Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/NbGWG3NpLbVIkL-qD8t3emMT-Rg.roa
File: NbGWG3NpLbVIkL-qD8t3emMT-Rg.roa (raw, json)
Hash identifier: ypnJ9qrdnarxSUfM3JIVrL+uxFcZGbRNMRTNO5cuWJE=
Subject key identifier: 35:B1:96:1B:73:69:2D:B5:48:90:BF:AA:0F:CB:77:7A:63:13:F9:18
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0194AD4F0CD02F6D7E30F9F5BB2F4C5A43EF
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/NbGWG3NpLbVIkL-qD8t3emMT-Rg.roa
Signing time: Tue 28 Jan 2025 14:27:06 +0000
ROA not before: Tue 28 Jan 2025 14:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.0.0/21 maxlen: 24
217.154.8.0/22 maxlen: 24
217.154.13.0/24 maxlen: 24
217.154.14.0/23 maxlen: 24
217.154.16.0/21 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:4f:0c:d0:2f:6d:7e:30:f9:f5:bb:2f:4c:5a:43:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Jan 28 14:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35b1961b73692db54890bfaa0fcb777a6313f918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:a7:df:16:0d:ec:2f:65:42:44:ce:2e:cd:
a9:bb:c1:f4:e4:c6:70:8e:45:a8:c4:35:cd:5f:df:
5e:71:a4:3d:06:4e:0d:62:a3:08:f7:06:de:ad:25:
a1:11:84:db:50:b8:6a:7b:62:09:ad:4e:91:6e:00:
15:9f:ee:af:d8:9c:04:d5:e7:02:ca:cb:a5:28:f6:
7e:49:58:aa:af:65:1d:35:e6:0b:3b:05:18:68:19:
c4:26:4f:ba:7a:95:cc:9f:07:f0:e9:a6:6d:b6:64:
07:75:11:77:1b:3e:c7:ee:46:d1:f5:ca:1e:60:d3:
40:77:c7:a7:58:91:35:af:f0:ef:5d:65:27:90:a0:
ce:92:61:c3:15:cc:57:2e:59:39:66:ee:de:be:a0:
04:dc:91:28:3f:14:94:05:e0:2b:ac:bd:44:d6:bd:
62:39:20:ee:78:2c:19:03:16:7d:62:8f:28:b9:2f:
95:9a:e2:52:0c:2b:cd:3f:91:fd:0f:16:aa:9f:24:
ce:05:5e:47:9b:26:13:1a:91:a9:02:e0:dd:2a:a5:
c9:89:df:40:f9:db:4e:93:4e:1c:a3:22:cd:d6:75:
93:df:4f:db:b0:82:1f:df:6e:8b:6a:60:1b:98:c4:
c5:89:f3:ba:7f:c5:09:50:cd:09:01:52:75:71:79:
5e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B1:96:1B:73:69:2D:B5:48:90:BF:AA:0F:CB:77:7A:63:13:F9:18
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/NbGWG3NpLbVIkL-qD8t3emMT-Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.0.0-217.154.11.255
217.154.13.0-217.154.23.255
217.154.64.0/21
217.154.74.0-217.154.89.255
217.154.91.0/24
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
2d:1c:d5:9a:1e:0e:7f:49:bf:a5:20:59:be:cf:76:fa:f1:80:
23:34:1a:d0:9d:0b:50:64:ca:35:f8:71:28:b3:03:fb:75:a3:
19:d8:36:69:77:08:6b:cc:73:9e:47:92:1a:4f:f4:96:4d:36:
4a:14:1e:f4:06:05:f1:c7:85:ed:ea:6b:05:ac:23:7c:79:60:
f5:26:e7:37:5c:ea:94:7a:7b:df:67:d0:66:ba:e4:41:50:6c:
18:c3:7d:f0:c3:b0:41:99:f5:24:97:a7:46:ab:80:17:4d:b9:
79:f8:42:dd:6b:be:e3:06:85:91:d1:29:57:0b:ab:85:d0:f4:
6f:98:53:61:b4:8a:02:54:a6:31:32:37:22:ab:29:a4:ef:32:
f3:17:0d:e7:02:1a:3d:68:a8:cd:e0:82:49:a5:4c:96:42:e5:
61:32:1e:c7:22:a5:a0:0d:dd:e6:3f:bf:b3:35:40:b2:be:42:
7c:c6:e0:04:15:ba:c6:e0:1f:56:15:70:4e:b3:df:13:bb:32:
b5:21:b3:88:1d:4d:fc:37:f2:08:43:f9:ea:3d:80:d5:38:17:
42:32:ab:b6:4a:dd:2f:98:4f:9f:f9:43:8e:91:1d:2b:3c:36:
75:7d:5b:4c:08:2a:ce:e4:07:be:9b:2f:15:9a:b6:0f:92:df:
76:1d:a0:aa
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZStTwzQL21+MPn1uy9MWkPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwMTI4MTQyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIxOTYxYjczNjkyZGI1NDg5MGJmYWEwZmNiNzc3YTYzMTNmOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiWn3xYN7C9lQkTOLs2pu8H05MZw
jkWoxDXNX99ecaQ9Bk4NYqMI9wberSWhEYTbULhqe2IJrU6RbgAVn+6v2JwE1ecC
ysulKPZ+SViqr2UdNeYLOwUYaBnEJk+6epXMnwfw6aZttmQHdRF3Gz7H7kbR9coe
YNNAd8enWJE1r/DvXWUnkKDOkmHDFcxXLlk5Zu7evqAE3JEoPxSUBeArrL1E1r1i
OSDueCwZAxZ9Yo8ouS+VmuJSDCvNP5H9DxaqnyTOBV5HmyYTGpGpAuDdKqXJid9A
+dtOk04coyLN1nWT30/bsIIf326LamAbmMTFifO6f8UJUM0JAVJ1cXle7wIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFDWxlhtzaS21SJC/qg/Ld3pjE/kYMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvTmJHV0czTnBMYlZJa0wtcUQ4dDNlbU1ULVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCB0AQCAAEwgckDBAQF
+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQCuTB0
AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgDBATC
pKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwDALAwMB
2ZoDBALZmggwDAMEANmaDQMEA9maEAMEA9maQDAMAwQB2ZpKAwQB2ZpYAwQA2Zpb
AwMA2aAwFAQCAAIwDgMFACABCNgDBQMqAiR4MA0GCSqGSIb3DQEBCwUAA4IBAQAt
HNWaHg5/Sb+lIFm+z3b68YAjNBrQnQtQZMo1+HEoswP7daMZ2DZpdwhrzHOeR5Ia
T/SWTTZKFB70BgXxx4Xt6msFrCN8eWD1Juc3XOqUenvfZ9BmuuRBUGwYw33ww7BB
mfUkl6dGq4AXTbl5+ELda77jBoWR0SlXC6uF0PRvmFNhtIoCVKYxMjciqymk7zLz
Fw3nAho9aKjN4IJJpUyWQuVhMh7HIqWgDd3mP7+zNUCyvkJ8xuAEFbrG4B9WFXBO
s98TuzK1IbOIHU38N/IIQ/nqPYDVOBdCMqu2St0vmE+f+UOOkR0rPDZ1fVtMCCrO
5Ae+my8VmrYPkt92HaCq
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:17 2025 by rpki-client