Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/NPrFrz0cd9RwFflsGsCdDNMfAr0.roa
File: NPrFrz0cd9RwFflsGsCdDNMfAr0.roa (raw, json)
Hash identifier: jshLBr/kCe7qG8FrThuyDuL970cXBRKfV+X/BS5ZI9Q=
Subject key identifier: 34:FA:C5:AF:3D:1C:77:D4:70:15:F9:6C:1A:C0:9D:0C:D3:1F:02:BD
Certificate issuer: /CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Certificate serial: 019422FAEF6713C5D520ADADF1A2517A9416
Authority key identifier: 7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/NPrFrz0cd9RwFflsGsCdDNMfAr0.roa
Signing time: Wed 01 Jan 2025 17:47:38 +0000
ROA not before: Wed 01 Jan 2025 17:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202050
IP address blocks: 193.108.215.0/24 maxlen: 24
193.108.219.0/24 maxlen: 24
193.109.92.0/24 maxlen: 24
193.109.94.0/24 maxlen: 24
2a0f:f840::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:ef:67:13:c5:d5:20:ad:ad:f1:a2:51:7a:94:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Validity
Not Before: Jan 1 17:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34fac5af3d1c77d47015f96c1ac09d0cd31f02bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:80:48:65:cd:9b:2f:1c:5d:85:7c:90:dd:3f:
a0:03:46:80:d7:9c:6a:37:31:bb:3f:1f:b2:15:f9:
99:29:61:23:42:01:87:a1:6c:3c:93:7d:c9:45:f8:
a5:19:d9:03:57:4f:c0:6c:a1:74:ae:0d:3d:3b:f6:
9c:f1:57:fd:e1:85:cf:69:b8:93:b5:b9:95:e9:b2:
6e:01:0f:e0:22:5b:a5:f8:48:4e:8c:97:c5:3b:a6:
aa:e5:3a:ee:aa:52:08:9e:be:4b:94:2e:0e:4c:e0:
1a:9f:2b:6a:c7:83:69:5f:b8:19:5f:0c:5f:12:46:
f1:32:56:0c:5b:59:fb:55:ec:37:c7:8a:4e:b9:d8:
98:48:18:6f:27:2a:0a:0e:d5:2a:bb:34:80:cc:05:
2b:4e:6a:89:43:00:34:34:e8:a3:f2:00:23:ba:1c:
30:d9:c3:d4:36:d2:15:40:fa:f1:9b:55:7e:8d:68:
34:84:63:73:ac:af:42:aa:30:38:ba:d7:69:bd:cb:
32:6b:3b:3a:e1:b1:55:60:79:6a:24:71:15:9a:b5:
49:fb:f2:3d:ba:da:68:3b:84:ad:d4:db:cb:18:e2:
d6:d2:bc:67:12:b3:e2:49:18:8f:06:3b:bd:b4:3b:
da:8f:a6:d0:21:9a:a8:17:a9:f7:77:bc:1a:30:dd:
e4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FA:C5:AF:3D:1C:77:D4:70:15:F9:6C:1A:C0:9D:0C:D3:1F:02:BD
X509v3 Authority Key Identifier:
keyid:7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/NPrFrz0cd9RwFflsGsCdDNMfAr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/fvUy67B-qFBrZTQwwEbsjUAvlos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.215.0/24
193.108.219.0/24
193.109.92.0/24
193.109.94.0/24
IPv6:
2a0f:f840::/48
