Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/NS5b0PGbWotAIYMckbCTZQBj8Lw.roa
File: NS5b0PGbWotAIYMckbCTZQBj8Lw.roa (raw, json)
Hash identifier: MgQ66zaWbIbQhYagmVb0WjGZYhV+fCIGw9jelQ16jzo=
Subject key identifier: 35:2E:5B:D0:F1:9B:5A:8B:40:21:83:1C:91:B0:93:65:00:63:F0:BC
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 019422FB6C5E758C578C722FD1ADB7B1ADBD
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/NS5b0PGbWotAIYMckbCTZQBj8Lw.roa
Signing time: Wed 01 Jan 2025 17:48:10 +0000
ROA not before: Wed 01 Jan 2025 17:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215013
IP address blocks: 89.223.9.0/24 maxlen: 24
188.72.103.0/24 maxlen: 24
188.72.104.0/24 maxlen: 24
188.72.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6c:5e:75:8c:57:8c:72:2f:d1:ad:b7:b1:ad:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jan 1 17:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=352e5bd0f19b5a8b4021831c91b093650063f0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ec:85:46:d9:a8:c8:62:90:a9:71:5f:39:7f:
36:2a:92:3b:b2:90:30:5d:ea:52:b1:c4:a7:66:a0:
b8:30:12:7d:02:7c:d2:b9:b2:e7:05:f9:94:a1:b2:
e4:27:15:83:24:48:52:13:3d:4e:2c:5d:a1:03:b5:
10:0b:17:89:8b:47:c2:f0:3c:7b:cb:16:16:41:5b:
3f:41:af:de:84:85:ff:e9:ea:7a:57:cd:22:27:4b:
b9:59:9a:da:ae:51:19:a2:87:b5:49:09:83:7c:92:
0b:2d:36:5f:65:22:96:1d:37:30:78:f9:0c:cc:2f:
af:b7:65:27:e4:a2:2c:4a:de:c1:24:97:f2:11:45:
60:bb:c2:07:58:2e:82:ca:68:d8:18:ce:74:1c:56:
97:33:70:1a:a0:25:8e:fd:47:df:55:1e:4d:37:8c:
79:14:aa:83:5b:e5:1c:a6:ec:b4:17:da:12:34:65:
8c:a4:50:29:dd:4a:e5:fa:02:27:33:81:48:b8:ed:
93:da:df:cc:81:39:46:1c:40:30:37:39:7a:9e:bd:
56:81:5f:ae:36:8f:14:12:ed:42:5f:ba:15:87:68:
0d:df:bf:ec:a7:51:25:4c:93:c2:ec:18:b2:47:65:
6b:21:17:20:54:ca:41:56:59:ca:60:07:0d:06:b9:
b3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2E:5B:D0:F1:9B:5A:8B:40:21:83:1C:91:B0:93:65:00:63:F0:BC
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/NS5b0PGbWotAIYMckbCTZQBj8Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.9.0/24
188.72.103.0-188.72.105.255
Signature Algorithm: sha256WithRSAEncryption
57:da:12:71:c1:54:d5:da:01:e3:d8:c3:bf:42:07:64:28:33:
bb:7d:6d:bb:b5:b0:62:3f:ef:3b:b4:f2:ed:aa:53:10:77:52:
84:65:b2:ac:8d:2f:db:4b:6e:39:b5:62:73:de:f0:9c:d7:3f:
56:98:29:0c:a3:6c:c5:6c:ce:42:36:07:86:f4:0b:d8:69:71:
cc:9c:d8:d5:3b:d2:8f:f0:b4:a2:87:d6:93:4a:6c:de:39:ab:
ac:1c:da:9f:10:e7:e4:d9:a4:14:9e:85:8b:27:c8:d2:44:51:
21:91:bf:fe:23:06:cc:7f:74:38:75:47:9e:a9:a6:b8:b8:cb:
fc:0e:df:f5:e4:8e:51:a8:98:ce:d4:92:35:55:d6:89:a2:4b:
a2:64:d9:f0:de:44:f6:5b:e3:3c:9b:2a:7c:65:e9:ef:5b:9a:
34:33:e4:03:9e:6a:9d:39:0e:02:2b:41:8e:bb:e7:77:ce:41:
f0:f0:6c:fa:35:78:af:c0:12:c7:ee:51:20:d8:37:67:2b:a3:
5f:6e:e7:3c:41:e0:db:38:f4:91:4b:c1:19:29:f4:42:60:7f:
d4:22:dc:27:d3:a6:30:8d:99:bf:a4:2a:3b:c9:4f:b0:a3:5a:
ad:9b:28:ad:7d:52:c4:be:42:3b:bd:81:c8:b1:7f:68:fb:64:
48:8b:17:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQi+2xedYxXjHIv0a23sa29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjUwMTAxMTc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJlNWJkMGYxOWI1YThiNDAyMTgzMWM5MWIwOTM2NTAwNjNmMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuyFRtmoyGKQqXFfOX82KpI7spAw
XepSscSnZqC4MBJ9AnzSubLnBfmUobLkJxWDJEhSEz1OLF2hA7UQCxeJi0fC8Dx7
yxYWQVs/Qa/ehIX/6ep6V80iJ0u5WZrarlEZooe1SQmDfJILLTZfZSKWHTcwePkM
zC+vt2Un5KIsSt7BJJfyEUVgu8IHWC6CymjYGM50HFaXM3AaoCWO/UffVR5NN4x5
FKqDW+Ucpuy0F9oSNGWMpFAp3Url+gInM4FIuO2T2t/MgTlGHEAwNzl6nr1WgV+u
No8UEu1CX7oVh2gN37/sp1ElTJPC7BiyR2VrIRcgVMpBVlnKYAcNBrmzzwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDUuW9Dxm1qLQCGDHJGwk2UAY/C8MB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvTlM1YjBQR2JXb3RBSVlNY2tiQ1RaUUJqOEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWd8JMAwD
BAC8SGcDBAG8SGgwDQYJKoZIhvcNAQELBQADggEBAFfaEnHBVNXaAePYw79CB2Qo
M7t9bbu1sGI/7zu08u2qUxB3UoRlsqyNL9tLbjm1YnPe8JzXP1aYKQyjbMVszkI2
B4b0C9hpccyc2NU70o/wtKKH1pNKbN45q6wc2p8Q5+TZpBSehYsnyNJEUSGRv/4j
Bsx/dDh1R56ppri4y/wO3/XkjlGomM7UkjVV1omiS6Jk2fDeRPZb4zybKnxl6e9b
mjQz5AOeap05DgIrQY6753fOQfDwbPo1eK/AEsfuUSDYN2cro19u5zxB4Ns49JFL
wRkp9EJgf9Qi3CfTpjCNmb+kKjvJT7CjWq2bKK19UsS+Qju9gcixf2j7ZEiLF/Q=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net