Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/4fR3vxw-OSsx-wmaMltn3WnnQ1U.roa
File: 4fR3vxw-OSsx-wmaMltn3WnnQ1U.roa (raw, json)
Hash identifier: XDgHbRopCRJdPkCexKqjsGW1UsqeJHsTtWZ2Q7eQaYM=
Subject key identifier: E1:F4:77:BF:1C:3E:39:2B:31:FB:09:9A:32:5B:67:DD:69:E7:43:55
Certificate issuer: /CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Certificate serial: 019420D5F382642AB416E4D3836DB9FEC3F0
Authority key identifier: 1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/4fR3vxw-OSsx-wmaMltn3WnnQ1U.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62105
IP address blocks: 82.163.40.0/21 maxlen: 21
185.47.132.0/22 maxlen: 22
2a01:90a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f3:82:64:2a:b4:16:e4:d3:83:6d:b9:fe:c3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bcee40405aefb6da17a340eef159ce9c4d18322
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f477bf1c3e392b31fb099a325b67dd69e74355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:54:6b:5d:51:bc:e2:de:6f:37:65:e8:df:f2:
c0:15:38:bf:49:85:d9:f7:3e:86:05:44:b8:ed:01:
8c:42:8f:8a:fb:6f:a5:1a:bf:34:73:3f:d3:e5:9e:
1c:08:81:04:eb:77:19:36:e7:f3:0b:fa:2a:39:cf:
e0:80:6d:46:e5:79:91:7f:15:48:94:4c:34:04:ef:
22:10:c6:e3:a0:9a:43:a0:02:50:66:f3:31:69:31:
25:16:04:38:9a:98:89:fd:12:90:7d:79:0c:74:e6:
d2:d6:75:7f:9d:05:fd:36:86:00:41:a8:cc:49:08:
ec:f0:5b:37:9d:44:4b:8c:6a:fb:cc:7e:80:46:39:
8f:3a:0d:03:97:7d:af:da:c7:d0:b7:ce:ad:cb:e6:
67:36:92:36:ac:92:d0:66:a6:4a:a3:a9:6c:14:54:
8e:10:03:d6:f8:01:2f:49:91:b5:4e:78:d9:1e:e9:
9e:95:79:0a:70:ca:09:b2:82:da:f1:05:2f:7f:0d:
1a:78:5e:38:16:3a:f7:d8:02:6f:07:c5:dd:47:43:
e8:07:01:64:46:b0:33:a2:c4:5e:75:48:16:0c:87:
e7:b6:53:93:cc:f6:eb:b5:20:a4:f9:82:8b:88:2d:
09:f7:56:ff:07:fa:ae:98:c0:91:bb:b6:13:9a:62:
61:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F4:77:BF:1C:3E:39:2B:31:FB:09:9A:32:5B:67:DD:69:E7:43:55
X509v3 Authority Key Identifier:
keyid:1B:CE:E4:04:05:AE:FB:6D:A1:7A:34:0E:EF:15:9C:E9:C4:D1:83:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G87kBAWu-22hejQO7xWc6cTRgyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/4fR3vxw-OSsx-wmaMltn3WnnQ1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/af89d8-8c35-4c8c-b15d-7e46ad748484/1/G87kBAWu-22hejQO7xWc6cTRgyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.40.0/21
185.47.132.0/22
IPv6:
2a01:90a0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:b7:54:01:39:12:c0:69:7d:db:d4:00:9e:05:98:c0:3b:25:
1d:b2:94:2a:66:20:b3:d8:c6:55:05:fa:9c:4c:9a:c2:ae:dc:
56:b0:5b:5f:8e:c2:28:77:84:c3:3f:55:72:ec:4b:6d:e5:4f:
7b:39:45:1e:d4:0a:73:1b:f0:12:08:0f:60:8d:39:cb:5e:2d:
f3:09:9a:d8:d2:d9:db:28:9e:b9:15:d5:1d:d6:47:f6:02:33:
85:00:d1:07:e6:b7:bd:20:21:85:3c:00:22:6f:40:01:aa:52:
6d:e7:8f:4d:8e:8e:7d:a5:be:b1:32:19:7b:26:51:3c:a3:f2:
33:36:b2:59:73:9a:1c:c8:86:80:82:2c:ca:cb:8e:fa:79:cc:
17:1e:5e:79:d7:25:0d:85:24:1b:62:f8:a7:b8:e2:7f:6f:78:
a6:5e:44:f8:c8:e5:0f:a7:26:17:70:c9:ff:05:04:5e:41:91:
51:57:c5:7c:c2:57:ca:74:73:e5:63:24:a1:21:9f:e7:d0:9b:
55:3c:7e:54:c3:27:b8:3b:53:68:d7:ea:f4:9f:6b:c1:b2:45:
39:02:53:38:7a:e7:e0:c5:45:64:cc:03:53:82:7e:65:b7:56:
ae:37:fd:30:f3:35:ca:76:c5:a3:7c:72:fc:2d:3c:09:fc:86:
2d:8d:3e:03
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1fOCZCq0FuTTg225/sPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2VlNDA0MDVhZWZiNmRhMTdhMzQwZWVmMTU5Y2U5YzRk
MTgzMjIwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY0NzdiZjFjM2UzOTJiMzFmYjA5OWEzMjViNjdkZDY5ZTc0MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFRrXVG84t5vN2Xo3/LAFTi/SYXZ
9z6GBUS47QGMQo+K+2+lGr80cz/T5Z4cCIEE63cZNufzC/oqOc/ggG1G5XmRfxVI
lEw0BO8iEMbjoJpDoAJQZvMxaTElFgQ4mpiJ/RKQfXkMdObS1nV/nQX9NoYAQajM
SQjs8Fs3nURLjGr7zH6ARjmPOg0Dl32v2sfQt86ty+ZnNpI2rJLQZqZKo6lsFFSO
EAPW+AEvSZG1TnjZHumelXkKcMoJsoLa8QUvfw0aeF44Fjr32AJvB8XdR0PoBwFk
RrAzosRedUgWDIfntlOTzPbrtSCk+YKLiC0J91b/B/qumMCRu7YTmmJhjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOH0d78cPjkrMfsJmjJbZ91p50NVMB8GA1UdIwQY
MBaAFBvO5AQFrvttoXo0Du8VnOnE0YMiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQt
N2U0NmFkNzQ4NDg0LzEvNGZSM3Z4dy1PU3N4LXdtYU1sdG4zV25uUTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZjg5ZDgtOGMzNS00YzhjLWIxNWQtN2U0NmFkNzQ4NDg0
LzEvRzg3a0JBV3UtMjJoZWpRTzd4V2M2Y1RSZ3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDUqMoAwQC
uS+EMA0EAgACMAcDBQAqAZCgMA0GCSqGSIb3DQEBCwUAA4IBAQCMt1QBORLAaX3b
1ACeBZjAOyUdspQqZiCz2MZVBfqcTJrCrtxWsFtfjsIod4TDP1Vy7Ett5U97OUUe
1ApzG/ASCA9gjTnLXi3zCZrY0tnbKJ65FdUd1kf2AjOFANEH5re9ICGFPAAib0AB
qlJt549Njo59pb6xMhl7JlE8o/IzNrJZc5ocyIaAgizKy476ecwXHl551yUNhSQb
YvinuOJ/b3imXkT4yOUPpyYXcMn/BQReQZFRV8V8wlfKdHPlYyShIZ/n0JtVPH5U
wye4O1No1+r0n2vBskU5AlM4eufgxUVkzANTgn5lt1auN/0w8zXKdsWjfHL8LTwJ
/IYtjT4D
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net