Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3RunMUh4oAQ9wdf2Dd4ARj1niHg.roa
File: 3RunMUh4oAQ9wdf2Dd4ARj1niHg.roa (raw, json)
Hash identifier: lEZ5kcduYZp0E6i/6J7JDlW4GW+/mrJfBLBAN1/HShs=
Subject key identifier: DD:1B:A7:31:48:78:A0:04:3D:C1:D7:F6:0D:DE:00:46:3D:67:88:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01960A854B66F434C53B91E27307605E02DB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3RunMUh4oAQ9wdf2Dd4ARj1niHg.roa
Signing time: Sun 06 Apr 2025 09:53:49 +0000
ROA not before: Sun 06 Apr 2025 09:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0a:85:4b:66:f4:34:c5:3b:91:e2:73:07:60:5e:02:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 09:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd1ba7314878a0043dc1d7f60dde00463d678878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:1f:dc:68:c7:20:aa:7d:fb:b6:3e:2a:49:
ee:8d:d2:1b:70:3c:71:1b:70:40:ec:4c:5f:41:53:
33:2a:be:d8:f0:1e:94:8f:3e:00:8e:87:36:79:62:
d9:e7:85:d4:d9:9c:3b:98:27:4d:6d:fd:45:e8:c3:
06:3b:d9:29:b8:a2:52:47:86:a6:da:ad:3b:1c:66:
9e:45:51:1f:d4:10:0d:1b:a3:b5:0c:9c:3c:52:8a:
3b:e9:d9:39:91:79:41:15:95:d9:40:38:6a:82:ca:
5b:41:f8:0d:1f:fe:80:7c:67:d8:f9:63:c3:d8:d6:
eb:9a:57:31:99:94:21:69:02:f9:c0:82:37:8b:4e:
b8:67:2e:03:94:2b:81:1c:03:9a:72:6d:c7:c2:88:
f0:48:6a:58:20:4b:6d:88:9b:9f:21:ee:6b:4a:29:
34:0f:bd:f6:88:06:47:67:81:ad:50:c1:a0:22:eb:
bc:ff:ba:64:c5:64:65:87:0c:16:ae:7c:4c:54:fc:
69:af:bd:eb:07:ca:b2:03:cd:05:7b:3e:a9:93:65:
86:0a:d4:bd:82:8c:9a:a1:76:c9:31:b3:3d:b3:44:
c5:70:87:5b:28:05:5a:58:d7:5b:ab:75:3a:8e:80:
6d:d4:60:4a:5e:35:7f:8c:96:7e:14:a5:30:62:13:
ab:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1B:A7:31:48:78:A0:04:3D:C1:D7:F6:0D:DE:00:46:3D:67:88:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3RunMUh4oAQ9wdf2Dd4ARj1niHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.88.0/24
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.169.0/24
194.87.185.0/24
195.133.6.0/24
195.133.29.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:76:d2:65:c0:09:bf:32:2a:a3:03:4c:26:3f:ef:e5:94:cd:
29:75:ab:50:00:5b:a9:d7:df:61:ec:5a:e5:8c:de:c1:fb:c2:
1c:7b:1d:e2:16:4f:41:54:aa:91:68:08:85:2b:66:9d:09:f0:
a5:ef:18:9a:16:fe:5f:56:2b:f0:2e:eb:4a:b4:39:07:be:0b:
1f:c3:2a:7d:1f:9e:c7:21:4c:c9:6c:66:25:a6:44:14:82:04:
8b:54:11:fd:4b:63:39:e1:5e:ea:ec:d5:ab:4c:c6:3d:48:48:
da:00:64:35:77:b1:27:a8:4d:99:4c:13:45:fd:71:72:34:21:
ea:2a:59:6b:d2:fc:df:f6:f3:77:19:63:16:a0:4e:33:04:03:
d2:c8:79:53:fb:a9:3c:b0:67:13:50:c1:46:bd:c6:8f:c1:5f:
fb:ad:73:51:fb:4c:ba:22:05:76:7d:57:66:e0:31:c2:96:56:
ef:9e:6d:dc:27:61:96:15:51:a5:31:a4:c7:17:9e:fe:85:35:
16:ec:19:ed:ee:64:f4:b5:de:2b:f2:60:33:84:fc:0f:ea:76:
67:69:2f:12:b6:73:4a:5a:70:b6:fe:e0:c0:26:78:92:46:62:
bc:f8:9b:0a:8b:78:2a:3d:06:e2:cd:35:3f:d0:4e:32:8b:57:
18:cc:b7:d1
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZYKhUtm9DTFO5HicwdgXgLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDA2MDk1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFiYTczMTQ4NzhhMDA0M2RjMWQ3ZjYwZGRlMDA0NjNkNjc4ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQf3GjHIKp9+7Y+KknujdIbcDxx
G3BA7ExfQVMzKr7Y8B6Ujz4Ajoc2eWLZ54XU2Zw7mCdNbf1F6MMGO9kpuKJSR4am
2q07HGaeRVEf1BANG6O1DJw8Uoo76dk5kXlBFZXZQDhqgspbQfgNH/6AfGfY+WPD
2NbrmlcxmZQhaQL5wII3i064Zy4DlCuBHAOacm3HwojwSGpYIEttiJufIe5rSik0
D732iAZHZ4GtUMGgIuu8/7pkxWRlhwwWrnxMVPxpr73rB8qyA80Fez6pk2WGCtS9
goyaoXbJMbM9s0TFcIdbKAVaWNdbq3U6joBt1GBKXjV/jJZ+FKUwYhOr/wIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFN0bpzFIeKAEPcHX9g3eAEY9Z4h4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM1J1bk1VaDRvQVE5d2RmMkRkNEFSajFuaUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMB8vwME
AMF8BQMEAMJXDAMEAMJXFgMEAMJXIAMEAMJXKAMEAMJXWAMEAMJXfAMEAMJXiAME
AMJXjgMEAMJXlgMEAMJXqQMEAMJXuQMEAMOFBgMEAMOFHQMEAcOFKgMEAMOFSAME
AMOFVQMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAWnbSZcAJvzIqowNMJj/v5ZTN
KXWrUABbqdffYexa5YzewfvCHHsd4hZPQVSqkWgIhStmnQnwpe8Ymhb+X1Yr8C7r
SrQ5B74LH8MqfR+exyFMyWxmJaZEFIIEi1QR/UtjOeFe6uzVq0zGPUhI2gBkNXex
J6hNmUwTRf1xcjQh6ipZa9L83/bzdxljFqBOMwQD0sh5U/upPLBnE1DBRr3Gj8Ff
+61zUftMuiIFdn1XZuAxwpZW755t3CdhlhVRpTGkxxee/oU1FuwZ7e5k9LXeK/Jg
M4T8D+p2Z2kvErZzSlpwtv7gwCZ4kkZivPibCot4Kj0G4s01P9BOMotXGMy30Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net