Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NDt_WTrjoPL0cL8oTyPCRgNakA0.roa
File: NDt_WTrjoPL0cL8oTyPCRgNakA0.roa (raw, json)
Hash identifier: Hp1RzwRCWlMoxPuIUolhJVdqweoyQ9ReAqFHs5ETdBY=
Subject key identifier: 34:3B:7F:59:3A:E3:A0:F2:F4:70:BF:28:4F:23:C2:46:03:5A:90:0D
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 01942445089F4390D11E5DDDF291C33F0A8E
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NDt_WTrjoPL0cL8oTyPCRgNakA0.roa
Signing time: Wed 01 Jan 2025 23:48:11 +0000
ROA not before: Wed 01 Jan 2025 23:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60341
IP address blocks: 37.140.252.0/24 maxlen: 24
185.200.132.0/22 maxlen: 22
185.200.132.0/23 maxlen: 23
185.200.132.0/24 maxlen: 24
185.200.133.0/24 maxlen: 24
185.200.134.0/23 maxlen: 23
185.200.134.0/24 maxlen: 24
185.200.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:08:9f:43:90:d1:1e:5d:dd:f2:91:c3:3f:0a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Jan 1 23:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343b7f593ae3a0f2f470bf284f23c246035a900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b2:f0:09:77:14:51:80:5f:0b:48:8e:8b:5c:
df:05:2d:56:34:73:66:dd:61:a7:be:9a:56:e2:17:
58:c3:a2:02:17:68:fe:21:d5:e5:e2:68:77:6d:47:
f6:cd:3f:fb:43:43:61:01:21:ad:7d:85:60:33:2a:
0d:1f:f9:fb:46:cf:9c:8b:a2:ba:ce:fc:8c:8b:ea:
55:8b:35:55:69:e2:d6:3f:9c:3b:b3:e4:9c:de:b2:
67:b8:0f:52:4e:1b:7b:ae:af:c0:2b:e0:79:13:09:
31:4f:c3:f2:65:6d:00:92:d2:72:64:94:3d:ec:5a:
6c:7b:89:c0:2f:50:be:f2:42:0c:5e:28:5d:a6:ac:
75:b9:93:ad:7d:34:b7:d6:cc:7b:ba:95:0c:b0:cf:
bc:4c:a6:c8:ec:04:8d:0e:8a:0f:ec:23:0f:c9:25:
0d:9b:14:ed:ff:eb:20:7b:4d:2b:18:8d:b6:10:61:
7f:43:47:93:23:50:a8:18:05:be:a1:e9:db:52:9d:
f2:e0:91:a4:fc:c7:f6:e5:1d:fd:f0:ec:27:06:89:
b1:57:27:48:04:b8:19:fb:be:2d:63:d6:c4:b6:31:
35:b5:59:52:94:88:93:f6:24:df:2d:fd:7b:fe:2d:
48:5a:a8:8b:47:60:c9:07:be:11:ae:e6:45:ae:a9:
76:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3B:7F:59:3A:E3:A0:F2:F4:70:BF:28:4F:23:C2:46:03:5A:90:0D
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/NDt_WTrjoPL0cL8oTyPCRgNakA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:fb:9c:76:e3:15:9a:6f:2a:35:84:b0:aa:99:37:64:70:06:
90:79:4c:33:8d:3c:f4:dc:3d:2b:a1:59:1c:14:90:99:19:ba:
26:af:97:87:99:86:e4:6a:b4:3b:a2:9c:31:75:33:c1:9b:d0:
40:9c:12:01:98:3c:b5:e7:a6:43:0c:7d:c4:7f:96:d3:38:05:
9f:70:7e:b0:90:58:dc:34:d5:41:d7:53:0f:9e:b9:bb:56:26:
1c:4d:7d:91:f5:a4:72:01:40:bc:02:70:a0:4c:17:26:45:35:
66:f3:42:1d:aa:e3:65:ca:69:25:ff:99:fb:91:b0:4e:71:15:
28:1e:31:71:7e:d3:4d:7a:a2:4d:1e:9b:02:d9:89:b3:78:10:
0b:5d:57:86:63:8c:9c:90:9f:b7:26:28:84:3c:5e:f6:58:90:
d7:32:8f:e5:60:d2:e0:9e:fc:dc:37:c2:39:06:ca:a2:28:f2:
a1:7a:c9:86:6c:f7:82:47:29:ca:3f:10:d3:b8:9b:73:e0:44:
98:fc:3d:13:87:d8:d5:79:81:da:34:6e:c0:8f:76:4d:bb:be:
f5:2e:39:92:71:7f:87:20:34:df:6b:fb:b5:1b:cb:0a:9a:11:
db:81:92:35:1f:23:5b:2c:18:86:eb:ea:2d:08:f8:1d:79:be:
3a:61:69:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRQifQ5DRHl3d8pHDPwqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzQ5MmU0ZDI1YzNiYmQwYzVlMjBjNWE4NWVjYjIyZWM5
NzM2MGEwHhcNMjUwMTAxMjM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNiN2Y1OTNhZTNhMGYyZjQ3MGJmMjg0ZjIzYzI0NjAzNWE5MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbLwCXcUUYBfC0iOi1zfBS1WNHNm
3WGnvppW4hdYw6ICF2j+IdXl4mh3bUf2zT/7Q0NhASGtfYVgMyoNH/n7Rs+ci6K6
zvyMi+pVizVVaeLWP5w7s+Sc3rJnuA9STht7rq/AK+B5EwkxT8PyZW0AktJyZJQ9
7Fpse4nAL1C+8kIMXihdpqx1uZOtfTS31sx7upUMsM+8TKbI7ASNDooP7CMPySUN
mxTt/+sge00rGI22EGF/Q0eTI1CoGAW+oenbUp3y4JGk/Mf25R398OwnBomxVydI
BLgZ+74tY9bEtjE1tVlSlIiT9iTfLf17/i1IWqiLR2DJB74RruZFrql2awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQ7f1k646Dy9HC/KE8jwkYDWpANMB8GA1UdIwQY
MBaAFNc0kuTSXDu9DF4gxaheyyLslzYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgt
ZGVjMjFlZWZhMzhiLzEvTkR0X1dUcmpvUEwwY0w4b1R5UENSZ05ha0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgtZGVjMjFlZWZhMzhi
LzEvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJYz8AwQC
uciEMA0GCSqGSIb3DQEBCwUAA4IBAQAv+5x24xWabyo1hLCqmTdkcAaQeUwzjTz0
3D0roVkcFJCZGbomr5eHmYbkarQ7opwxdTPBm9BAnBIBmDy156ZDDH3Ef5bTOAWf
cH6wkFjcNNVB11MPnrm7ViYcTX2R9aRyAUC8AnCgTBcmRTVm80IdquNlymkl/5n7
kbBOcRUoHjFxftNNeqJNHpsC2YmzeBALXVeGY4yckJ+3JiiEPF72WJDXMo/lYNLg
nvzcN8I5BsqiKPKhesmGbPeCRynKPxDTuJtz4ESY/D0Th9jVeYHaNG7Aj3ZNu771
LjmScX+HIDTfa/u1G8sKmhHbgZI1HyNbLBiG6+otCPgdeb46YWm/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net