Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NT2WyCoWWmOEc-GFYNYG0I-Kwf0.roa
File: NT2WyCoWWmOEc-GFYNYG0I-Kwf0.roa (raw, json)
Hash identifier: o/wo78mn/3yAdpSneNffVTxHuLQ6YXYeOp7m5ESUOeM=
Subject key identifier: 35:3D:96:C8:2A:16:5A:63:84:73:E1:85:60:D6:06:D0:8F:8A:C1:FD
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 0193005A0B95886999262BBE872C9CEA9E16
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NT2WyCoWWmOEc-GFYNYG0I-Kwf0.roa
Signing time: Wed 06 Nov 2024 07:22:01 +0000
ROA not before: Wed 06 Nov 2024 07:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24935
IP address blocks: 37.235.92.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
94.158.182.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
195.74.80.0/24 maxlen: 24
2a10:5140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:5a:0b:95:88:69:99:26:2b:be:87:2c:9c:ea:9e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Nov 6 07:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=353d96c82a165a638473e18560d606d08f8ac1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4c:75:6c:bf:4c:c0:8a:e6:79:9c:c7:ec:8c:
98:f0:24:dc:f9:18:8d:72:60:b6:9c:1e:ab:a4:b8:
28:4f:e6:41:28:2f:bd:ea:51:ae:4d:f2:cb:e9:40:
89:a4:eb:8b:a2:86:78:57:00:42:41:90:ae:dc:00:
d9:59:27:db:86:45:3d:f1:71:0a:67:bd:3a:e6:58:
56:25:1d:54:0a:4e:35:c2:33:53:d6:c7:af:6b:b0:
ad:ae:f6:b2:f4:b3:84:6f:83:d7:3d:80:69:6c:91:
cb:22:df:e3:96:b3:a8:a0:de:ae:18:c0:9d:0c:0e:
e3:c4:c4:b0:d7:e4:eb:f3:eb:4b:95:62:8f:d7:7b:
94:52:99:72:44:97:ea:58:5f:bc:8d:03:a7:29:77:
72:28:41:c6:30:78:59:a6:15:7e:23:ed:5a:f9:81:
64:9b:73:40:df:31:e7:55:f5:0b:8a:44:b1:21:37:
f2:f7:06:b2:6a:56:07:b1:da:49:72:18:69:be:3d:
7b:a4:78:b8:87:40:02:2c:3d:fb:26:1b:53:1b:f2:
53:11:59:bb:5c:4d:62:93:62:6b:22:b0:24:53:e0:
b2:dc:b3:9f:5b:56:c3:7d:a4:1a:d7:08:7f:ec:55:
7b:e1:1a:32:11:c0:d9:e9:85:54:d0:f2:16:a5:20:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3D:96:C8:2A:16:5A:63:84:73:E1:85:60:D6:06:D0:8F:8A:C1:FD
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/NT2WyCoWWmOEc-GFYNYG0I-Kwf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
94.158.182.0/24
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
IPv6:
2a10:5140::/29
Signature Algorithm: sha256WithRSAEncryption
7f:80:3b:79:37:aa:80:8b:33:3f:6c:3e:95:bd:3e:47:85:ad:
46:9b:45:a3:ae:57:e5:84:a8:e1:5c:bb:c5:24:d8:3f:27:3c:
cb:da:5d:d9:38:19:78:1a:03:72:24:c5:08:13:db:28:4e:d7:
75:a7:6f:d2:3d:21:e4:73:c2:87:50:b2:8b:3c:1d:44:85:b4:
9c:3c:ca:ee:4a:c4:5c:4e:10:f3:b1:09:c5:79:cd:b1:98:24:
0c:1b:67:0c:e7:58:a4:0d:66:8b:ef:e3:cc:1b:69:cb:2b:59:
6c:41:12:45:4e:08:ef:df:31:c6:a5:e4:30:e7:d0:19:6a:e8:
b0:fa:10:69:c5:58:ec:95:a3:8f:8a:ac:01:ea:69:90:f9:96:
75:9a:c5:9d:f2:ac:80:1e:32:a5:b8:08:50:2a:a8:a6:f0:51:
19:4f:d2:1e:6e:6f:53:db:0d:00:38:d0:97:76:13:aa:2b:6c:
73:0c:9b:dc:9a:1c:b2:16:1a:95:86:56:a3:fc:6d:17:c9:c7:
41:32:6c:72:58:7f:f0:94:a2:21:51:cb:0e:74:d0:08:5c:91:
89:e0:77:a7:e8:1e:40:3f:64:9f:e3:68:c6:b9:81:99:f8:ab:
94:d1:0c:c1:0e:a0:25:ec:4b:cb:3b:ee:6d:e2:22:54:73:96:
e1:3f:80:d4
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZMAWguViGmZJiu+hyyc6p4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQxMTA2MDcyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNkOTZjODJhMTY1YTYzODQ3M2UxODU2MGQ2MDZkMDhmOGFjMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEx1bL9MwIrmeZzH7IyY8CTc+RiN
cmC2nB6rpLgoT+ZBKC+96lGuTfLL6UCJpOuLooZ4VwBCQZCu3ADZWSfbhkU98XEK
Z7065lhWJR1UCk41wjNT1seva7Ctrvay9LOEb4PXPYBpbJHLIt/jlrOooN6uGMCd
DA7jxMSw1+Tr8+tLlWKP13uUUplyRJfqWF+8jQOnKXdyKEHGMHhZphV+I+1a+YFk
m3NA3zHnVfULikSxITfy9wayalYHsdpJchhpvj17pHi4h0ACLD37JhtTG/JTEVm7
XE1ik2JrIrAkU+Cy3LOfW1bDfaQa1wh/7FV74RoyEcDZ6YVU0PIWpSBp8wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDU9lsgqFlpjhHPhhWDWBtCPisH9MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvTlQyV3lDb1dXbU9FYy1HRllOWUcwSS1Ld2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBJetcAwQB
Lh16AwQAXp62AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0E
AgACMAcDBQMqEFFAMA0GCSqGSIb3DQEBCwUAA4IBAQB/gDt5N6qAizM/bD6VvT5H
ha1Gm0WjrlflhKjhXLvFJNg/JzzL2l3ZOBl4GgNyJMUIE9soTtd1p2/SPSHkc8KH
ULKLPB1EhbScPMruSsRcThDzsQnFec2xmCQMG2cM51ikDWaL7+PMG2nLK1lsQRJF
Tgjv3zHGpeQw59AZauiw+hBpxVjslaOPiqwB6mmQ+ZZ1msWd8qyAHjKluAhQKqim
8FEZT9Iebm9T2w0AONCXdhOqK2xzDJvcmhyyFhqVhlaj/G0XycdBMmxyWH/wlKIh
UcsOdNAIXJGJ4Hen6B5AP2Sf42jGuYGZ+KuU0QzBDqAl7EvLO+5t4iJUc5bhP4DU
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:31 2024 by rpki-client on console.sobornost.net