Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/nyyFnipIH8x-WXxVr5E31pzM3bw.roa
File: nyyFnipIH8x-WXxVr5E31pzM3bw.roa (raw, json)
Hash identifier: F30BRqsOUfGjHcN42efG2ZXnRs6ncB05ESHRlvFrG98=
Subject key identifier: 9F:2C:85:9E:2A:48:1F:CC:7E:59:7C:55:AF:91:37:D6:9C:CC:DD:BC
Certificate issuer: /CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Certificate serial: 01941FFA5E171480794FB8C70E9435836913
Authority key identifier: DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/nyyFnipIH8x-WXxVr5E31pzM3bw.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205330
IP address blocks: 37.130.216.0/21 maxlen: 24
185.109.56.0/22 maxlen: 24
2a0f:cec0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5e:17:14:80:79:4f:b8:c7:0e:94:35:83:69:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f2c859e2a481fcc7e597c55af9137d69cccddbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:51:22:84:6c:da:6d:9d:4a:b1:37:cf:1c:
d3:0d:3a:40:3b:6a:cd:e7:de:70:cf:09:2d:22:ad:
45:03:d4:83:34:62:94:43:0a:54:75:6a:e4:be:bb:
b1:3d:a8:f8:88:cd:a0:b7:96:50:db:59:0c:fa:da:
34:ad:c7:6f:02:47:89:d7:9e:59:ad:63:9b:ff:bb:
d8:74:25:a4:1f:73:11:34:15:53:e2:6e:ac:40:81:
9d:1d:79:fc:4c:49:0a:72:d2:b8:b5:3f:c0:97:6c:
7e:7a:e9:f6:9c:41:15:c0:6e:dc:f5:e5:cb:cd:b4:
74:1f:6f:84:c6:bf:c6:e8:e9:aa:31:7c:b4:e6:a8:
0d:75:e8:33:08:d3:61:d3:a2:68:9f:88:c1:62:a3:
78:f7:b6:52:fe:62:fd:96:c3:ea:c7:16:29:bb:60:
48:3f:7b:3f:22:c2:50:94:71:24:4c:d3:74:a5:1f:
c7:d7:62:c7:35:41:46:80:11:70:ea:75:a0:7b:5f:
00:5f:78:c7:04:34:5f:30:36:b9:12:b3:d2:9f:c9:
5a:56:29:a0:bc:8b:8b:69:96:84:d3:50:a7:95:e7:
e3:4a:8c:bc:f5:2d:31:4e:30:6a:26:df:0d:b4:5c:
6b:d0:d4:b0:7b:06:29:d3:12:a3:a7:bf:14:c7:c1:
5b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2C:85:9E:2A:48:1F:CC:7E:59:7C:55:AF:91:37:D6:9C:CC:DD:BC
X509v3 Authority Key Identifier:
keyid:DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/nyyFnipIH8x-WXxVr5E31pzM3bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/3F-syhTeCBdO9clskfHngl9C0Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.216.0/21
185.109.56.0/22
IPv6:
2a0f:cec0::/32
Signature Algorithm: sha256WithRSAEncryption
c6:4e:38:42:2a:71:48:01:e8:96:78:0c:79:76:af:18:b2:0f:
ab:e9:fe:94:68:de:08:e5:fa:ab:8c:28:a5:4f:cd:e2:69:e3:
0f:e3:bb:73:05:5f:c8:08:c9:e8:4c:f8:76:ac:3e:3b:a5:30:
bd:5b:68:38:73:68:35:12:35:a3:91:6a:7b:4d:68:40:64:cc:
4c:80:14:34:4e:f8:10:fa:67:ee:b2:47:22:e3:a6:5e:cd:ce:
aa:bf:4f:78:4b:ee:4b:bb:b8:68:16:6c:11:71:ae:97:4d:80:
b8:a3:ed:a4:a2:75:c0:97:46:cd:a5:70:0a:4b:19:9b:01:fe:
18:51:9a:aa:79:ac:f6:bd:f7:3c:88:67:60:a3:1d:8c:ae:a0:
18:24:f8:c9:ba:fa:71:3e:9c:f0:05:a5:7c:01:eb:89:a8:9c:
ab:a1:c3:d1:10:59:67:14:d2:7e:9d:6d:84:05:fd:3b:89:9b:
ff:b5:52:d1:b7:05:af:7a:26:e8:17:8e:5a:f0:3d:4b:43:e9:
91:1d:17:9e:09:24:68:52:9b:e8:f8:52:bc:07:25:6b:a3:c9:
ca:47:c1:5d:ce:09:ce:f8:b1:ef:4f:33:e3:11:91:56:9e:63:
fe:90:a2:91:bf:ff:ba:9b:b1:f1:8b:72:db:06:d6:9b:4c:7e:
5a:d1:8a:d7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+l4XFIB5T7jHDpQ1g2kTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNWZhY2NhMTRkZTA4MTc0ZWY1Yzk2YzkxZjFlNzgyNWY0
MmQwN2IwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJjODU5ZTJhNDgxZmNjN2U1OTdjNTVhZjkxMzdkNjljY2NkZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXRRIoRs2m2dSrE3zxzTDTpAO2rN
595wzwktIq1FA9SDNGKUQwpUdWrkvruxPaj4iM2gt5ZQ21kM+to0rcdvAkeJ155Z
rWOb/7vYdCWkH3MRNBVT4m6sQIGdHXn8TEkKctK4tT/Al2x+eun2nEEVwG7c9eXL
zbR0H2+Exr/G6OmqMXy05qgNdegzCNNh06Jon4jBYqN497ZS/mL9lsPqxxYpu2BI
P3s/IsJQlHEkTNN0pR/H12LHNUFGgBFw6nWge18AX3jHBDRfMDa5ErPSn8laVimg
vIuLaZaE01CnlefjSoy89S0xTjBqJt8NtFxr0NSwewYp0xKjp78Ux8FbuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ8shZ4qSB/Mfll8Va+RN9aczN28MB8GA1UdIwQY
MBaAFNxfrMoU3ggXTvXJbJHx54JfQtB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjct
YTcwMTY5ODBjODZmLzEvbnl5Rm5pcElIOHgtV1h4VnI1RTMxcHpNM2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjctYTcwMTY5ODBjODZm
LzEvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJYLYAwQC
uW04MA0EAgACMAcDBQAqD87AMA0GCSqGSIb3DQEBCwUAA4IBAQDGTjhCKnFIAeiW
eAx5dq8Ysg+r6f6UaN4I5fqrjCilT83iaeMP47tzBV/ICMnoTPh2rD47pTC9W2g4
c2g1EjWjkWp7TWhAZMxMgBQ0TvgQ+mfuskci46Zezc6qv094S+5Lu7hoFmwRca6X
TYC4o+2konXAl0bNpXAKSxmbAf4YUZqqeaz2vfc8iGdgox2MrqAYJPjJuvpxPpzw
BaV8AeuJqJyrocPREFlnFNJ+nW2EBf07iZv/tVLRtwWveiboF45a8D1LQ+mRHRee
CSRoUpvo+FK8ByVro8nKR8FdzgnO+LHvTzPjEZFWnmP+kKKRv/+6m7Hxi3LbBtab
TH5a0YrX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net