Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UYj7oPNDPmZ92Pti7kDvt77QLoo.roa
File: UYj7oPNDPmZ92Pti7kDvt77QLoo.roa (raw, json)
Hash identifier: 6xSkPzZxwtQTH/NVcZi8cSClbUy2mWDz8JoMRfBIJyE=
Subject key identifier: 51:88:FB:A0:F3:43:3E:66:7D:D8:FB:62:EE:40:EF:B7:BE:D0:2E:8A
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 01942522234282E132E0843E791773440B93
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UYj7oPNDPmZ92Pti7kDvt77QLoo.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47894
IP address blocks: 94.103.36.0/24 maxlen: 24
94.103.37.0/24 maxlen: 24
94.103.38.0/24 maxlen: 24
94.103.39.0/24 maxlen: 24
94.103.41.0/24 maxlen: 24
94.103.42.0/24 maxlen: 24
94.103.43.0/24 maxlen: 24
185.35.20.0/24 maxlen: 24
185.35.22.0/24 maxlen: 24
185.35.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:23:42:82:e1:32:e0:84:3e:79:17:73:44:0b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5188fba0f3433e667dd8fb62ee40efb7bed02e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:62:b6:03:71:42:70:7f:2a:78:d9:08:e9:6f:
ed:e9:62:5b:67:3e:10:17:1d:8f:0f:4d:6e:0c:41:
3b:18:51:44:0b:18:d0:87:30:8c:60:88:da:65:8d:
f4:49:93:b8:c1:e6:d0:14:ea:f1:b5:0f:ea:49:74:
72:56:9e:53:ff:3b:83:c5:23:7a:b0:2a:7e:cb:d2:
d3:8e:72:e8:88:ea:ee:9a:6e:b1:b0:a9:e9:f4:05:
26:20:ce:cb:e3:75:f4:a5:f1:77:e6:d4:a2:cb:c0:
ba:05:e3:e6:70:3f:bb:74:54:a2:b0:16:89:90:dc:
95:59:c2:53:5d:23:f7:9a:13:2a:ec:0c:c1:62:ae:
05:fd:e2:4f:17:e6:36:6e:62:3a:6b:78:83:f3:d4:
cd:b9:1b:42:ac:f9:c5:fc:16:82:59:67:54:64:ff:
ce:14:58:78:4d:9c:46:55:64:42:cf:3f:f0:6d:83:
c2:23:58:0e:3a:02:75:23:13:cb:53:b2:f4:cd:09:
22:0b:64:b7:db:b0:5a:a4:08:69:41:56:5b:39:02:
33:77:85:a0:5a:5b:f4:5f:92:d1:a5:bb:0c:cc:c7:
9d:6e:34:7c:34:8e:b4:49:90:d0:4e:55:ec:cb:14:
89:ed:1d:3f:04:d7:8f:d5:69:53:1f:36:ef:98:cb:
3d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:88:FB:A0:F3:43:3E:66:7D:D8:FB:62:EE:40:EF:B7:BE:D0:2E:8A
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UYj7oPNDPmZ92Pti7kDvt77QLoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.36.0/22
94.103.41.0-94.103.43.255
185.35.20.0/24
185.35.22.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:b1:83:17:87:cc:e7:f8:58:a8:42:50:da:e9:28:20:f9:f5:
9f:da:74:7e:88:c3:f2:84:bf:03:40:4b:0d:94:e9:5c:2d:c7:
10:0c:b8:e6:92:ad:20:57:48:77:a0:ea:b6:fe:15:79:b6:42:
a1:99:a0:1f:16:00:97:61:da:b1:84:c4:40:79:a7:47:a0:d3:
c2:29:30:1c:94:f4:42:9b:8f:93:36:72:e2:fb:1c:e5:d9:4a:
3e:64:43:3b:06:be:4c:fa:de:f1:70:b4:02:70:a3:22:b0:e6:
c2:47:e1:0d:e7:67:0a:dd:85:e0:66:d5:cb:fc:aa:fc:7b:07:
bf:b1:ca:f3:c0:98:57:7f:63:ec:ce:ca:a4:f1:28:e1:8d:33:
fb:26:36:87:47:03:08:02:da:1e:0c:b1:e9:5b:7b:5a:74:f3:
8f:23:33:11:18:d8:57:ca:3f:20:10:a6:de:70:77:81:96:34:
73:ee:22:0e:7f:9d:14:c6:05:a4:b9:5d:6d:3a:91:45:f6:4e:
09:39:eb:52:25:ad:be:78:0d:80:1d:bb:70:45:46:0d:4d:bb:
38:ad:0c:35:06:3d:2c:9f:9b:bd:d2:30:bf:46:e0:6c:cd:d2:
aa:4b:e3:ab:61:10:9b:51:4d:8a:6d:c4:f4:fe:59:e8:22:b6:
ee:0a:8e:ba
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIiNCguEy4IQ+eRdzRAuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg4ZmJhMGYzNDMzZTY2N2RkOGZiNjJlZTQwZWZiN2JlZDAyZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWK2A3FCcH8qeNkI6W/t6WJbZz4Q
Fx2PD01uDEE7GFFECxjQhzCMYIjaZY30SZO4webQFOrxtQ/qSXRyVp5T/zuDxSN6
sCp+y9LTjnLoiOrumm6xsKnp9AUmIM7L43X0pfF35tSiy8C6BePmcD+7dFSisBaJ
kNyVWcJTXSP3mhMq7AzBYq4F/eJPF+Y2bmI6a3iD89TNuRtCrPnF/BaCWWdUZP/O
FFh4TZxGVWRCzz/wbYPCI1gOOgJ1IxPLU7L0zQkiC2S327BapAhpQVZbOQIzd4Wg
Wlv0X5LRpbsMzMedbjR8NI60SZDQTlXsyxSJ7R0/BNeP1WlTHzbvmMs9vwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFGI+6DzQz5mfdj7Yu5A77e+0C6KMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvVVlqN29QTkRQbVo5MlB0aTdrRHZ0NzdRTG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCXmckMAwD
BABeZykDBAJeZygDBAC5IxQDBAG5IxYwDQYJKoZIhvcNAQELBQADggEBAFuxgxeH
zOf4WKhCUNrpKCD59Z/adH6Iw/KEvwNASw2U6VwtxxAMuOaSrSBXSHeg6rb+FXm2
QqGZoB8WAJdh2rGExEB5p0eg08IpMByU9EKbj5M2cuL7HOXZSj5kQzsGvkz63vFw
tAJwoyKw5sJH4Q3nZwrdheBm1cv8qvx7B7+xyvPAmFd/Y+zOyqTxKOGNM/smNodH
AwgC2h4Mselbe1p0848jMxEY2FfKPyAQpt5wd4GWNHPuIg5/nRTGBaS5XW06kUX2
Tgk561Ilrb54DYAdu3BFRg1NuzitDDUGPSyfm73SML9G4GzN0qpL46thEJtRTYpt
xPT+Wegitu4Kjro=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:32 2025 by rpki-client on console.sobornost.net