/VT8co0lkyWtjQjhRfjvxGYgh4ZkrP0qz0X95aKv2UItJruE7e1R2s
1LzlKfNusPJJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net