Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uvC4wx7XJaJYmfg9MM0HwS759gs.roa
File: uvC4wx7XJaJYmfg9MM0HwS759gs.roa (raw, json)
Hash identifier: m5tSPpvIeYt9ZOBoekXuCxfCQ9Wyl9GdujroSfAVoYI=
Subject key identifier: BA:F0:B8:C3:1E:D7:25:A2:58:99:F8:3D:30:CD:07:C1:2E:F9:F6:0B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01961ED18EE3B929939F826BD88F21149670
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uvC4wx7XJaJYmfg9MM0HwS759gs.roa
Signing time: Thu 10 Apr 2025 08:29:32 +0000
ROA not before: Thu 10 Apr 2025 08:29:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 62.76.236.0/24 maxlen: 24
62.76.237.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.58.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:d1:8e:e3:b9:29:93:9f:82:6b:d8:8f:21:14:96:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 08:29:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baf0b8c31ed725a25899f83d30cd07c12ef9f60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:68:44:98:c3:a0:b5:2e:b0:e9:9f:43:74:
b9:f7:ca:9a:ec:08:3c:bf:a8:b5:ea:6e:81:f9:8c:
6e:15:5a:34:19:d1:05:ba:3f:1d:04:4c:df:83:c4:
7d:53:3e:94:5f:7d:9e:ce:d7:b7:aa:eb:65:7b:9d:
fb:9e:e4:07:a7:5d:2c:cf:c0:78:0a:f1:46:5e:df:
b7:da:d8:02:5c:e1:bf:c0:7c:77:8b:6e:e6:78:e7:
b0:1a:02:4a:ac:7a:09:67:68:b4:c0:09:d8:af:84:
98:a7:2f:01:8b:7b:eb:cc:e1:14:14:c6:cb:03:5f:
6a:93:b5:00:dc:ab:3e:27:ab:95:68:72:50:73:98:
24:d4:35:a0:00:5d:b9:d3:d4:bc:69:2b:3a:be:86:
87:e5:7c:a2:74:10:af:a4:1c:0f:25:99:0a:23:e8:
c2:7c:3f:76:05:98:cc:b8:b9:36:28:ff:26:8a:65:
7f:88:da:c8:63:3c:39:89:8c:5a:fa:d9:0e:82:ac:
e8:04:b0:c7:f5:d7:e2:b4:92:0f:b7:6c:d2:ee:e6:
5e:17:d5:2d:d9:20:9a:54:d3:92:84:a4:4d:2b:b8:
c8:bc:26:27:e9:e0:b2:69:a9:0a:69:ea:bd:e8:ee:
05:43:7a:86:e7:28:bc:6f:32:31:34:f4:8c:23:ff:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F0:B8:C3:1E:D7:25:A2:58:99:F8:3D:30:CD:07:C1:2E:F9:F6:0B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uvC4wx7XJaJYmfg9MM0HwS759gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.236.0/23
193.124.17.0/24
194.58.56.0/24
194.58.154.0/23
194.87.1.0/24
194.87.51.0/24
194.87.122.0/24
194.87.228.0/24
194.87.233.0/24
194.87.255.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:13:b9:6b:51:c2:2d:81:0f:43:55:8c:9b:09:60:98:74:d4:
99:04:9d:95:ff:20:a3:d8:34:ed:51:9f:7e:ac:5b:e5:be:07:
f4:eb:68:17:66:c7:52:79:a5:9e:bb:19:d6:8e:82:53:4e:56:
17:66:f0:af:f9:20:68:7c:00:03:6d:ff:9d:56:aa:8b:e4:d4:
82:d3:11:52:0f:2d:b7:8c:2f:ad:b0:d4:53:6f:0a:a2:22:e6:
eb:a8:53:83:6a:4e:ef:ac:5e:f7:9c:b7:02:96:e7:86:bf:7b:
57:06:3a:9a:62:6b:77:ac:b4:72:4a:e1:49:ad:cf:3b:30:62:
9d:11:99:5c:0e:c4:7f:34:e5:95:59:67:7c:b2:8f:7e:31:21:
fb:b3:db:35:0b:ba:38:cf:fe:18:ab:58:d0:4e:de:2a:76:c5:
2e:dd:c9:84:09:4c:c6:01:20:1d:d7:e3:99:00:e0:ca:90:f8:
3d:7f:c6:e3:7f:5f:73:e1:08:88:c1:aa:82:58:ee:d8:94:62:
5f:48:3a:b7:bf:13:40:16:d4:70:d4:5d:66:db:04:47:36:48:
42:00:79:47:00:42:70:01:a5:3e:4c:11:ac:21:6c:cf:38:4a:
02:47:39:b1:0f:b8:c7:0b:3b:46:f4:ee:f8:50:7a:d3:f0:43:
63:a1:22:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZYe0Y7juSmTn4Jr2I8hFJZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDEwMDgyOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWYwYjhjMzFlZDcyNWEyNTg5OWY4M2QzMGNkMDdjMTJlZjlmNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRFoRJjDoLUusOmfQ3S598qa7Ag8
v6i16m6B+YxuFVo0GdEFuj8dBEzfg8R9Uz6UX32ezte3qutle537nuQHp10sz8B4
CvFGXt+32tgCXOG/wHx3i27meOewGgJKrHoJZ2i0wAnYr4SYpy8Bi3vrzOEUFMbL
A19qk7UA3Ks+J6uVaHJQc5gk1DWgAF2509S8aSs6voaH5XyidBCvpBwPJZkKI+jC
fD92BZjMuLk2KP8mimV/iNrIYzw5iYxa+tkOgqzoBLDH9dfitJIPt2zS7uZeF9Ut
2SCaVNOShKRNK7jIvCYn6eCyaakKaeq96O4FQ3qG5yi8bzIxNPSMI/8pRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLrwuMMe1yWiWJn4PTDNB8Eu+fYLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdXZDNHd4N1hKYUpZbWZnOU1NMEh3Uzc1OWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBPkzsAwQA
wXwRAwQAwjo4AwQBwjqaAwQAwlcBAwQAwlczAwQAwld6AwQAwlfkAwQAwlfpAwQA
wlf/MA0GCSqGSIb3DQEBCwUAA4IBAQCOE7lrUcItgQ9DVYybCWCYdNSZBJ2V/yCj
2DTtUZ9+rFvlvgf062gXZsdSeaWeuxnWjoJTTlYXZvCv+SBofAADbf+dVqqL5NSC
0xFSDy23jC+tsNRTbwqiIubrqFODak7vrF73nLcClueGv3tXBjqaYmt3rLRySuFJ
rc87MGKdEZlcDsR/NOWVWWd8so9+MSH7s9s1C7o4z/4Yq1jQTt4qdsUu3cmECUzG
ASAd1+OZAODKkPg9f8bjf19z4QiIwaqCWO7YlGJfSDq3vxNAFtRw1F1m2wRHNkhC
AHlHAEJwAaU+TBGsIWzPOEoCRzmxD7jHCztG9O74UHrT8ENjoSI9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net