Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/nMra-Jnuy1-KF59c3gHNl4k3BGo.roa
File: nMra-Jnuy1-KF59c3gHNl4k3BGo.roa (raw, json)
Hash identifier: E6H4x/vSs6tKPKP20pzl8TJ2cP6miiiqM+CoQMRhnI8=
Subject key identifier: 9C:CA:DA:F8:99:EE:CB:5F:8A:17:9F:5C:DE:01:CD:97:89:37:04:6A
Certificate issuer: /CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Certificate serial: 0194CB522778A0B2C84BF2A491A2E40ABE89
Authority key identifier: 3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/nMra-Jnuy1-KF59c3gHNl4k3BGo.roa
Signing time: Mon 03 Feb 2025 10:19:06 +0000
ROA not before: Mon 03 Feb 2025 10:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39305
IP address blocks: 89.40.176.0/22 maxlen: 22
94.24.24.0/22 maxlen: 22
94.24.30.0/23 maxlen: 23
158.247.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:52:27:78:a0:b2:c8:4b:f2:a4:91:a2:e4:0a:be:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Validity
Not Before: Feb 3 10:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ccadaf899eecb5f8a179f5cde01cd978937046a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:ce:89:aa:85:fe:69:24:d5:e7:e7:e1:15:
0c:a3:1a:14:c9:10:93:78:b6:df:9f:a8:db:d8:09:
b9:27:2e:24:06:b7:26:b7:e1:7b:5b:53:90:1d:9c:
cb:88:85:60:28:30:cb:87:be:3a:5b:45:79:60:50:
f4:fc:dc:84:bd:13:bf:88:60:a4:51:5d:47:a9:cf:
93:3a:23:aa:aa:ef:63:f6:9a:1d:dd:cb:40:37:0f:
9a:8e:52:c6:e3:15:52:10:6d:82:b4:55:67:ad:d7:
fa:a0:c0:35:97:da:58:c2:a3:61:d4:c8:aa:f1:3f:
e0:6a:0e:80:05:91:0b:5d:73:79:88:85:9d:e4:5c:
3b:4d:52:f4:cf:31:c4:04:12:ac:41:03:97:9a:99:
ee:35:99:c5:e6:48:38:a6:31:35:13:1c:fc:b3:32:
d0:80:07:9b:20:f1:c4:d4:1d:50:4a:33:86:7d:20:
06:0d:4e:9a:75:77:a2:0c:89:39:ba:0a:64:51:5e:
f5:45:dd:6a:4b:b6:1d:c0:99:03:0e:a6:68:fb:e3:
d0:ce:90:41:75:9f:98:76:70:93:30:b7:10:06:03:
63:f2:b0:5f:5c:53:00:1d:fa:b6:7f:2f:d7:90:fd:
61:69:31:bd:9d:a8:c2:8a:e5:81:9c:c7:0e:e4:a3:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CA:DA:F8:99:EE:CB:5F:8A:17:9F:5C:DE:01:CD:97:89:37:04:6A
X509v3 Authority Key Identifier:
keyid:3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/nMra-Jnuy1-KF59c3gHNl4k3BGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.176.0/22
94.24.24.0/22
94.24.30.0/23
158.247.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:d6:31:c8:07:f2:04:26:41:9a:ee:a7:39:1a:fb:29:20:d8:
65:40:e9:5c:fd:7f:22:9d:ec:42:f5:5b:65:bb:50:8a:9e:3b:
c5:71:c8:8d:1d:c8:c4:11:9d:ee:82:ed:ae:17:48:9e:7f:ef:
37:b2:85:ca:71:c8:88:38:a7:77:3d:d6:ba:8a:be:a5:16:f0:
54:eb:06:a1:1c:fc:80:5b:28:2d:9f:79:ce:3a:95:95:46:43:
fb:a5:c7:cf:87:58:3f:9d:15:e3:ba:c7:52:96:5c:e6:bd:9b:
f5:63:cd:ca:30:b5:70:71:58:a1:13:0f:f1:ce:a4:11:29:b9:
ca:97:5b:5e:e2:47:46:3f:fa:d7:85:c2:87:94:92:15:4a:70:
a7:74:6b:72:33:30:06:07:74:2a:37:24:0e:9c:6a:37:fe:2c:
43:81:b5:c6:1b:78:58:2e:0d:0a:b4:91:fc:f8:e9:46:a4:96:
24:e3:96:81:00:8a:1d:20:61:bc:6a:76:ca:ac:d6:56:48:14:
28:a3:85:db:3a:5e:b5:48:bc:76:4b:e7:b8:77:65:a7:47:da:
25:c6:ab:7f:d9:42:a2:64:5a:67:0b:8a:02:45:2e:5f:16:aa:
e6:cd:95:07:7d:4c:67:39:ef:7f:00:e7:07:b3:e4:9a:18:c2:
ae:7f:f7:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTLUid4oLLIS/KkkaLkCr6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjMwNzUyZjNiYTAwMjZmYmIyMGM1ZTRjOTYzYjExMjlh
YzlkMzQwHhcNMjUwMjAzMTAxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NhZGFmODk5ZWVjYjVmOGExNzlmNWNkZTAxY2Q5Nzg5MzcwNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTPOiaqF/mkk1efn4RUMoxoUyRCT
eLbfn6jb2Am5Jy4kBrcmt+F7W1OQHZzLiIVgKDDLh746W0V5YFD0/NyEvRO/iGCk
UV1Hqc+TOiOqqu9j9pod3ctANw+ajlLG4xVSEG2CtFVnrdf6oMA1l9pYwqNh1Miq
8T/gag6ABZELXXN5iIWd5Fw7TVL0zzHEBBKsQQOXmpnuNZnF5kg4pjE1Exz8szLQ
gAebIPHE1B1QSjOGfSAGDU6adXeiDIk5ugpkUV71Rd1qS7YdwJkDDqZo++PQzpBB
dZ+YdnCTMLcQBgNj8rBfXFMAHfq2fy/XkP1haTG9najCiuWBnMcO5KOV4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJzK2viZ7stfihefXN4BzZeJNwRqMB8GA1UdIwQY
MBaAFD8jB1LzugAm+7IMXkyWOxEprJ00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjkt
ZGQyMjUzMGUxNWE0LzEvbk1yYS1KbnV5MS1LRjU5YzNnSE5sNGszQkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjktZGQyMjUzMGUxNWE0
LzEvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCWSiwAwQC
XhgYAwQBXhgeAwQCnvc4MA0GCSqGSIb3DQEBCwUAA4IBAQBq1jHIB/IEJkGa7qc5
GvspINhlQOlc/X8inexC9Vtlu1CKnjvFcciNHcjEEZ3ugu2uF0ief+83soXKcciI
OKd3Pda6ir6lFvBU6wahHPyAWygtn3nOOpWVRkP7pcfPh1g/nRXjusdSllzmvZv1
Y83KMLVwcVihEw/xzqQRKbnKl1te4kdGP/rXhcKHlJIVSnCndGtyMzAGB3QqNyQO
nGo3/ixDgbXGG3hYLg0KtJH8+OlGpJYk45aBAIodIGG8anbKrNZWSBQoo4XbOl61
SLx2S+e4d2WnR9olxqt/2UKiZFpnC4oCRS5fFqrmzZUHfUxnOe9/AOcHs+SaGMKu
f/fa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net