Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iF74lchyYH7faRXUXMHNpR_TrWc.roa
File: iF74lchyYH7faRXUXMHNpR_TrWc.roa (raw, json)
Hash identifier: 7HXWZbOcLR6YZsq3MaREkcOeGbzmuGmdyIo3eOGAB/M=
Subject key identifier: 88:5E:F8:95:C8:72:60:7E:DF:69:15:D4:5C:C1:CD:A5:1F:D3:AD:67
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 01953D98DB59251797138EACDB35C753AB3A
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iF74lchyYH7faRXUXMHNpR_TrWc.roa
Signing time: Tue 25 Feb 2025 14:53:02 +0000
ROA not before: Tue 25 Feb 2025 14:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31167
IP address blocks: 85.14.128.0/18 maxlen: 18
85.14.131.0/24 maxlen: 24
85.14.153.0/24 maxlen: 24
109.74.80.0/20 maxlen: 20
109.74.90.0/24 maxlen: 24
109.74.93.0/24 maxlen: 24
217.119.176.0/20 maxlen: 20
217.171.16.0/20 maxlen: 20
217.171.27.0/24 maxlen: 24
2a00:1788::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:98:db:59:25:17:97:13:8e:ac:db:35:c7:53:ab:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Feb 25 14:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=885ef895c872607edf6915d45cc1cda51fd3ad67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d4:a9:76:c2:b6:34:b1:d3:3a:89:43:5a:29:
6c:53:53:3a:3a:c8:72:0a:a5:25:0e:55:b9:95:d5:
f9:2b:d9:29:31:97:8c:11:cf:5d:40:da:16:6a:31:
f0:27:88:22:15:ee:e9:61:4d:52:cc:73:88:0a:b7:
3a:57:a1:55:61:c9:40:e8:ba:84:23:ff:5b:e7:81:
62:71:2b:d7:45:a6:ef:2a:70:03:cb:24:85:99:0d:
0a:e8:6b:b1:3e:07:8f:82:1a:fb:2f:7f:ae:28:fe:
a1:a2:6a:47:e3:31:2e:e4:3b:84:af:f0:c4:d0:d2:
74:85:de:d0:cb:3b:bc:12:c8:12:ad:80:73:46:37:
57:eb:30:b9:8f:92:48:86:a4:f7:13:53:09:99:66:
37:23:1e:56:b9:8b:23:78:71:b2:d3:12:aa:6e:93:
a3:10:9c:ad:5f:f2:30:0c:e9:89:50:c7:1d:99:4c:
1c:eb:0d:83:77:f7:db:d8:e7:af:fc:32:e8:1c:d9:
07:83:96:b6:9d:ea:d8:96:af:68:80:c1:88:c1:a1:
af:b8:9e:a0:2c:7a:67:7a:41:2e:fa:bb:a0:e9:ad:
9b:97:81:a4:d3:4c:6a:7e:c6:88:83:1a:1d:32:a8:
2b:d9:f8:3f:19:38:e6:5b:66:4b:16:79:14:b7:7e:
ee:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5E:F8:95:C8:72:60:7E:DF:69:15:D4:5C:C1:CD:A5:1F:D3:AD:67
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iF74lchyYH7faRXUXMHNpR_TrWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.128.0/18
109.74.80.0/20
217.119.176.0/20
217.171.16.0/20
IPv6:
2a00:1788::/32
Signature Algorithm: sha256WithRSAEncryption
30:b2:9c:89:fc:b9:de:9c:3a:3f:33:93:76:fa:dd:23:fc:df:
78:bc:fe:d3:3c:8e:4c:a8:ab:3f:1b:ac:fd:cf:08:e7:eb:e5:
f4:c8:6b:b9:68:db:c3:8e:60:f3:22:df:7b:44:ed:ae:34:5e:
5f:85:44:fb:09:2e:69:89:ff:4d:c6:d2:12:fb:67:68:15:88:
9f:3d:b3:a2:b1:10:0c:68:c0:71:b8:59:ef:bd:ef:ba:bd:05:
e5:dc:e5:a3:b6:77:e3:97:0d:51:66:c0:c3:86:19:32:c5:af:
ee:9c:6b:03:24:2f:ce:3f:5c:83:47:33:c2:f6:2f:eb:5a:a4:
cf:21:fe:cc:6f:cf:23:2c:71:49:d2:83:92:5e:6e:43:3e:66:
93:67:51:0d:2f:9c:00:fd:a0:83:52:5a:db:a1:6a:7b:43:16:
81:64:5f:9c:e9:94:12:68:00:69:e2:e4:0d:91:10:bc:72:8f:
72:6c:5d:02:e7:fb:cb:bc:9c:01:27:75:fe:52:55:16:5c:fc:
34:2a:03:5c:26:56:ea:18:ff:dc:25:ab:bf:d6:6d:c0:e3:13:
f5:29:99:70:16:da:7f:53:e5:b4:58:f6:18:ec:7f:a6:c3:08:
f8:29:47:92:6d:13:5f:de:07:27:8c:ed:13:a9:00:01:ba:ae:
bc:03:02:ca
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZU9mNtZJReXE46s2zXHU6s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjUwMjI1MTQ1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVlZjg5NWM4NzI2MDdlZGY2OTE1ZDQ1Y2MxY2RhNTFmZDNhZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtSpdsK2NLHTOolDWilsU1M6Oshy
CqUlDlW5ldX5K9kpMZeMEc9dQNoWajHwJ4giFe7pYU1SzHOICrc6V6FVYclA6LqE
I/9b54FicSvXRabvKnADyySFmQ0K6GuxPgePghr7L3+uKP6hompH4zEu5DuEr/DE
0NJ0hd7Qyzu8EsgSrYBzRjdX6zC5j5JIhqT3E1MJmWY3Ix5WuYsjeHGy0xKqbpOj
EJytX/IwDOmJUMcdmUwc6w2Dd/fb2Oev/DLoHNkHg5a2nerYlq9ogMGIwaGvuJ6g
LHpnekEu+rug6a2bl4Gk00xqfsaIgxodMqgr2fg/GTjmW2ZLFnkUt37ueQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIhe+JXIcmB+32kV1FzBzaUf061nMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvaUY3NGxjaHlZSDdmYVJYVVhNSE5wUl9UcldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGVQ6AAwQE
bUpQAwQE2XewAwQE2asQMA0EAgACMAcDBQAqABeIMA0GCSqGSIb3DQEBCwUAA4IB
AQAwspyJ/LnenDo/M5N2+t0j/N94vP7TPI5MqKs/G6z9zwjn6+X0yGu5aNvDjmDz
It97RO2uNF5fhUT7CS5pif9NxtIS+2doFYifPbOisRAMaMBxuFnvve+6vQXl3OWj
tnfjlw1RZsDDhhkyxa/unGsDJC/OP1yDRzPC9i/rWqTPIf7Mb88jLHFJ0oOSXm5D
PmaTZ1ENL5wA/aCDUlrboWp7QxaBZF+c6ZQSaABp4uQNkRC8co9ybF0C5/vLvJwB
J3X+UlUWXPw0KgNcJlbqGP/cJau/1m3A4xP1KZlwFtp/U+W0WPYY7H+mwwj4KUeS
bRNf3gcnjO0TqQABuq68AwLK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net