Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/nfREQDaYK_u_RRzhJTauvf2Y8ak.roa
File: nfREQDaYK_u_RRzhJTauvf2Y8ak.roa (raw, json)
Hash identifier: NLnHR9EroQCyhWmQwjRMOzrKCez85XwXecl2W6KaGHY=
Subject key identifier: 9D:F4:44:40:36:98:2B:FB:BF:45:1C:E1:25:36:AE:BD:FD:98:F1:A9
Certificate issuer: /CN=6150ca1baf9f9f6fe13d89e2664470493fe65e65
Certificate serial: 01941F8BFFE2E500492AF76B235646A2BD57
Authority key identifier: 61:50:CA:1B:AF:9F:9F:6F:E1:3D:89:E2:66:44:70:49:3F:E6:5E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YVDKG6-fn2_hPYniZkRwST_mXmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/nfREQDaYK_u_RRzhJTauvf2Y8ak.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43542
IP address blocks: 78.156.128.0/19 maxlen: 19
185.85.92.0/22 maxlen: 22
2a00:d940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:ff:e2:e5:00:49:2a:f7:6b:23:56:46:a2:bd:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6150ca1baf9f9f6fe13d89e2664470493fe65e65
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9df4444036982bfbbf451ce12536aebdfd98f1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:53:e9:d8:4c:b7:6a:6e:60:99:6e:fe:93:d4:
b7:c4:92:22:ed:24:48:04:5d:6d:db:c7:13:4e:04:
40:69:7d:3f:dc:28:55:b8:10:7b:4e:7c:cd:91:42:
c1:ad:ae:33:91:cb:27:47:36:b9:48:ea:e5:78:34:
da:a9:1b:4d:a5:ee:70:87:c2:a8:a6:51:26:d1:a7:
2d:b7:9e:dc:80:d7:5f:df:cd:8a:af:d6:03:24:8e:
02:1e:16:ee:6c:03:66:a2:e6:82:37:96:e3:d1:c4:
4a:9e:09:07:62:3a:df:fa:d9:5b:e9:45:e5:11:6a:
43:56:c5:c5:9d:1c:85:c9:74:65:f2:de:af:78:06:
17:35:13:ac:1c:47:01:1a:fe:2a:1a:0b:39:01:24:
a2:f5:27:34:f0:e2:9d:59:2a:e6:b1:57:c4:f6:d7:
be:5d:38:a5:7b:5e:7d:50:3b:df:ad:0f:93:06:b3:
4e:c7:d6:c2:6d:de:14:73:8d:88:78:fb:eb:61:ed:
bf:0d:3b:0b:0c:ed:83:3f:38:9b:d2:9e:1a:b3:af:
90:a1:5a:bf:eb:32:1b:b3:cd:9d:96:a9:2d:9e:63:
4f:e7:24:72:9f:fd:03:37:e2:89:ad:13:e4:5a:84:
66:c4:15:b9:04:20:55:21:f3:60:e2:5f:09:c8:8f:
f8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F4:44:40:36:98:2B:FB:BF:45:1C:E1:25:36:AE:BD:FD:98:F1:A9
X509v3 Authority Key Identifier:
keyid:61:50:CA:1B:AF:9F:9F:6F:E1:3D:89:E2:66:44:70:49:3F:E6:5E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YVDKG6-fn2_hPYniZkRwST_mXmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/nfREQDaYK_u_RRzhJTauvf2Y8ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/YVDKG6-fn2_hPYniZkRwST_mXmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.156.128.0/19
185.85.92.0/22
IPv6:
2a00:d940::/32
Signature Algorithm: sha256WithRSAEncryption
