Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FHCB6DuGL-bnBGM2X1yDzSnX9Zk.roa
File: FHCB6DuGL-bnBGM2X1yDzSnX9Zk.roa (raw, json)
Hash identifier: r6GDh9X+ylCTDxl9vj4S1UTcrV/ImccaaTi1D8Mi2xk=
Subject key identifier: 14:70:81:E8:3B:86:2F:E6:E7:04:63:36:5F:5C:83:CD:29:D7:F5:99
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01961916E15DC79C1EA4E591FF477DF31B67
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FHCB6DuGL-bnBGM2X1yDzSnX9Zk.roa
Signing time: Wed 09 Apr 2025 05:47:31 +0000
ROA not before: Wed 09 Apr 2025 05:47:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:16:e1:5d:c7:9c:1e:a4:e5:91:ff:47:7d:f3:1b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 9 05:47:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=147081e83b862fe6e70463365f5c83cd29d7f599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0b:0e:45:d5:b6:c8:b8:33:04:dc:43:73:4b:
da:b7:d7:be:92:cf:df:fa:5a:10:b8:f2:8f:f3:74:
d5:09:4a:b0:a6:b3:64:84:64:49:3a:10:eb:45:03:
a9:31:8d:db:b6:8e:e5:6f:11:8f:40:a7:79:13:00:
35:a5:26:c5:34:d0:10:14:f8:a5:69:56:b0:3d:a3:
60:1b:49:27:af:a7:95:6d:bd:05:f9:d5:23:c4:79:
7d:b8:18:fa:68:07:f8:fe:b3:9e:da:3b:62:b8:a7:
69:57:8b:c0:e8:cb:b3:43:ed:75:ff:20:29:74:ca:
43:2e:64:a7:41:7d:34:be:c0:2f:b0:48:10:84:44:
fa:53:33:df:c2:b2:e7:0f:a9:9c:20:07:01:d2:92:
17:ec:6d:e5:ec:2d:78:1b:4c:90:4a:d8:94:9c:c3:
26:06:f4:96:bd:d9:e5:eb:aa:d0:e7:ce:dc:d0:e0:
17:53:4b:3d:d7:83:dd:c3:2c:de:08:63:69:89:80:
54:69:14:0f:10:0b:bc:66:a4:32:b3:cf:99:ea:04:
3f:5a:bf:64:70:4c:95:d7:88:20:53:b6:35:48:f6:
f1:5f:4c:fe:fc:d2:d3:7e:bc:02:4c:b2:ce:d0:2e:
77:02:97:23:13:0a:c6:6d:ad:5d:32:17:fa:0c:f5:
b1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:70:81:E8:3B:86:2F:E6:E7:04:63:36:5F:5C:83:CD:29:D7:F5:99
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FHCB6DuGL-bnBGM2X1yDzSnX9Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.146.0/23
85.239.149.0/24
85.239.151.0/24
185.95.156.0/24
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:f3:36:9a:1d:73:70:5b:2f:f3:9e:80:4a:21:a3:d6:21:1f:
3c:00:c2:22:60:92:db:1d:38:ef:d2:36:f6:de:be:88:e6:93:
f4:9f:71:9c:60:98:44:ce:ca:23:2e:5a:fa:e4:17:f4:59:e0:
ef:39:e5:4d:8d:a8:66:11:62:09:ca:1b:3f:a7:cc:5f:67:ff:
33:e6:91:99:8e:34:35:79:e8:5b:8a:99:87:21:be:86:93:0d:
92:ab:fb:de:68:07:a9:cb:cf:f9:96:1a:23:e4:2c:6d:84:8d:
89:37:0d:91:87:b7:90:c3:45:52:8b:d8:e0:0f:4f:d6:87:af:
f6:c5:8b:89:85:9d:1d:5c:30:5c:e5:cc:2d:53:43:7c:fc:1f:
a3:6e:3b:fe:5b:c8:0e:15:08:29:c6:b6:b7:b2:88:84:92:fa:
a5:5c:61:41:8f:59:18:e6:d4:83:58:45:db:89:cd:53:3c:3e:
93:ef:5e:e0:f7:ae:b7:85:7b:a4:29:97:3d:47:60:d1:62:e4:
e7:d5:cc:25:3c:68:2f:44:05:b6:fb:12:20:95:b6:0f:a8:ed:
ec:54:42:76:c1:a3:5a:ff:b7:78:50:23:cc:62:cf:db:ac:9f:
c5:9e:44:48:93:d8:99:bf:8d:e8:04:01:2d:3f:f7:62:04:38:
0a:7c:96:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYZFuFdx5wepOWR/0d98xtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNDA5MDU0NzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDcwODFlODNiODYyZmU2ZTcwNDYzMzY1ZjVjODNjZDI5ZDdmNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwsORdW2yLgzBNxDc0vat9e+ks/f
+loQuPKP83TVCUqwprNkhGRJOhDrRQOpMY3bto7lbxGPQKd5EwA1pSbFNNAQFPil
aVawPaNgG0knr6eVbb0F+dUjxHl9uBj6aAf4/rOe2jtiuKdpV4vA6MuzQ+11/yAp
dMpDLmSnQX00vsAvsEgQhET6UzPfwrLnD6mcIAcB0pIX7G3l7C14G0yQStiUnMMm
BvSWvdnl66rQ587c0OAXU0s914PdwyzeCGNpiYBUaRQPEAu8ZqQys8+Z6gQ/Wr9k
cEyV14ggU7Y1SPbxX0z+/NLTfrwCTLLO0C53ApcjEwrGba1dMhf6DPWxmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBRwgeg7hi/m5wRjNl9cg80p1/WZMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvRkhDQjZEdUdMLWJuQkdNMlgxeUR6U25YOVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVe+QAwQB
Ve+SAwQAVe+VAwQAVe+XAwQAuV+cAwQAuV+fMA0GCSqGSIb3DQEBCwUAA4IBAQCc
8zaaHXNwWy/znoBKIaPWIR88AMIiYJLbHTjv0jb23r6I5pP0n3GcYJhEzsojLlr6
5Bf0WeDvOeVNjahmEWIJyhs/p8xfZ/8z5pGZjjQ1eehbipmHIb6Gkw2Sq/veaAep
y8/5lhoj5CxthI2JNw2Rh7eQw0VSi9jgD0/Wh6/2xYuJhZ0dXDBc5cwtU0N8/B+j
bjv+W8gOFQgpxra3soiEkvqlXGFBj1kY5tSDWEXbic1TPD6T717g9663hXukKZc9
R2DRYuTn1cwlPGgvRAW2+xIglbYPqO3sVEJ2waNa/7d4UCPMYs/brJ/FnkRIk9iZ
v43oBAEtP/diBDgKfJbU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net