Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/nx-FSBdnkj_tLv3NkZ_KhKMbIJg.roa
File: nx-FSBdnkj_tLv3NkZ_KhKMbIJg.roa (raw, json)
Hash identifier: n2K7wsSptTgmNzm23d7F34PklSj8mOJXYinlv+kEbl8=
Subject key identifier: 9F:1F:85:48:17:67:92:3F:ED:2E:FD:CD:91:9F:CA:84:A3:1B:20:98
Certificate issuer: /CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Certificate serial: 0194244487857554816B1EE8D9EAC43104A9
Authority key identifier: 27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/nx-FSBdnkj_tLv3NkZ_KhKMbIJg.roa
Signing time: Wed 01 Jan 2025 23:47:38 +0000
ROA not before: Wed 01 Jan 2025 23:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39238
IP address blocks: 79.143.64.0/22 maxlen: 32
79.143.76.0/22 maxlen: 32
185.38.160.0/22 maxlen: 32
194.36.148.0/22 maxlen: 32
217.29.50.0/23 maxlen: 32
217.29.52.0/22 maxlen: 32
217.29.56.0/21 maxlen: 32
2a0c:f540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:87:85:75:54:81:6b:1e:e8:d9:ea:c4:31:04:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27280cc534516d1c1d9ea024eaafbd01fdc68c97
Validity
Not Before: Jan 1 23:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f1f85481767923fed2efdcd919fca84a31b2098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5a:af:13:1b:f0:7e:1a:77:cb:29:66:d7:06:
db:28:ac:20:b5:ea:39:29:c5:84:2d:e8:13:15:4d:
43:6d:96:dd:87:01:32:5d:bd:b7:a3:3a:ca:99:4f:
db:bf:49:ea:95:f7:d5:de:65:ca:a3:05:72:60:9c:
46:e2:f6:23:e0:48:9e:f8:26:e9:07:85:26:e7:b6:
47:24:1c:00:c0:a6:40:74:bd:75:88:59:51:21:be:
fc:de:f5:a4:00:3d:95:12:ac:02:28:d0:bf:5d:2b:
a3:00:90:7f:7d:75:05:7d:79:3c:4a:e8:47:00:6e:
ee:43:69:42:39:0d:5d:17:4a:42:66:99:ee:5c:cc:
6d:5c:10:cd:ce:ed:3a:4a:64:0e:b8:bb:9b:35:17:
e6:e3:f0:ed:c7:0a:38:d6:39:67:bf:67:c6:4c:4a:
68:7a:01:27:6c:b8:4d:c3:b9:4c:4d:fa:35:c3:f3:
7e:bd:54:f2:86:a2:d6:3a:b6:32:d0:0a:fe:5d:4d:
98:c6:63:e6:2b:62:31:e6:0c:95:ec:34:26:46:8c:
25:34:35:18:b8:5a:fd:58:1b:f6:89:9f:94:f5:6c:
7c:19:d7:f9:83:f0:19:5e:56:0f:87:f5:e7:e8:a1:
99:37:8c:48:5d:e0:b3:72:b2:4d:cc:16:8a:13:6c:
72:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1F:85:48:17:67:92:3F:ED:2E:FD:CD:91:9F:CA:84:A3:1B:20:98
X509v3 Authority Key Identifier:
keyid:27:28:0C:C5:34:51:6D:1C:1D:9E:A0:24:EA:AF:BD:01:FD:C6:8C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JygMxTRRbRwdnqAk6q-9Af3GjJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/nx-FSBdnkj_tLv3NkZ_KhKMbIJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0cc6b5-5477-490a-a295-15b79b02943e/1/JygMxTRRbRwdnqAk6q-9Af3GjJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.64.0/22
79.143.76.0/22
185.38.160.0/22
194.36.148.0/22
217.29.50.0-217.29.63.255
