Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ncXYiMMk7Py1Om5tGMqWGLBtpDE.roa
File: ncXYiMMk7Py1Om5tGMqWGLBtpDE.roa (raw, json)
Hash identifier: ue3PRYMatnVnCc7uFg9uHpheEoijmvmRSQgE1aUj8Qs=
Subject key identifier: 9D:C5:D8:88:C3:24:EC:FC:B5:3A:6E:6D:18:CA:96:18:B0:6D:A4:31
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01942368D00D82496BDB1CE07150B984A70B
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ncXYiMMk7Py1Om5tGMqWGLBtpDE.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 91.205.116.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
185.148.224.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d0:0d:82:49:6b:db:1c:e0:71:50:b9:84:a7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dc5d888c324ecfcb53a6e6d18ca9618b06da431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:19:7a:82:1f:6d:a4:1b:95:b0:b9:c3:46:a5:
00:20:f0:a3:8a:4f:40:48:da:4c:f5:ec:4e:11:68:
32:37:ba:4f:65:06:84:c3:29:eb:62:f0:09:fe:53:
9c:db:a6:81:c4:4c:38:d8:80:a8:77:36:13:70:ce:
a6:90:7f:da:52:49:12:7f:b0:73:17:d6:3b:c0:7d:
e1:21:30:53:ca:e9:c9:2f:2b:6c:d5:f1:4b:55:3e:
77:c4:03:8d:e3:db:d4:6a:b5:c8:3a:b3:ad:3d:5d:
14:54:07:0c:52:da:29:9c:f8:78:54:35:e3:2f:f7:
fd:9b:1c:09:9f:7f:c1:13:b1:67:41:10:8e:b2:8f:
32:a5:6d:e3:ea:1b:55:75:6e:07:13:24:63:e3:9b:
6b:6c:e6:bb:3e:96:12:81:3f:3f:2c:45:d6:c0:94:
e1:e0:d5:a1:ba:72:56:93:ee:79:f1:44:c8:f2:8c:
b6:e7:86:aa:a9:af:d1:77:a2:14:87:1d:e9:52:10:
5e:78:bf:c7:9e:03:d5:f9:57:ac:15:d4:5e:b9:e8:
18:cc:e5:fe:e5:3b:33:1f:ac:13:68:91:c6:34:d2:
1c:8b:96:97:fa:0b:de:b4:14:3e:0a:24:64:5d:4e:
da:a3:63:15:a3:25:63:5d:cf:23:11:cc:07:4e:2a:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C5:D8:88:C3:24:EC:FC:B5:3A:6E:6D:18:CA:96:18:B0:6D:A4:31
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ncXYiMMk7Py1Om5tGMqWGLBtpDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
84:3c:51:91:ee:13:e2:cc:39:e1:4a:4e:2e:90:02:d9:7c:f3:
25:15:7d:6a:d7:09:a9:3f:bb:e8:a0:6c:97:97:ce:ef:0b:52:
d4:29:a1:9b:30:0c:72:78:00:c4:0f:4f:4f:71:17:e5:02:d9:
fc:fe:7b:2f:c0:c9:46:4d:8e:7f:e8:4f:02:f2:05:73:20:ae:
40:d8:26:9c:cc:ff:b0:12:e2:87:65:05:b5:09:51:f3:9f:65:
ad:f4:2e:73:16:34:c8:36:ce:05:28:0d:89:3c:c4:2e:14:1e:
82:9f:8c:94:af:9a:7d:07:d4:11:8b:33:0b:69:2f:4f:56:d8:
9f:34:26:dc:33:96:3a:0b:83:9f:48:0d:31:10:87:06:75:28:
f3:57:8c:93:e7:30:f3:82:21:ab:3b:56:60:bd:6d:5e:1e:df:
10:ff:ae:77:15:d1:cd:c3:07:70:71:fe:da:34:79:bc:de:22:
fe:b6:2b:57:bd:be:d3:26:00:68:54:da:6c:8b:b5:92:a7:3c:
91:29:20:fb:20:a3:69:b3:cd:f8:71:1a:89:57:43:6a:b8:98:
74:dc:b7:63:42:61:de:b8:20:6c:c0:2c:10:21:2b:34:8f:29:
76:fb:dd:e7:b4:28:fb:25:f8:9b:55:96:14:0b:d3:dd:05:f5:
86:83:9e:de
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQjaNANgklr2xzgcVC5hKcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM1ZDg4OGMzMjRlY2ZjYjUzYTZlNmQxOGNhOTYxOGIwNmRhNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBl6gh9tpBuVsLnDRqUAIPCjik9A
SNpM9exOEWgyN7pPZQaEwynrYvAJ/lOc26aBxEw42ICodzYTcM6mkH/aUkkSf7Bz
F9Y7wH3hITBTyunJLyts1fFLVT53xAON49vUarXIOrOtPV0UVAcMUtopnPh4VDXj
L/f9mxwJn3/BE7FnQRCOso8ypW3j6htVdW4HEyRj45trbOa7PpYSgT8/LEXWwJTh
4NWhunJWk+558UTI8oy254aqqa/Rd6IUhx3pUhBeeL/HngPV+VesFdReuegYzOX+
5TszH6wTaJHGNNIci5aX+gvetBQ+CiRkXU7ao2MVoyVjXc8jEcwHTirc6wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ3F2IjDJOz8tTpubRjKlhiwbaQxMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvbmNYWWlNTWs3UHkxT201dEdNcVdHTEJ0cERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAIQ8UZHuE+LMOeFKTi6QAtl88yUVfWrXCak/u+igbJeXzu8LUtQpoZswDHJ4
AMQPT09xF+UC2fz+ey/AyUZNjn/oTwLyBXMgrkDYJpzM/7AS4odlBbUJUfOfZa30
LnMWNMg2zgUoDYk8xC4UHoKfjJSvmn0H1BGLMwtpL09W2J80JtwzljoLg59IDTEQ
hwZ1KPNXjJPnMPOCIas7VmC9bV4e3xD/rncV0c3DB3Bx/to0ebzeIv62K1e9vtMm
AGhU2myLtZKnPJEpIPsgo2mzzfhxGolXQ2q4mHTct2NCYd64IGzALBAhKzSPKXb7
3ee0KPsl+JtVlhQL090F9YaDnt4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:40 2025 by rpki-client on console.sobornost.net