Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dq4h687xeHV6Iv85Nt3AlQ47PkU.roa
File: dq4h687xeHV6Iv85Nt3AlQ47PkU.roa (raw, json)
Hash identifier: XvWh9es0FEht0IMSfelGtEsQLir9eviaFUIjMJLaOVo=
Subject key identifier: 76:AE:21:EB:CE:F1:78:75:7A:22:FF:39:36:DD:C0:95:0E:3B:3E:45
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01958AC2FF9B7D606CFF9379B8DD5C2CB8BF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dq4h687xeHV6Iv85Nt3AlQ47PkU.roa
Signing time: Wed 12 Mar 2025 14:29:49 +0000
ROA not before: Wed 12 Mar 2025 14:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.225.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:c2:ff:9b:7d:60:6c:ff:93:79:b8:dd:5c:2c:b8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 12 14:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76ae21ebcef178757a22ff3936ddc0950e3b3e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:58:a8:ba:51:af:ab:7d:e3:0a:bb:87:8f:4c:
a8:ca:28:b2:38:c0:a3:6a:34:c5:11:92:1c:5b:5a:
8b:ac:eb:fa:03:cf:43:06:23:4f:bb:2f:21:c4:46:
91:05:ad:c7:28:76:2e:4e:2d:6c:ee:ed:7e:74:08:
e6:fa:5d:06:dc:3c:16:36:e9:49:6e:4d:ed:38:85:
54:a6:e4:3f:a4:e9:a6:c3:08:e0:d4:b1:dd:a5:36:
00:07:2c:00:19:04:d8:df:50:4e:e7:e0:a3:81:84:
cc:4e:43:ba:5c:bb:5b:67:d1:ef:d0:2f:1e:bc:f4:
71:19:9b:2c:90:ee:43:fa:8f:41:3d:b4:f7:f0:3f:
fa:67:19:49:34:db:21:94:fc:b3:92:f3:c4:45:ed:
ba:7a:7e:7e:45:3c:6d:04:28:5a:dc:b4:c3:a6:96:
23:34:e0:64:75:85:91:77:2a:fd:66:e5:95:c1:1c:
d4:12:40:46:dc:4e:7c:4b:f7:9f:5c:66:38:23:18:
fa:c2:b6:46:da:c1:b2:a7:6b:37:f8:bf:8c:31:82:
81:98:11:ee:6f:cb:1f:e9:ca:9a:cf:24:c6:47:4c:
e3:48:cd:03:84:3d:c9:db:d4:c0:5b:5d:02:97:b4:
92:b3:17:5f:7f:29:0f:95:63:82:bb:f1:5d:b4:34:
31:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AE:21:EB:CE:F1:78:75:7A:22:FF:39:36:DD:C0:95:0E:3B:3E:45
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dq4h687xeHV6Iv85Nt3AlQ47PkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0-159.148.226.255
Signature Algorithm: sha256WithRSAEncryption
4a:95:ef:34:c2:15:05:67:a9:db:9c:5c:70:1f:74:5a:d2:eb:
0d:f2:cf:ad:4c:71:b8:b5:be:31:f5:a3:99:72:cc:95:c4:98:
2e:3b:93:0a:93:10:c0:0c:63:1d:ab:85:eb:71:cc:87:81:8d:
24:e1:fb:af:67:79:7b:04:49:01:ba:54:8e:f5:40:09:a5:22:
a9:c3:b1:45:78:0e:8f:e6:a6:6d:66:6a:c7:fa:b3:d0:c1:cf:
58:d7:e9:60:08:fd:6e:68:82:9b:5c:10:c5:b5:f7:d1:18:0b:
fc:b6:b8:3f:a2:9d:67:5d:bb:b5:56:29:67:0c:73:00:63:5c:
d4:ed:50:ad:25:10:c1:49:0a:a9:81:51:d2:68:6d:e7:94:df:
8c:92:6b:78:59:70:30:4c:64:ce:5c:db:a3:72:fb:30:d9:c5:
e0:8c:a9:94:01:c0:dc:fb:9a:60:3c:97:5b:b5:c5:97:5f:2f:
2b:b5:a1:45:fe:72:5f:d3:c9:c5:e9:11:d8:99:cd:0d:a2:33:
68:88:a0:f4:bf:21:12:fd:6e:49:c9:6c:34:39:96:dd:0e:c9:
88:44:81:2d:0a:bf:ab:08:da:39:17:4e:24:31:c6:bc:4e:80:
d2:1e:b0:1a:ac:d8:49:cd:80:7c:96:df:f1:c8:b7:de:5d:74:
b1:02:14:91
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWKwv+bfWBs/5N5uN1cLLi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMzEyMTQyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFlMjFlYmNlZjE3ODc1N2EyMmZmMzkzNmRkYzA5NTBlM2IzZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlioulGvq33jCruHj0yoyiiyOMCj
ajTFEZIcW1qLrOv6A89DBiNPuy8hxEaRBa3HKHYuTi1s7u1+dAjm+l0G3DwWNulJ
bk3tOIVUpuQ/pOmmwwjg1LHdpTYABywAGQTY31BO5+CjgYTMTkO6XLtbZ9Hv0C8e
vPRxGZsskO5D+o9BPbT38D/6ZxlJNNshlPyzkvPERe26en5+RTxtBCha3LTDppYj
NOBkdYWRdyr9ZuWVwRzUEkBG3E58S/efXGY4Ixj6wrZG2sGyp2s3+L+MMYKBmBHu
b8sf6cqazyTGR0zjSM0DhD3J29TAW10Cl7SSsxdffykPlWOCu/FdtDQxZwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHauIevO8Xh1eiL/OTbdwJUOOz5FMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZHE0aDY4N3hlSFY2SXY4NU50M0FsUTQ3UGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4MAwDBAWflOADBACflOIwDQYJKoZIhvcNAQELBQADggEB
AEqV7zTCFQVnqducXHAfdFrS6w3yz61Mcbi1vjH1o5lyzJXEmC47kwqTEMAMYx2r
hetxzIeBjSTh+69neXsESQG6VI71QAmlIqnDsUV4Do/mpm1masf6s9DBz1jX6WAI
/W5ogptcEMW199EYC/y2uD+inWddu7VWKWcMcwBjXNTtUK0lEMFJCqmBUdJobeeU
34ySa3hZcDBMZM5c26Ny+zDZxeCMqZQBwNz7mmA8l1u1xZdfLyu1oUX+cl/TycXp
EdiZzQ2iM2iIoPS/IRL9bknJbDQ5lt0OyYhEgS0Kv6sI2jkXTiQxxrxOgNIesBqs
2EnNgHyW3/HIt95ddLECFJE=
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:02:28 2025 by rpki-client on console.sobornost.net