Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NwjcWEZLdkxc8fh8muNo7zZLJR8.roa
File: NwjcWEZLdkxc8fh8muNo7zZLJR8.roa (raw, json)
Hash identifier: YxjtYPJAuHw6m2ZUO+zZDBSHKISwhWfz40YdB35RmZs=
Subject key identifier: 37:08:DC:58:46:4B:76:4C:5C:F1:F8:7C:9A:E3:68:EF:36:4B:25:1F
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01953899DEABD62F6FA6A9C8FD3173A1A953
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NwjcWEZLdkxc8fh8muNo7zZLJR8.roa
Signing time: Mon 24 Feb 2025 15:36:02 +0000
ROA not before: Mon 24 Feb 2025 15:36:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
193.24.208.0/23 maxlen: 23
193.24.210.0/23 maxlen: 23
194.24.160.0/24 maxlen: 24
2a00:1910::/32 maxlen: 32
2a00:1911::/32 maxlen: 32
2a00:1912::/32 maxlen: 32
2a00:1913::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
2a12:5e41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:99:de:ab:d6:2f:6f:a6:a9:c8:fd:31:73:a1:a9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Feb 24 15:36:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3708dc58464b764c5cf1f87c9ae368ef364b251f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:8e:57:97:04:da:c2:8a:08:eb:00:2b:bb:
ff:db:89:b1:63:4a:cb:c1:57:4b:66:39:79:c6:0f:
de:7b:ab:c6:1e:be:4c:b2:fb:57:e9:be:bd:9d:72:
5d:49:25:da:09:bb:87:4a:e7:e1:4e:41:a8:97:33:
e5:e3:f0:bc:f5:c4:b7:5d:20:ad:24:52:94:c0:ee:
79:fe:0f:3b:77:80:3a:f1:76:8a:53:9e:2b:16:70:
88:32:55:f0:af:d2:27:e0:40:35:68:d5:f4:81:80:
b3:27:77:3f:13:b0:54:b5:d9:70:54:e2:de:87:cb:
d6:e5:3a:18:ca:e9:85:e9:11:bb:9a:d9:cc:45:0d:
8d:ef:d7:81:ce:02:b6:33:44:8a:28:3b:1f:c2:e5:
ed:68:bd:d5:b2:39:4a:c6:14:ac:d8:f7:49:ef:94:
d6:f4:6d:ad:1c:9c:d8:95:b8:92:67:8f:8e:17:30:
df:e2:d6:66:c4:16:0c:bf:f0:30:8f:a2:da:13:69:
ea:02:e7:31:4a:df:dd:67:3d:bf:6d:ea:8d:13:1b:
3c:d8:0d:c1:4a:c6:3c:7a:f4:e6:fe:37:54:71:dc:
c6:db:bc:ad:01:a5:f9:56:6b:91:fd:9a:77:53:2e:
77:72:3a:a0:1c:f0:2a:e9:f5:bb:e3:0b:fb:24:ba:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:08:DC:58:46:4B:76:4C:5C:F1:F8:7C:9A:E3:68:EF:36:4B:25:1F
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/NwjcWEZLdkxc8fh8muNo7zZLJR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/30
2a09:8700::/32
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
33:68:09:3d:d4:3e:62:8e:34:f2:05:70:fc:5c:80:52:cf:9b:
55:db:e6:16:7b:a1:0f:05:2c:62:7a:bc:3e:80:e7:1c:c3:f1:
0a:e8:5b:4e:68:e5:cc:cf:b7:90:5b:f0:93:92:b8:3b:5e:5e:
e3:ce:7d:6c:74:d3:e8:6a:72:a3:77:13:b1:b1:df:b7:51:87:
99:5a:08:9c:92:c4:72:90:5b:04:78:10:a6:a7:74:29:7d:53:
f5:f2:85:09:fe:e4:ae:e0:70:30:68:f7:56:3b:f3:6c:15:c8:
49:e4:cd:2e:fa:01:fb:ec:7b:b8:29:4d:e9:c5:36:ac:91:48:
88:f2:5a:88:5d:eb:4f:11:d1:0d:50:16:05:b8:32:a7:4a:35:
b0:d3:f3:5a:6f:d4:f5:73:ef:2e:fc:37:c6:53:35:56:b0:92:
46:a7:66:9e:4b:85:6d:b5:03:48:01:74:68:a4:57:2c:a0:91:
66:f7:a7:c3:36:ef:5a:82:ba:fe:fc:d4:f9:be:34:e2:72:2a:
d1:9d:bf:a2:af:b7:b7:e0:af:e1:0e:5f:75:f7:b3:c2:9b:88:
df:f8:6e:42:72:4e:eb:09:1b:61:79:b1:dc:73:2d:a5:3c:9d:
f0:15:e0:d5:91:63:80:5a:cf:a5:6b:c3:be:47:b2:e4:e1:9f:
46:6d:5b:69
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZU4md6r1i9vpqnI/TFzoalTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwMjI0MTUzNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA4ZGM1ODQ2NGI3NjRjNWNmMWY4N2M5YWUzNjhlZjM2NGIyNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoESOV5cE2sKKCOsAK7v/24mxY0rL
wVdLZjl5xg/ee6vGHr5MsvtX6b69nXJdSSXaCbuHSufhTkGolzPl4/C89cS3XSCt
JFKUwO55/g87d4A68XaKU54rFnCIMlXwr9In4EA1aNX0gYCzJ3c/E7BUtdlwVOLe
h8vW5ToYyumF6RG7mtnMRQ2N79eBzgK2M0SKKDsfwuXtaL3VsjlKxhSs2PdJ75TW
9G2tHJzYlbiSZ4+OFzDf4tZmxBYMv/Awj6LaE2nqAucxSt/dZz2/beqNExs82A3B
SsY8evTm/jdUcdzG27ytAaX5VmuR/Zp3Uy53cjqgHPAq6fW74wv7JLoejwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDcI3FhGS3ZMXPH4fJrjaO82SyUfMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvTndqY1dFWkxka3hjOGZoOG11Tm83elpMSlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBsEAgACMBUDBQIqABkQAwUAKgmHAAMFACoS
XkEwDQYJKoZIhvcNAQELBQADggEBADNoCT3UPmKONPIFcPxcgFLPm1Xb5hZ7oQ8F
LGJ6vD6A5xzD8QroW05o5czPt5Bb8JOSuDteXuPOfWx00+hqcqN3E7Gx37dRh5la
CJySxHKQWwR4EKandCl9U/XyhQn+5K7gcDBo91Y782wVyEnkzS76Afvse7gpTenF
NqyRSIjyWohd608R0Q1QFgW4MqdKNbDT81pv1PVz7y78N8ZTNVawkkanZp5LhW21
A0gBdGikVyygkWb3p8M271qCuv781Pm+NOJyKtGdv6Kvt7fgr+EOX3X3s8KbiN/4
bkJyTusJG2F5sdxzLaU8nfAV4NWRY4Baz6Vrw75HsuThn0ZtW2k=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:21 2025 by rpki-client on console.sobornost.net