IPv6:
2a0c:f540::/29
Signature Algorithm: sha256WithRSAEncryption
56:2b:be:98:7d:78:d8:d0:1a:48:bb:c4:7e:8c:a3:ac:4c:56:
9b:e6:97:bd:ab:72:21:6b:55:49:e2:86:bd:2c:ed:26:35:a5:
4a:d3:66:57:51:ab:19:05:75:95:4f:45:e5:87:47:d1:2d:c8:
11:ba:04:a4:ad:b1:af:3c:6c:a8:49:0b:06:84:c8:27:72:39:
9f:0f:1f:02:2f:99:a9:56:c4:a1:fc:c1:60:74:c4:ca:6e:9a:
d9:68:2a:e3:f5:a9:48:13:80:6d:2e:f2:ab:89:3d:a6:43:cb:
e3:66:56:28:36:0f:f4:ed:8d:5f:ae:9b:fe:e5:f0:24:f7:5a:
37:c2:d7:44:69:db:0c:a7:76:d0:4b:22:9c:eb:08:31:7e:ee:
35:0e:69:06:bc:1f:8c:db:a2:25:1c:53:7d:9c:81:75:be:a6:
1c:28:27:83:b7:5b:ca:8f:80:8e:eb:86:6d:c6:ae:f0:a5:cc:
4f:33:fc:76:1e:80:77:c2:ad:59:0c:29:8a:6c:35:e4:4c:d3:
ab:fb:fe:73:ba:0a:32:ad:ee:7e:fd:b0:aa:92:c6:3f:58:cd:
30:05:e6:c5:56:61:8c:17:c2:ff:97:12:ff:39:ea:ae:f9:22:
73:38:f3:85:7d:95:6d:2f:bc:fa:4e:f2:93:4a:41:47:0a:3c:
21:f4:90:18
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQkRIeFdVSBax7o2erEMQSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MjgwY2M1MzQ1MTZkMWMxZDllYTAyNGVhYWZiZDAxZmRj
NjhjOTcwHhcNMjUwMTAxMjM0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFmODU0ODE3Njc5MjNmZWQyZWZkY2Q5MTlmY2E4NGEzMWIyMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61qvExvwfhp3yylm1wbbKKwgteo5
KcWELegTFU1DbZbdhwEyXb23ozrKmU/bv0nqlffV3mXKowVyYJxG4vYj4Eie+Cbp
B4Um57ZHJBwAwKZAdL11iFlRIb783vWkAD2VEqwCKNC/XSujAJB/fXUFfXk8SuhH
AG7uQ2lCOQ1dF0pCZpnuXMxtXBDNzu06SmQOuLubNRfm4/Dtxwo41jlnv2fGTEpo
egEnbLhNw7lMTfo1w/N+vVTyhqLWOrYy0Ar+XU2YxmPmK2Ix5gyV7DQmRowlNDUY
uFr9WBv2iZ+U9Wx8Gdf5g/AZXlYPh/Xn6KGZN4xIXeCzcrJNzBaKE2xy9wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJ8fhUgXZ5I/7S79zZGfyoSjGyCYMB8GA1UdIwQY
MBaAFCcoDMU0UW0cHZ6gJOqvvQH9xoyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnlnTXhUUlJiUndkbnFBazZxLTlBZjNHakpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wY2M2YjUtNTQ3Ny00OTBhLWEyOTUt
MTViNzliMDI5NDNlLzEvbngtRlNCZG5ral90THYzTmtaX0toS01iSUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wY2M2YjUtNTQ3Ny00OTBhLWEyOTUtMTViNzliMDI5NDNl
LzEvSnlnTXhUUlJiUndkbnFBazZxLTlBZjNHakpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCT49AAwQC
T49MAwQCuSagAwQCwiSUMAwDBAHZHTIDBAbZHQAwDQQCAAIwBwMFAyoM9UAwDQYJ
KoZIhvcNAQELBQADggEBAFYrvph9eNjQGki7xH6Mo6xMVpvml72rciFrVUnihr0s
7SY1pUrTZldRqxkFdZVPReWHR9EtyBG6BKStsa88bKhJCwaEyCdyOZ8PHwIvmalW
xKH8wWB0xMpumtloKuP1qUgTgG0u8quJPaZDy+NmVig2D/TtjV+um/7l8CT3WjfC
10Rp2wyndtBLIpzrCDF+7jUOaQa8H4zboiUcU32cgXW+phwoJ4O3W8qPgI7rhm3G
rvClzE8z/HYegHfCrVkMKYpsNeRM06v7/nO6CjKt7n79sKqSxj9YzTAF5sVWYYwX
wv+XEv856q75InM484V9lW0vvPpO8pNKQUcKPCH0kBg=
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:46:09 2025 by rpki-client on console.sobornost.net