Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G0PhEodje2_QYpISHWJ0MmkXi_8.roa
File: G0PhEodje2_QYpISHWJ0MmkXi_8.roa (raw, json)
Hash identifier: sBBKLrP0UyVUTuSfl6Lf0ns9gTlzRmRNKw1IglNPk3I=
Subject key identifier: 1B:43:E1:12:87:63:7B:6F:D0:62:92:12:1D:62:74:32:69:17:8B:FF
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01957F992F223B09CC6E2E18D9A069C6CEAE
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G0PhEodje2_QYpISHWJ0MmkXi_8.roa
Signing time: Mon 10 Mar 2025 10:28:20 +0000
ROA not before: Mon 10 Mar 2025 10:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 85.239.145.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:99:2f:22:3b:09:cc:6e:2e:18:d9:a0:69:c6:ce:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 10 10:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b43e11287637b6fd06292121d62743269178bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1c:9d:48:d0:6a:42:08:24:0b:d7:17:e0:da:
5f:09:91:95:1e:37:65:1c:04:b6:40:6c:25:bb:7c:
ea:f5:ee:cd:8d:c3:46:53:db:93:dd:ea:d0:5e:3c:
b6:21:a0:25:4f:bb:95:bf:2f:df:ec:f4:23:78:06:
a9:3f:4e:d8:c1:af:54:46:0d:b4:6d:ea:ca:f1:bc:
6c:60:cb:39:7e:e3:3c:3c:32:32:ae:5d:cd:de:34:
83:b0:26:db:da:c7:32:b6:95:4e:34:a7:42:42:ce:
e5:40:45:0e:7c:f6:a3:1b:a8:98:e6:d2:9e:cb:bd:
fd:dc:aa:19:bc:d8:64:2f:73:26:d8:58:df:1b:03:
3c:7d:98:85:7a:24:56:47:de:ba:4b:ac:c7:1b:20:
49:41:ad:0c:4e:67:0d:ab:45:c3:d5:1b:e9:ba:f5:
8a:4d:01:d8:22:0f:24:bf:37:f7:c3:38:aa:2f:ac:
91:30:7f:3c:0f:ef:c1:2e:ab:07:75:68:90:99:6b:
77:21:d7:9b:41:71:ff:85:5a:cd:bb:bf:1b:a2:0a:
99:b1:39:58:ae:5a:51:b2:5a:4d:4f:86:ed:7c:7b:
bf:d2:37:45:03:db:03:37:42:d5:8b:ec:a6:fc:b7:
68:21:b0:30:c4:11:80:8f:da:68:d2:01:90:0c:b0:
f7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:43:E1:12:87:63:7B:6F:D0:62:92:12:1D:62:74:32:69:17:8B:FF
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G0PhEodje2_QYpISHWJ0MmkXi_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.145.0/24
85.239.148.0/24
85.239.150.0/24
185.95.157.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
88:71:f4:c9:7c:3e:d0:4c:e7:b4:10:3f:10:d8:8c:de:64:74:
da:62:59:f9:fb:dd:16:35:a7:88:9c:9d:f4:f7:9d:e2:a6:41:
27:6c:f4:ff:f9:eb:5f:65:21:68:ce:1b:62:e4:d6:09:1c:a1:
d1:14:74:8e:6e:df:c7:cb:43:c8:da:0e:92:6b:4a:2d:6f:d4:
17:43:5d:88:f7:93:a6:79:1d:0a:94:ed:a9:86:3d:aa:df:4e:
0a:eb:7b:fe:a8:9b:f1:46:c7:7d:a3:f5:94:41:01:25:61:c1:
fc:bb:59:0c:02:ce:f2:d4:14:dd:7b:0f:71:fd:ec:6f:0e:82:
94:cb:30:3d:1f:b9:4d:4a:df:b0:f6:db:a3:b2:00:3f:87:0e:
72:94:42:0d:f1:0f:e3:49:96:56:e8:bf:f9:37:ea:a1:1a:58:
41:e2:b2:f3:1c:f5:da:57:16:ec:11:97:b0:22:29:c5:d5:31:
5f:76:a5:de:91:2a:d9:ce:17:f9:25:e9:f4:76:6d:ba:1e:1a:
31:f9:0a:cf:f7:98:bb:9d:b1:28:d2:2d:e7:d1:b2:e8:84:14:
b1:81:df:33:9c:79:80:5d:73:54:2f:dd:c6:fe:14:e3:bc:ac:
6a:22:01:70:73:c9:fc:6a:fe:dc:1c:f7:9f:e0:35:40:ba:59:
cd:b1:d0:22
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZV/mS8iOwnMbi4Y2aBpxs6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzEwMTAyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQzZTExMjg3NjM3YjZmZDA2MjkyMTIxZDYyNzQzMjY5MTc4YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxydSNBqQggkC9cX4NpfCZGVHjdl
HAS2QGwlu3zq9e7NjcNGU9uT3erQXjy2IaAlT7uVvy/f7PQjeAapP07Ywa9URg20
berK8bxsYMs5fuM8PDIyrl3N3jSDsCbb2scytpVONKdCQs7lQEUOfPajG6iY5tKe
y7393KoZvNhkL3Mm2FjfGwM8fZiFeiRWR966S6zHGyBJQa0MTmcNq0XD1RvpuvWK
TQHYIg8kvzf3wziqL6yRMH88D+/BLqsHdWiQmWt3IdebQXH/hVrNu78bogqZsTlY
rlpRslpNT4btfHu/0jdFA9sDN0LVi+ym/LdoIbAwxBGAj9po0gGQDLD3dwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBtD4RKHY3tv0GKSEh1idDJpF4v/MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvRzBQaEVvZGplMl9RWXBJU0hXSjBNbWtYaV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVe+RAwQA
Ve+UAwQAVe+WMAwDBAC5X50DBAC5X54wDQYJKoZIhvcNAQELBQADggEBAIhx9Ml8
PtBM57QQPxDYjN5kdNpiWfn73RY1p4icnfT3neKmQSds9P/5619lIWjOG2Lk1gkc
odEUdI5u38fLQ8jaDpJrSi1v1BdDXYj3k6Z5HQqU7amGParfTgrre/6om/FGx32j
9ZRBASVhwfy7WQwCzvLUFN17D3H97G8OgpTLMD0fuU1K37D226OyAD+HDnKUQg3x
D+NJllbov/k36qEaWEHisvMc9dpXFuwRl7AiKcXVMV92pd6RKtnOF/kl6fR2bboe
GjH5Cs/3mLudsSjSLefRsuiEFLGB3zOceYBdc1Qv3cb+FOO8rGoiAXBzyfxq/twc
95/gNUC6Wc2x0CI=
-----END CERTIFICATE-----
Generated at Tue Mar 25 17:54:22 2025 by rpki-client on console.sobornost.net