Signature Algorithm: sha256WithRSAEncryption
79:36:fe:1f:57:ee:64:bf:94:9f:83:2a:a1:b0:03:a3:cb:8c:
93:48:b5:45:4c:66:e0:9d:f9:ce:d8:3d:0f:6d:e7:16:ba:e9:
0c:27:2a:55:b8:31:05:a3:0a:36:48:94:af:f3:07:b5:7a:65:
50:39:82:1e:db:b3:1d:86:28:d6:de:f4:b6:bf:cf:d8:6d:dc:
2a:c9:c0:41:49:35:b0:1b:4c:47:10:8a:79:7f:e0:95:19:9d:
bb:42:c8:26:db:d5:2f:fd:fc:27:a6:0f:4e:11:7c:9e:28:34:
15:36:bd:26:4c:20:62:ba:50:f1:56:30:fc:93:d6:ab:60:4f:
52:fc:ca:54:e3:2b:e3:e7:86:57:f9:5c:2f:db:3b:3e:c4:7f:
62:c0:fa:66:81:3c:b6:30:7d:67:e7:4c:b9:a1:43:b3:cb:21:
fd:6d:1e:1e:c5:a3:d3:62:f4:75:da:04:62:49:4e:85:35:63:
68:75:0f:b2:2a:54:e5:dc:dc:01:ac:7e:69:ff:ba:01:78:93:
21:8b:53:f2:75:98:da:a8:15:1e:9b:9c:1c:16:51:dc:40:7d:
38:fc:d1:5e:80:8f:25:ac:ed:5a:2a:4e:3d:0c:31:23:ec:0f:
4b:0b:51:fa:81:5f:28:1b:72:e2:18:50:82:ad:be:32:a5:e7:
4e:80:b7:19
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQi+u9nE8XVIK2t8aJRepQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZjUzMmViYjA3ZWE4NTA2YjY1MzQzMGMwNDZlYzhkNDAy
Zjk2OGIwHhcNMjUwMTAxMTc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZhYzVhZjNkMWM3N2Q0NzAxNWY5NmMxYWMwOWQwY2QzMWYwMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIBIZc2bLxxdhXyQ3T+gA0aA15xq
NzG7Px+yFfmZKWEjQgGHoWw8k33JRfilGdkDV0/AbKF0rg09O/ac8Vf94YXPabiT
tbmV6bJuAQ/gIlul+EhOjJfFO6aq5TruqlIInr5LlC4OTOAanytqx4NpX7gZXwxf
EkbxMlYMW1n7Vew3x4pOudiYSBhvJyoKDtUquzSAzAUrTmqJQwA0NOij8gAjuhww
2cPUNtIVQPrxm1V+jWg0hGNzrK9CqjA4utdpvcsyazs64bFVYHlqJHEVmrVJ+/I9
utpoO4St1NvLGOLW0rxnErPiSRiPBju9tDvaj6bQIZqoF6n3d7waMN3kcQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDT6xa89HHfUcBX5bBrAnQzTHwK9MB8GA1UdIwQY
MBaAFH71MuuwfqhQa2U0MMBG7I1AL5aLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEt
NDc3MjcwNjYxMTYzLzEvTlByRnJ6MGNkOVJ3RmZsc0dzQ2RETk1mQXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEtNDc3MjcwNjYxMTYz
LzEvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwWzXAwQA
wWzbAwQAwW1cAwQAwW1eMA8EAgACMAkDBwAqD/hAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHk2/h9X7mS/lJ+DKqGwA6PLjJNItUVMZuCd+c7YPQ9t5xa66QwnKlW4MQWj
CjZIlK/zB7V6ZVA5gh7bsx2GKNbe9La/z9ht3CrJwEFJNbAbTEcQinl/4JUZnbtC
yCbb1S/9/CemD04RfJ4oNBU2vSZMIGK6UPFWMPyT1qtgT1L8ylTjK+Pnhlf5XC/b
Oz7Ef2LA+maBPLYwfWfnTLmhQ7PLIf1tHh7Fo9Ni9HXaBGJJToU1Y2h1D7IqVOXc
3AGsfmn/ugF4kyGLU/J1mNqoFR6bnBwWUdxAfTj80V6AjyWs7VoqTj0MMSPsD0sL
UfqBXygbcuIYUIKtvjKl506Atxk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net