Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7D7hL74VTBkNp4WPhBgX68vngYY.roa
File: 7D7hL74VTBkNp4WPhBgX68vngYY.roa (raw, json)
Hash identifier: ild3gCG+8BBgW/Cjn1WBLmDJVtmBgvz2hQayEhEKJHs=
Subject key identifier: EC:3E:E1:2F:BE:15:4C:19:0D:A7:85:8F:84:18:17:EB:CB:E7:81:86
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01962EC366B55BAC57344103EBF3271B57A4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7D7hL74VTBkNp4WPhBgX68vngYY.roa
Signing time: Sun 13 Apr 2025 10:47:59 +0000
ROA not before: Sun 13 Apr 2025 10:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2e:c3:66:b5:5b:ac:57:34:41:03:eb:f3:27:1b:57:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 13 10:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec3ee12fbe154c190da7858f841817ebcbe78186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:61:a3:94:00:7d:e4:c3:2c:96:6f:46:4f:7f:
b2:df:07:f4:c7:7d:1b:6f:b5:d2:1a:a9:c4:11:38:
b7:09:a7:03:fa:86:6d:ce:65:41:0b:5f:73:72:dd:
50:4d:29:ef:24:69:24:a7:8c:38:00:db:ff:21:61:
ce:86:05:d5:a1:6a:4e:46:3a:41:49:0f:17:1f:a4:
58:6e:a8:f7:86:8c:2a:74:9e:92:89:e0:fc:f2:40:
74:7b:17:a7:6d:98:fa:ce:96:21:cd:bd:19:6f:c8:
3f:c1:1c:be:8b:10:c0:1d:88:c3:cb:24:f9:de:cd:
73:ae:24:1b:18:56:ee:6f:b8:cc:70:0a:d6:5f:62:
50:37:94:7e:78:3e:3e:a6:19:44:f0:f5:5c:30:70:
1c:f8:0b:8b:30:a7:00:07:3e:c8:ca:98:50:fe:c8:
8d:c0:2d:f3:96:01:29:35:c5:f6:52:3a:bf:d2:20:
d1:04:eb:c4:43:ab:d2:e9:6b:43:0d:92:a0:f1:f5:
41:bc:f2:fd:4f:16:eb:41:e6:40:1b:ae:1e:2f:52:
c9:35:17:a4:a8:d1:db:db:de:05:0f:57:9b:93:53:
1d:d7:74:d6:ff:6e:8d:57:2c:0c:23:9b:e9:a6:67:
98:d5:67:9a:6b:6a:28:69:c5:a0:cd:a6:3a:86:8a:
bd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3E:E1:2F:BE:15:4C:19:0D:A7:85:8F:84:18:17:EB:CB:E7:81:86
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7D7hL74VTBkNp4WPhBgX68vngYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
04:83:e1:a7:ae:12:50:f0:42:a0:18:c1:6e:0c:b5:63:f5:4f:
31:85:82:c7:9f:a1:f9:e0:8f:cb:36:59:4c:46:af:5d:ad:e8:
9e:03:c3:26:64:7c:99:20:1f:1a:95:09:07:b8:c4:4c:26:11:
38:a2:e5:c6:40:b3:72:e9:e6:43:e9:f6:b5:b9:9c:bd:58:b6:
3c:8d:23:2e:0a:ae:8a:da:e8:d2:28:4b:db:8f:cd:58:3f:96:
7f:0f:52:6c:31:e8:cc:17:b3:e5:8a:27:04:b9:20:1d:6b:27:
9e:5f:db:1d:e1:a4:a0:cc:80:ff:84:0e:1d:ce:08:f4:b7:41:
d9:89:da:a0:7b:36:8f:b6:0d:f8:b0:eb:be:24:f8:67:3d:da:
58:ea:fd:c9:ce:d9:a9:29:88:69:32:e5:86:87:76:61:3c:b3:
bb:57:77:a6:bc:37:a0:74:ba:25:fb:e4:e1:22:b2:da:98:bf:
7a:63:d6:5f:f2:3d:f0:6b:a1:86:97:f5:04:94:ee:63:c6:ad:
f8:3c:3a:81:15:a7:9f:00:4e:33:9a:75:36:db:01:da:cc:11:
de:7f:4f:19:fb:c7:9f:06:c6:6d:be:d3:fc:cb:7c:a0:11:0b:
0c:f8:0a:54:39:cf:6a:9a:f8:c2:e8:86:c8:49:ff:76:c7:c8:
96:89:35:1e
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZYuw2a1W6xXNEED6/MnG1ekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDEzMTA0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNlZTEyZmJlMTU0YzE5MGRhNzg1OGY4NDE4MTdlYmNiZTc4MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWGjlAB95MMslm9GT3+y3wf0x30b
b7XSGqnEETi3CacD+oZtzmVBC19zct1QTSnvJGkkp4w4ANv/IWHOhgXVoWpORjpB
SQ8XH6RYbqj3howqdJ6SieD88kB0exenbZj6zpYhzb0Zb8g/wRy+ixDAHYjDyyT5
3s1zriQbGFbub7jMcArWX2JQN5R+eD4+phlE8PVcMHAc+AuLMKcABz7IyphQ/siN
wC3zlgEpNcX2Ujq/0iDRBOvEQ6vS6WtDDZKg8fVBvPL9TxbrQeZAG64eL1LJNRek
qNHb294FD1ebk1Md13TW/26NVywMI5vppmeY1Weaa2ooacWgzaY6hoq9bwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFOw+4S++FUwZDaeFj4QYF+vL54GGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0Q3aEw3NFZUQmtOcDRXUGhCZ1g2OHZuZ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQAPkzu
AwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3AwQAwld+
AwQAwlepAwQAwlezAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDx
AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA
BIPhp64SUPBCoBjBbgy1Y/VPMYWCx5+h+eCPyzZZTEavXa3ongPDJmR8mSAfGpUJ
B7jETCYROKLlxkCzcunmQ+n2tbmcvVi2PI0jLgquitro0ihL24/NWD+Wfw9SbDHo
zBez5YonBLkgHWsnnl/bHeGkoMyA/4QOHc4I9LdB2YnaoHs2j7YN+LDrviT4Zz3a
WOr9yc7ZqSmIaTLlhod2YTyzu1d3prw3oHS6Jfvk4SKy2pi/emPWX/I98Guhhpf1
BJTuY8at+Dw6gRWnnwBOM5p1NtsB2swR3n9PGfvHnwbGbb7T/Mt8oBELDPgKVDnP
apr4wuiGyEn/dsfIlok1Hg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net