Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/NhjTM3dOPnMsLQ7ebQq_0aK61EU.roa
File: NhjTM3dOPnMsLQ7ebQq_0aK61EU.roa (raw, json)
Hash identifier: pDZlPFnX9elEIPNsw2D7ajm33IBeKqhaDpBvumlLRQw=
Subject key identifier: 36:18:D3:33:77:4E:3E:73:2C:2D:0E:DE:6D:0A:BF:D1:A2:BA:D4:45
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 0194228E3FC5209273442F44D3178006565F
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/NhjTM3dOPnMsLQ7ebQq_0aK61EU.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212865
IP address blocks: 5.57.201.0/24 maxlen: 24
5.57.202.0/23 maxlen: 23
5.57.204.0/22 maxlen: 22
185.164.153.0/24 maxlen: 24
185.164.154.0/24 maxlen: 24
185.164.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3f:c5:20:92:73:44:2f:44:d3:17:80:06:56:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3618d333774e3e732c2d0ede6d0abfd1a2bad445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:74:6f:2f:19:6a:d2:0d:40:88:5c:92:89:
8b:f5:5d:a9:55:26:29:dd:c4:57:ec:1f:db:85:9d:
f8:c1:db:04:8e:d0:75:8e:f0:7d:eb:da:82:a2:4b:
99:1f:b6:79:e7:1f:67:6a:9f:53:69:b9:15:78:14:
61:bc:13:45:d2:01:43:2f:29:7c:4d:e5:f5:5a:38:
d9:f4:54:9c:b4:8d:bc:c8:8f:ba:a9:31:dd:5e:a3:
02:ef:26:34:68:6b:cb:26:3e:0d:eb:9d:ec:80:75:
62:c3:22:fc:6d:55:94:83:5b:9e:54:f1:6e:85:68:
f5:36:05:c3:11:69:4d:d1:f4:3c:11:78:23:fd:27:
3c:da:ab:0b:2f:9e:ee:af:25:f2:47:a6:75:28:57:
71:d0:6a:2c:27:f0:40:31:e1:7b:87:24:82:e8:00:
ba:0a:09:2a:bf:d5:b1:fb:32:7a:67:0f:65:61:68:
8d:f5:59:89:f7:4e:61:3d:26:06:7e:66:7f:84:e2:
97:d5:7b:f3:04:fe:b0:12:25:f4:da:ce:eb:8c:90:
20:8c:7d:dc:c2:49:69:7c:92:10:d0:05:ef:fa:3f:
b7:d6:ef:c1:bf:8d:a3:b0:84:49:45:01:26:8e:ff:
5b:b0:68:09:50:3b:79:9d:20:66:b0:89:4e:aa:6c:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:18:D3:33:77:4E:3E:73:2C:2D:0E:DE:6D:0A:BF:D1:A2:BA:D4:45
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/NhjTM3dOPnMsLQ7ebQq_0aK61EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.201.0-5.57.207.255
185.164.153.0-185.164.155.255
Signature Algorithm: sha256WithRSAEncryption
91:fd:65:0d:f0:02:98:96:02:c2:41:bf:d5:64:f7:db:a1:e1:
42:82:b4:a7:8c:e6:c9:22:2b:97:d4:ca:bc:90:44:ba:38:3e:
96:c6:31:2c:ec:08:2f:12:af:55:82:3c:7d:96:24:6c:08:6a:
c4:94:0d:39:07:9c:f1:2f:03:5f:6f:a1:c5:85:3f:99:d2:a1:
e1:6a:61:f5:2d:fe:5f:3d:ca:1b:60:d4:ae:00:1a:91:ce:11:
03:c7:4c:1e:2b:fc:53:72:99:8d:7c:9d:93:4d:61:af:9d:b6:
e9:98:99:db:2a:fb:78:08:5e:ac:85:f0:04:07:7f:c7:46:27:
cb:ca:ad:01:ce:19:45:0c:4a:d6:9b:ca:33:f7:af:c8:98:ea:
0a:58:1a:d1:4e:d6:01:40:79:1b:0e:99:ad:04:8a:6e:9f:72:
dd:d9:7c:31:53:56:2f:7c:13:cc:bd:63:8f:be:2c:7e:c0:d9:
03:3d:cf:0c:9d:25:25:66:1a:85:15:22:61:33:85:d7:41:95:
ab:f1:5d:15:0d:71:0d:a9:a9:f4:37:7f:fb:76:f2:e8:ea:68:
f7:19:f4:53:6f:c3:11:0f:ae:32:78:84:7c:c2:89:46:0a:fe:
32:14:55:48:57:84:2e:cb:fa:84:f9:ef:4b:77:d0:32:34:df:
64:0a:a8:a2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQijj/FIJJzRC9E0xeABlZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OGQ4NTRiZDJiZWUyNDJhODJmYjgzOTIyZDE0OWJjY2Yx
OWVkMDIwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjE4ZDMzMzc3NGUzZTczMmMyZDBlZGU2ZDBhYmZkMWEyYmFkNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoR0by8ZatINQIhckomL9V2pVSYp
3cRX7B/bhZ34wdsEjtB1jvB969qCokuZH7Z55x9nap9TabkVeBRhvBNF0gFDLyl8
TeX1WjjZ9FSctI28yI+6qTHdXqMC7yY0aGvLJj4N653sgHViwyL8bVWUg1ueVPFu
hWj1NgXDEWlN0fQ8EXgj/Sc82qsLL57uryXyR6Z1KFdx0GosJ/BAMeF7hySC6AC6
Cgkqv9Wx+zJ6Zw9lYWiN9VmJ905hPSYGfmZ/hOKX1XvzBP6wEiX02s7rjJAgjH3c
wklpfJIQ0AXv+j+31u/Bv42jsIRJRQEmjv9bsGgJUDt5nSBmsIlOqmyeiwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDYY0zN3Tj5zLC0O3m0Kv9GiutRFMB8GA1UdIwQY
MBaAFFeNhUvSvuJCqC+4OSLRSbzPGe0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEt
MWFiNWY1Mzk5ZDNhLzEvTmhqVE0zZE9Qbk1zTFE3ZWJRcV8wYUs2MUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEtMWFiNWY1Mzk5ZDNh
LzEvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAFOckD
BAQFOcAwDAMEALmkmQMEArmkmDANBgkqhkiG9w0BAQsFAAOCAQEAkf1lDfACmJYC
wkG/1WT326HhQoK0p4zmySIrl9TKvJBEujg+lsYxLOwILxKvVYI8fZYkbAhqxJQN
OQec8S8DX2+hxYU/mdKh4Wph9S3+Xz3KG2DUrgAakc4RA8dMHiv8U3KZjXydk01h
r5226ZiZ2yr7eAherIXwBAd/x0Yny8qtAc4ZRQxK1pvKM/evyJjqClga0U7WAUB5
Gw6ZrQSKbp9y3dl8MVNWL3wTzL1jj74sfsDZAz3PDJ0lJWYahRUiYTOF10GVq/Fd
FQ1xDamp9Dd/+3by6Opo9xn0U2/DEQ+uMniEfMKJRgr+MhRVSFeELsv6hPnvS3fQ
MjTfZAqoog==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net