Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/mNo4IYHo92XBLPNbZoddKhPLtKU.roa
File: mNo4IYHo92XBLPNbZoddKhPLtKU.roa (raw, json)
Hash identifier: 7hNGDboyqFNYWdp1oY9Hbrqz5kUwFFCSr1cVWvQDGWw=
Subject key identifier: 98:DA:38:21:81:E8:F7:65:C1:2C:F3:5B:66:87:5D:2A:13:CB:B4:A5
Certificate issuer: /CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Certificate serial: 0194B0E37F0128B3E7EFD67477BC70E4F20A
Authority key identifier: 35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/mNo4IYHo92XBLPNbZoddKhPLtKU.roa
Signing time: Wed 29 Jan 2025 07:08:06 +0000
ROA not before: Wed 29 Jan 2025 07:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201500
IP address blocks: 185.72.212.0/22 maxlen: 22
185.72.212.0/23 maxlen: 23
185.72.212.0/24 maxlen: 24
185.72.213.0/24 maxlen: 24
185.72.214.0/23 maxlen: 23
185.72.214.0/24 maxlen: 24
185.72.215.0/24 maxlen: 24
185.236.14.0/24 maxlen: 24
185.236.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b0:e3:7f:01:28:b3:e7:ef:d6:74:77:bc:70:e4:f2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Validity
Not Before: Jan 29 07:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98da382181e8f765c12cf35b66875d2a13cbb4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e9:19:7f:69:1f:ce:f7:23:54:7c:4c:1b:d5:
ec:3f:c8:92:cf:48:d6:4b:c1:33:c4:8c:1b:a8:c2:
e7:29:09:53:02:7e:5e:73:ba:80:63:b0:79:2a:59:
61:e6:06:fd:13:e3:09:f8:3c:80:bc:ed:89:6e:04:
c5:a3:82:72:b2:70:31:d1:fc:9a:ba:c5:bd:ea:9a:
61:b3:c6:26:95:8e:dd:19:87:e0:26:9c:be:8b:54:
17:de:81:06:cc:de:f4:a8:71:f2:07:8d:f4:fd:4f:
b6:6c:9f:d2:8e:dc:14:60:6e:6a:6d:1f:62:63:e1:
3b:d3:90:14:77:5b:e1:a0:4a:ea:19:2f:6b:31:3f:
28:b8:aa:5f:7e:92:05:9e:34:e8:cd:62:13:62:ad:
d3:87:22:be:e8:84:11:41:94:e5:8b:fe:59:bd:6a:
54:6f:a9:f6:d6:d2:7f:92:10:91:f7:ba:81:fb:f3:
21:79:16:cb:b8:d0:b8:b8:ce:64:d4:6a:3f:ba:26:
a9:e8:40:fc:e7:ae:cf:a3:93:ae:4c:60:5a:00:ea:
1d:31:83:ba:05:3a:83:e8:9f:18:0d:22:05:a7:3e:
3c:dc:58:20:c2:bf:1c:8b:34:99:de:1d:3f:93:ec:
f4:66:ff:3b:b5:44:13:18:1e:64:73:0a:10:8b:ed:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DA:38:21:81:E8:F7:65:C1:2C:F3:5B:66:87:5D:2A:13:CB:B4:A5
X509v3 Authority Key Identifier:
keyid:35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/mNo4IYHo92XBLPNbZoddKhPLtKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.212.0/22
185.236.14.0/23
Signature Algorithm: sha256WithRSAEncryption
46:b8:ec:41:40:eb:1f:77:0c:83:be:95:77:87:5c:46:de:20:
0b:40:4b:bc:53:72:0d:60:40:99:1d:73:9e:a9:85:61:c5:69:
2b:28:47:5f:21:86:af:13:4c:ef:ef:1b:b0:e9:81:1d:08:b6:
9d:e4:9d:52:bb:ff:b3:96:a2:60:3d:d8:85:75:49:8a:35:23:
1d:3b:89:fe:28:ac:78:a3:4e:d6:5c:d2:cf:8c:d4:ec:a9:b6:
6d:28:5e:eb:6a:e4:1f:ea:bd:42:54:a0:1a:c8:66:02:d7:e4:
04:44:60:ea:30:48:4a:0a:e0:7a:a7:af:28:b2:ac:b9:85:8a:
00:64:61:f4:d9:ba:d0:de:f4:35:65:cf:37:e9:fb:1e:5a:b8:
96:e3:c1:6a:f0:7d:e7:af:18:cb:a0:34:dc:04:24:2f:dd:fc:
31:37:2b:b6:6d:2c:2d:6b:3d:ac:b8:59:9c:f5:35:97:16:c0:
72:66:ff:1f:20:90:dc:23:4c:12:0d:f5:dc:c9:44:b8:a3:63:
ba:14:95:92:43:ec:27:46:4a:eb:84:50:6e:c7:45:ed:fe:52:
f5:4c:ca:d8:88:97:35:57:0a:b8:8e:85:b9:02:3c:ff:0a:e4:
51:3d:18:c7:2e:40:98:c4:62:22:3f:8a:ac:05:6f:e8:f5:b5:
ba:84:33:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSw438BKLPn79Z0d7xw5PIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OTVjN2JjN2U1ZmNkNzY5ZWQ2ZTUzMTExZjNjNWU0ODkx
ZjlkYTEwHhcNMjUwMTI5MDcwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRhMzgyMTgxZThmNzY1YzEyY2YzNWI2Njg3NWQyYTEzY2JiNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlukZf2kfzvcjVHxMG9XsP8iSz0jW
S8EzxIwbqMLnKQlTAn5ec7qAY7B5Kllh5gb9E+MJ+DyAvO2JbgTFo4JysnAx0fya
usW96pphs8YmlY7dGYfgJpy+i1QX3oEGzN70qHHyB430/U+2bJ/SjtwUYG5qbR9i
Y+E705AUd1vhoErqGS9rMT8ouKpffpIFnjTozWITYq3ThyK+6IQRQZTli/5ZvWpU
b6n21tJ/khCR97qB+/MheRbLuNC4uM5k1Go/uiap6ED8567Po5OuTGBaAOodMYO6
BTqD6J8YDSIFpz483Fggwr8cizSZ3h0/k+z0Zv87tUQTGB5kcwoQi+2+NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJjaOCGB6PdlwSzzW2aHXSoTy7SlMB8GA1UdIwQY
MBaAFDWVx7x+X812ntblMRHzxeSJH52hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODct
YmUwNDRhNGRmM2EwLzEvbU5vNElZSG85MlhCTFBOYlpvZGRLaFBMdEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODctYmUwNDRhNGRmM2Ew
LzEvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUjUAwQB
uewOMA0GCSqGSIb3DQEBCwUAA4IBAQBGuOxBQOsfdwyDvpV3h1xG3iALQEu8U3IN
YECZHXOeqYVhxWkrKEdfIYavE0zv7xuw6YEdCLad5J1Su/+zlqJgPdiFdUmKNSMd
O4n+KKx4o07WXNLPjNTsqbZtKF7rauQf6r1CVKAayGYC1+QERGDqMEhKCuB6p68o
sqy5hYoAZGH02brQ3vQ1Zc836fseWriW48Fq8H3nrxjLoDTcBCQv3fwxNyu2bSwt
az2suFmc9TWXFsByZv8fIJDcI0wSDfXcyUS4o2O6FJWSQ+wnRkrrhFBux0Xt/lL1
TMrYiJc1Vwq4joW5Ajz/CuRRPRjHLkCYxGIiP4qsBW/o9bW6hDMc
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:15 2025 by rpki-client