Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/NYmwF4mBpF0BkmMcJbcBfbb7mNw.roa
File: NYmwF4mBpF0BkmMcJbcBfbb7mNw.roa (raw, json)
Hash identifier: 4P8DST75fp7YFw+joLinoBciFGEOW9RYd1ghEZUg2No=
Subject key identifier: 35:89:B0:17:89:81:A4:5D:01:92:63:1C:25:B7:01:7D:B6:FB:98:DC
Certificate issuer: /CN=d4afe3f0c9e555e52d3505d6163278df3da18cee
Certificate serial: 01961F128FAE84A3B216173DC8D41E279204
Authority key identifier: D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/NYmwF4mBpF0BkmMcJbcBfbb7mNw.roa
Signing time: Thu 10 Apr 2025 09:40:31 +0000
ROA not before: Thu 10 Apr 2025 09:40:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39591
IP address blocks: 46.17.8.0/22 maxlen: 22
46.17.12.0/23 maxlen: 23
2a02:2870::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:12:8f:ae:84:a3:b2:16:17:3d:c8:d4:1e:27:92:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4afe3f0c9e555e52d3505d6163278df3da18cee
Validity
Not Before: Apr 10 09:40:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3589b0178981a45d0192631c25b7017db6fb98dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:b3:72:ba:e9:1e:64:b8:62:01:2d:be:ae:
87:15:87:3c:65:b1:ab:6a:c8:17:3d:4a:f0:df:9b:
5a:04:a9:9f:53:d6:d4:e3:50:5a:8a:b1:7d:1c:b5:
a2:8e:2d:44:22:ae:0c:b9:be:61:09:c8:88:f8:3c:
1e:31:2d:9a:48:15:34:f8:92:58:35:c3:46:91:6a:
c2:d8:81:f6:24:2f:d0:39:f0:97:aa:54:12:c3:b3:
bc:fb:3a:a6:70:1c:ab:cc:71:a5:6e:2a:14:80:d4:
17:25:62:62:1e:82:5c:f9:39:0f:38:56:11:8e:e7:
84:62:4f:4e:b7:ec:48:bb:1f:38:b3:dd:7a:06:39:
20:c4:cc:91:3e:5a:e5:d2:d1:66:24:74:ad:a0:0a:
d8:00:a1:45:8f:de:9b:e6:7b:2d:9c:9f:0a:35:1b:
cd:f4:00:06:16:61:60:90:5c:fa:be:3f:89:17:8b:
ba:42:1a:18:b4:08:40:f0:df:21:cd:8b:30:3b:4e:
44:67:01:15:e5:ed:39:a8:cc:38:79:af:f2:79:16:
90:15:88:9a:fc:81:38:81:70:96:16:3d:b9:0e:b7:
2c:d3:30:9a:a3:1b:ca:c8:60:d1:f2:ef:cc:d4:36:
65:2d:9d:94:89:5a:07:ca:1e:d3:bc:35:dd:52:22:
03:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:89:B0:17:89:81:A4:5D:01:92:63:1C:25:B7:01:7D:B6:FB:98:DC
X509v3 Authority Key Identifier:
keyid:D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/NYmwF4mBpF0BkmMcJbcBfbb7mNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/1K_j8MnlVeUtNQXWFjJ43z2hjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.8.0-46.17.13.255
IPv6:
2a02:2870::/33
Signature Algorithm: sha256WithRSAEncryption
12:c2:c0:cb:a0:3a:64:43:07:0a:3a:8a:02:d5:cf:0c:fc:b1:
