Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3E9M_L1qni0gOm9o4JNThdl5mKU.roa
File: 3E9M_L1qni0gOm9o4JNThdl5mKU.roa (raw, json)
Hash identifier: 3QEnMAssy1tNKh1FvcPETtJzWZzXiuRM6bkNkokD5XE=
Subject key identifier: DC:4F:4C:FC:BD:6A:9E:2D:20:3A:6F:68:E0:93:53:85:D9:79:98:A5
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01960EA226749B5C22BF660C531BDB09D583
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3E9M_L1qni0gOm9o4JNThdl5mKU.roa
Signing time: Mon 07 Apr 2025 05:03:49 +0000
ROA not before: Mon 07 Apr 2025 05:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 85.239.145.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0e:a2:26:74:9b:5c:22:bf:66:0c:53:1b:db:09:d5:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 7 05:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc4f4cfcbd6a9e2d203a6f68e0935385d97998a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ac:97:c7:a0:06:33:c0:e4:9d:f7:47:ff:1f:
66:aa:83:6b:0a:7e:46:bf:45:c4:86:56:b6:87:7d:
ff:fa:79:2a:99:58:2f:d3:ee:d3:7c:02:2e:5e:fe:
25:cc:d3:1f:fe:2c:d7:67:ed:d3:c6:a1:88:0b:a1:
b9:49:de:d3:71:20:4e:3c:e3:21:16:7c:c8:65:9c:
0d:f1:0d:34:c1:0a:b4:84:eb:fa:71:6b:95:af:54:
d2:9e:ad:6b:8b:97:0a:67:53:3b:f0:c8:28:19:9e:
b8:4b:06:a3:28:87:47:80:d8:5d:e9:3a:b5:a1:10:
6d:c9:93:81:27:17:25:6d:74:d4:8f:3e:5c:5a:27:
1d:e1:b2:ee:c8:27:52:6f:a4:09:98:dc:83:8f:49:
ce:ff:85:fc:97:19:f9:42:97:09:ca:94:f1:e4:70:
02:6b:a0:0e:3e:b8:71:67:c6:72:fa:88:3d:89:d4:
82:b5:28:5a:f6:98:32:b9:df:49:eb:40:3b:6d:98:
5f:1d:cd:a0:4c:cf:0b:9f:50:83:91:8b:52:46:67:
a6:0e:ef:b5:6e:10:4d:31:cd:3f:3c:35:74:57:b7:
de:59:71:6e:e9:05:3e:3b:6d:26:50:14:77:00:4c:
81:8a:e8:3c:6a:c3:a5:4a:5a:23:18:15:fc:19:7d:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4F:4C:FC:BD:6A:9E:2D:20:3A:6F:68:E0:93:53:85:D9:79:98:A5
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3E9M_L1qni0gOm9o4JNThdl5mKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.145.0/24
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:51:5f:2f:98:4b:15:bc:d9:d0:76:80:a0:b1:b9:c9:1b:19:
c3:71:c8:f1:ad:c0:2a:62:79:e9:a7:7b:ad:1e:53:62:a2:f1:
29:7f:77:d0:f0:98:70:0e:94:e3:93:37:58:a1:c8:75:6c:c1:
69:ca:43:97:1c:b1:b2:af:88:da:cb:98:46:6d:2f:40:ff:b2:
54:52:f3:32:c0:a3:3c:bf:c4:ce:e0:1a:b0:40:d9:86:2b:a5:
9a:c7:a4:b5:e0:58:8d:9c:1a:1b:0e:7e:41:02:9a:4e:51:3a:
92:95:e3:63:97:ca:42:93:11:2c:73:0d:ad:77:2e:ca:4f:2d:
ed:37:aa:e7:45:3a:75:08:8d:9c:be:1e:64:a2:3b:e7:d0:d9:
07:f2:08:f8:00:a2:77:13:d2:db:79:f4:1a:00:12:69:34:c4:
d5:c3:4b:5e:02:97:d9:15:0c:58:22:cd:55:38:0d:23:1a:4a:
8a:2b:3b:4a:dc:6d:3f:18:5f:89:a7:a5:76:1a:12:4e:67:5d:
6e:0d:24:dc:60:21:b1:c3:5e:77:8d:6f:bd:52:2d:bc:bb:ee:
82:1f:10:0a:08:4a:8f:41:3f:e6:c3:8f:cd:e8:70:ff:79:ff:
f6:02:40:9f:8f:01:59:86:a9:6b:75:7d:38:91:30:60:14:12:
95:ba:7d:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYOoiZ0m1wiv2YMUxvbCdWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNDA3MDUwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzRmNGNmY2JkNmE5ZTJkMjAzYTZmNjhlMDkzNTM4NWQ5Nzk5OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqyXx6AGM8DknfdH/x9mqoNrCn5G
v0XEhla2h33/+nkqmVgv0+7TfAIuXv4lzNMf/izXZ+3TxqGIC6G5Sd7TcSBOPOMh
FnzIZZwN8Q00wQq0hOv6cWuVr1TSnq1ri5cKZ1M78MgoGZ64SwajKIdHgNhd6Tq1
oRBtyZOBJxclbXTUjz5cWicd4bLuyCdSb6QJmNyDj0nO/4X8lxn5QpcJypTx5HAC
a6AOPrhxZ8Zy+og9idSCtSha9pgyud9J60A7bZhfHc2gTM8Ln1CDkYtSRmemDu+1
bhBNMc0/PDV0V7feWXFu6QU+O20mUBR3AEyBiug8asOlSlojGBX8GX3khQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNxPTPy9ap4tIDpvaOCTU4XZeZilMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvM0U5TV9MMXFuaTBnT205bzRKTlRoZGw1bUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+RAwQA
Ve+WMA0GCSqGSIb3DQEBCwUAA4IBAQCrUV8vmEsVvNnQdoCgsbnJGxnDccjxrcAq
Ynnpp3utHlNiovEpf3fQ8JhwDpTjkzdYoch1bMFpykOXHLGyr4jay5hGbS9A/7JU
UvMywKM8v8TO4BqwQNmGK6Wax6S14FiNnBobDn5BAppOUTqSleNjl8pCkxEscw2t
dy7KTy3tN6rnRTp1CI2cvh5kojvn0NkH8gj4AKJ3E9LbefQaABJpNMTVw0teApfZ
FQxYIs1VOA0jGkqKKztK3G0/GF+Jp6V2GhJOZ11uDSTcYCGxw153jW+9Ui28u+6C
HxAKCEqPQT/mw4/N6HD/ef/2AkCfjwFZhqlrdX04kTBgFBKVun1O
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net