Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-KzT4PXcNocaX0IuiLZvIh1Fu3k.roa
File: 1-KzT4PXcNocaX0IuiLZvIh1Fu3k.roa (raw, json)
Hash identifier: cFuFSsHdwISzDpsefkSZIYXEEsLy/gsVdaO+k9rHdiM=
Subject key identifier: F8:AC:D3:E0:F5:DC:36:87:1A:5F:42:2E:88:B6:6F:22:1D:45:BB:79
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 0195C9ADDFA0CDCB880A589968EC4F8B8C0A
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-KzT4PXcNocaX0IuiLZvIh1Fu3k.roa
Signing time: Mon 24 Mar 2025 19:42:49 +0000
ROA not before: Mon 24 Mar 2025 19:42:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 91.193.164.0/22 maxlen: 22
94.45.128.0/19 maxlen: 24
94.45.143.0/24 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
195.191.214.0/23 maxlen: 23
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:ad:df:a0:cd:cb:88:0a:58:99:68:ec:4f:8b:8c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Mar 24 19:42:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8acd3e0f5dc36871a5f422e88b66f221d45bb79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:4a:99:4d:dd:e4:73:2d:e1:00:f8:d6:5c:
99:6d:98:f5:de:78:fa:46:1d:38:7f:a8:7d:72:dd:
f0:01:e9:04:bc:3f:ae:13:af:77:3b:88:40:35:fa:
07:1f:08:c5:86:e3:a9:7e:1d:4d:5b:f7:da:8e:da:
b7:0b:01:a2:bc:70:f9:33:34:6b:c3:80:df:13:e1:
20:6e:3a:6a:80:11:5d:9b:f0:ae:fb:3f:fd:2f:43:
6d:f3:05:b8:7e:fe:5f:3f:6e:28:97:69:be:d4:c1:
ca:8d:35:5b:2c:e5:d1:9e:a8:61:0e:a1:ec:8a:2c:
24:2e:d1:f0:57:5d:6e:4b:4a:7e:8f:8a:07:02:6a:
a8:f5:37:38:c0:7b:86:56:48:aa:ca:58:d1:89:54:
e6:6b:89:f6:36:38:e0:65:c6:40:a6:8d:00:be:53:
bd:fd:ca:d8:04:dd:33:24:5e:ea:43:e3:75:07:60:
82:bb:ad:bc:f9:4a:0f:f3:de:60:39:00:8b:93:67:
11:62:ff:a7:75:ac:e5:27:5f:f1:6d:1e:f4:b2:90:
be:b8:df:f8:43:ab:ce:b5:f4:2e:2c:b4:fa:b2:e8:
5a:58:ef:95:4d:53:c0:cd:13:5f:e9:4c:56:af:0e:
63:92:07:36:2a:a0:7c:a4:cf:fb:28:3d:0a:b9:0f:
08:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AC:D3:E0:F5:DC:36:87:1A:5F:42:2E:88:B6:6F:22:1D:45:BB:79
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-KzT4PXcNocaX0IuiLZvIh1Fu3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/19
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
Signature Algorithm: sha256WithRSAEncryption
01:b4:f9:28:db:56:d7:ca:c3:09:a2:4c:0d:dd:39:42:5f:43:
e8:02:fb:3a:c8:c9:44:33:8e:8f:47:39:04:79:3e:2f:f6:2e:
f1:1a:19:62:5f:27:81:87:8a:cd:77:a1:3e:76:78:f1:1b:2d:
bf:20:00:d4:3a:d3:29:d8:6d:92:12:d9:bc:25:ee:2e:d9:5a:
34:1d:2f:23:e5:44:8c:e3:65:2c:2a:11:ae:c5:0b:bc:01:33:
79:4b:97:f5:93:51:db:d9:93:85:a3:9e:2d:2b:3d:ac:18:aa:
2d:5e:b1:34:7f:f6:8d:d0:66:94:1a:86:c3:a0:45:84:4b:0c:
9d:35:10:94:7b:34:50:a2:8d:a7:9f:34:32:b1:c2:c9:5e:49:
9a:0d:44:3d:ed:ed:2e:7c:6d:a0:88:5c:5a:10:ac:15:78:84:
4f:6c:2a:b5:53:a8:89:1c:38:40:0f:a3:62:aa:f3:a6:d7:2c:
d4:20:c5:f2:36:84:6e:ab:22:ab:45:ce:d4:5b:38:67:17:d7:
43:82:fd:b7:8a:ad:ad:3d:c6:1b:fa:fc:f5:bd:4e:70:76:0d:
37:2e:7d:7c:e3:3c:37:a3:4b:87:7d:a7:df:10:58:06:82:41:
07:04:3e:93:22:56:ff:3d:87:2c:92:54:f1:a3:94:49:2e:14:
49:db:4b:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZXJrd+gzcuICliZaOxPi4wKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwMzI0MTk0MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFjZDNlMGY1ZGMzNjg3MWE1ZjQyMmU4OGI2NmYyMjFkNDViYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwChKmU3d5HMt4QD41lyZbZj13nj6
Rh04f6h9ct3wAekEvD+uE693O4hANfoHHwjFhuOpfh1NW/fajtq3CwGivHD5MzRr
w4DfE+EgbjpqgBFdm/Cu+z/9L0Nt8wW4fv5fP24ol2m+1MHKjTVbLOXRnqhhDqHs
iiwkLtHwV11uS0p+j4oHAmqo9Tc4wHuGVkiqyljRiVTma4n2NjjgZcZApo0AvlO9
/crYBN0zJF7qQ+N1B2CCu628+UoP895gOQCLk2cRYv+ndazlJ1/xbR70spC+uN/4
Q6vOtfQuLLT6suhaWO+VTVPAzRNf6UxWrw5jkgc2KqB8pM/7KD0KuQ8IXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPis0+D13DaHGl9CLoi2byIdRbt5MB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvMS1LelQ0UFhjTm9jYVgwSXVpTFp2SWgxRnUzay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvMzMzYWIxLWFmOWItNDM0Yy04ZDEzLTljYTk4ZjQ5NTBj
Zi8xL0hoVHJIdTltd3ROSjhfZlh1dnBvNUotXzdKdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlvBpAME
BV4tgAMEAsK7bAMEAcOJygMEAcO/1jANBgkqhkiG9w0BAQsFAAOCAQEAAbT5KNtW
18rDCaJMDd05Ql9D6AL7OsjJRDOOj0c5BHk+L/Yu8RoZYl8ngYeKzXehPnZ48Rst
vyAA1DrTKdhtkhLZvCXuLtlaNB0vI+VEjONlLCoRrsULvAEzeUuX9ZNR29mThaOe
LSs9rBiqLV6xNH/2jdBmlBqGw6BFhEsMnTUQlHs0UKKNp580MrHCyV5Jmg1EPe3t
LnxtoIhcWhCsFXiET2wqtVOoiRw4QA+jYqrzptcs1CDF8jaEbqsiq0XO1Fs4ZxfX
Q4L9t4qtrT3GG/r89b1OcHYNNy59fOM8N6NLh32n3xBYBoJBBwQ+kyJW/z2HLJJU
8aOUSS4USdtLUw==
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:22:49 2025 by rpki-client on console.sobornost.net