7a:7b:eb:20:09:00:47:1f:d1:a4:7a:c9:67:34:c2:6b:6d:b7:
f7:f1:3d:de:53:2a:86:69:4a:c2:70:0b:8b:d4:b9:6a:08:45:
7b:5b:e7:ca:26:22:13:5e:d9:e5:cb:cd:bf:4d:a2:44:e2:c5:
1f:fe:50:6a:9e:e2:45:43:95:f1:1c:8a:fb:ff:df:24:4c:63:
d9:64:4e:89:85:40:e7:56:66:fb:a9:f2:aa:8a:d9:17:b3:6f:
01:bf:49:27:56:70:88:da:ca:4b:eb:b8:a2:62:5e:14:b8:82:
3e:18:81:ed:85:7f:42:29:d6:df:49:6c:8b:d7:99:71:8f:e6:
32:8b:6f:d0:c2:3a:30:97:ee:9f:50:c8:da:5d:bb:9d:0a:06:
e3:b2:19:78:87:ca:bf:b5:b6:ea:43:fa:26:d1:b1:dc:4b:b1:
0d:88:31:48:ea:58:93:8d:e1:ca:cc:9b:aa:05:61:e1:99:1c:
b7:1f:9d:74:fd:44:7f:1c:09:d4:90:8b:bd:d0:55:88:8e:13:
f3:6e:bd:88:aa:58:49:f3:28:73:68:ff:b8:04:1e:d4:1b:42:
9b:7a:f7:01:fe:e4:cf:d9:b3:78:80:eb:28:aa:d1:73:0a:a2:
06:3c:3a:4b:2c:97:b8:be:3a:97:e1:db:15:d0:af:2f:73:dd:
b6:e2:bb:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfi//i5QBJKvdrI1ZGor1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNTBjYTFiYWY5ZjlmNmZlMTNkODllMjY2NDQ3MDQ5M2Zl
NjVlNjUwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY0NDQ0MDM2OTgyYmZiYmY0NTFjZTEyNTM2YWViZGZkOThmMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlPp2Ey3am5gmW7+k9S3xJIi7SRI
BF1t28cTTgRAaX0/3ChVuBB7TnzNkULBra4zkcsnRza5SOrleDTaqRtNpe5wh8Ko
plEm0actt57cgNdf382Kr9YDJI4CHhbubANmouaCN5bj0cRKngkHYjrf+tlb6UXl
EWpDVsXFnRyFyXRl8t6veAYXNROsHEcBGv4qGgs5ASSi9Sc08OKdWSrmsVfE9te+
XTile159UDvfrQ+TBrNOx9bCbd4Uc42IePvrYe2/DTsLDO2DPzib0p4as6+QoVq/
6zIbs82dlqktnmNP5yRyn/0DN+KJrRPkWoRmxBW5BCBVIfNg4l8JyI/4KQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ30REA2mCv7v0Uc4SU2rr39mPGpMB8GA1UdIwQY
MBaAFGFQyhuvn59v4T2J4mZEcEk/5l5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVZES0c2LWZuMl9oUFluaVprUndTVF9tWG1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC81NTE0MzctOTg3Zi00OGQ0LWFhMGUt
OTQ3ZWFkOWYxNGVkLzEvbmZSRVFEYVlLX3VfUlJ6aEpUYXV2ZjJZOGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC81NTE0MzctOTg3Zi00OGQ0LWFhMGUtOTQ3ZWFkOWYxNGVk
LzEvWVZES0c2LWZuMl9oUFluaVprUndTVF9tWG1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFTpyAAwQC
uVVcMA0EAgACMAcDBQAqANlAMA0GCSqGSIb3DQEBCwUAA4IBAQB6e+sgCQBHH9Gk
eslnNMJrbbf38T3eUyqGaUrCcAuL1LlqCEV7W+fKJiITXtnly82/TaJE4sUf/lBq
nuJFQ5XxHIr7/98kTGPZZE6JhUDnVmb7qfKqitkXs28Bv0knVnCI2spL67iiYl4U
uII+GIHthX9CKdbfSWyL15lxj+Yyi2/Qwjowl+6fUMjaXbudCgbjshl4h8q/tbbq
Q/om0bHcS7ENiDFI6liTjeHKzJuqBWHhmRy3H510/UR/HAnUkIu90FWIjhPzbr2I
qlhJ8yhzaP+4BB7UG0KbevcB/uTP2bN4gOsoqtFzCqIGPDpLLJe4vjqX4dsV0K8v
c9224rsO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net