02:de:4d:4e:b5:5f:c1:1d:2a:f7:47:6f:7d:63:20:ad:0e:ab:
19:89:31:96:a4:b4:a2:48:7e:b7:9f:24:d2:9f:b7:c3:6d:ab:
2d:63:f2:a5:c2:9a:62:5d:3b:fe:94:73:11:7a:c0:e1:6a:b4:
b4:cd:a6:8d:83:34:e8:3d:6e:b3:80:14:cb:4d:bc:d7:09:f8:
37:ee:6e:ca:93:3d:95:98:8b:0f:73:37:01:fe:e3:f7:d1:b3:
96:b0:a5:c6:fa:28:3c:09:6f:2b:00:7a:68:d8:0e:9d:cd:e3:
c9:bc:39:bd:cb:53:8d:c3:ce:c5:6b:eb:bd:b1:4a:50:3f:a9:
f8:c9:a3:82:58:62:a8:11:23:cc:e4:1a:94:92:94:0d:d1:30:
d2:89:b4:af:f3:e8:94:3a:b5:8a:ac:27:43:35:8d:29:73:0d:
dd:ef:89:95:e9:6c:2a:f2:f0:f4:c8:67:02:97:ab:a2:17:5b:
a9:a2:56:32:f1:16:ba:81:ec:86:e2:ad:f7:dc:a6:0f:0f:17:
a5:bf:c4:3f:67:91:1c:ee:d9:ed:6c:48:3a:fd:6e:af:41:ba:
37:99:13:2c:d9:f1:71:08:c8:2d:38:26:50:a7:13:dd:3f:ac:
b7:6d:37:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYfEo+uhKOyFhc9yNQeJ5IEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWZlM2YwYzllNTU1ZTUyZDM1MDVkNjE2MzI3OGRmM2Rh
MThjZWUwHhcNMjUwNDEwMDk0MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg5YjAxNzg5ODFhNDVkMDE5MjYzMWMyNWI3MDE3ZGI2ZmI5OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF2zcrrpHmS4YgEtvq6HFYc8ZbGr
asgXPUrw35taBKmfU9bU41BairF9HLWiji1EIq4Mub5hCciI+DweMS2aSBU0+JJY
NcNGkWrC2IH2JC/QOfCXqlQSw7O8+zqmcByrzHGlbioUgNQXJWJiHoJc+TkPOFYR
jueEYk9Ot+xIux84s916BjkgxMyRPlrl0tFmJHStoArYAKFFj96b5nstnJ8KNRvN
9AAGFmFgkFz6vj+JF4u6QhoYtAhA8N8hzYswO05EZwEV5e05qMw4ea/yeRaQFYia
/IE4gXCWFj25Drcs0zCaoxvKyGDR8u/M1DZlLZ2UiVoHyh7TvDXdUiIDXQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDWJsBeJgaRdAZJjHCW3AX22+5jcMB8GA1UdIwQY
MBaAFNSv4/DJ5VXlLTUF1hYyeN89oYzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUtfajhNbmxWZVV0TlFYV0ZqSjQzejJoak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xYzY3ZWYtZTgzZC00NDI3LTg2NGIt
YzU5ODI1YmJjYjMyLzEvTlltd0Y0bUJwRjBCa21NY0piY0JmYmI3bU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xYzY3ZWYtZTgzZC00NDI3LTg2NGItYzU5ODI1YmJjYjMy
LzEvMUtfajhNbmxWZVV0TlFYV0ZqSjQzejJoak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAMuEQgD
BAEuEQwwDgQCAAIwCAMGByoCKHAAMA0GCSqGSIb3DQEBCwUAA4IBAQASwsDLoDpk
QwcKOooC1c8M/LEC3k1OtV/BHSr3R299YyCtDqsZiTGWpLSiSH63nyTSn7fDbast
Y/KlwppiXTv+lHMResDharS0zaaNgzToPW6zgBTLTbzXCfg37m7Kkz2VmIsPczcB
/uP30bOWsKXG+ig8CW8rAHpo2A6dzePJvDm9y1ONw87Fa+u9sUpQP6n4yaOCWGKo
ESPM5BqUkpQN0TDSibSv8+iUOrWKrCdDNY0pcw3d74mV6Wwq8vD0yGcCl6uiF1up
olYy8Ra6geyG4q333KYPDxelv8Q/Z5Ec7tntbEg6/W6vQbo3mRMs2fFxCMgtOCZQ
pxPdP6y3bTdT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net