Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/Oi8bBj7abbUUGWgLnipKRlAWhqg.roa
File: Oi8bBj7abbUUGWgLnipKRlAWhqg.roa (raw, json)
Hash identifier: uBPR6lVF7mLe6knRM5SQ0/u91d8nwbpqoLhQPG3UKIM=
Subject key identifier: 3A:2F:1B:06:3E:DA:6D:B5:14:19:68:0B:9E:2A:4A:46:50:16:86:A8
Certificate issuer: /CN=13f8496b79d1c04d082af83f1be6a5eab0c66089
Certificate serial: 019427B62919E3B6AAA357FD11E8BBA4F9AD
Authority key identifier: 13:F8:49:6B:79:D1:C0:4D:08:2A:F8:3F:1B:E6:A5:EA:B0:C6:60:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E_hJa3nRwE0IKvg_G-al6rDGYIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/Oi8bBj7abbUUGWgLnipKRlAWhqg.roa
Signing time: Thu 02 Jan 2025 15:50:36 +0000
ROA not before: Thu 02 Jan 2025 15:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34625
IP address blocks: 37.75.232.0/24 maxlen: 24
37.75.233.0/24 maxlen: 24
37.75.236.0/24 maxlen: 24
195.242.236.0/24 maxlen: 24
212.119.56.0/24 maxlen: 24
212.119.57.0/24 maxlen: 24
212.119.58.0/24 maxlen: 24
212.119.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:29:19:e3:b6:aa:a3:57:fd:11:e8:bb:a4:f9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13f8496b79d1c04d082af83f1be6a5eab0c66089
Validity
Not Before: Jan 2 15:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a2f1b063eda6db51419680b9e2a4a46501686a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e8:c0:31:78:ca:0e:7c:d8:11:7c:c0:8d:e5:
6d:96:61:be:49:5d:52:e3:15:85:f2:18:4d:fa:b4:
50:75:9c:a2:3c:f2:87:04:9a:b5:18:17:82:94:38:
10:fa:94:11:f5:ec:c4:f4:fe:71:32:7c:11:4e:aa:
0f:67:7f:38:33:05:22:4d:fb:c5:b0:d6:c6:e2:24:
83:e2:86:40:f8:b7:0a:18:b8:13:6c:dd:a3:8c:8f:
a6:2e:a4:07:86:77:d3:7c:f9:64:47:a1:f4:16:00:
5e:85:60:75:2a:21:8d:31:54:42:bf:24:d0:80:dc:
8a:81:5c:74:bc:0c:55:e1:70:08:9a:f8:5e:a2:11:
9b:70:7c:06:ab:c4:1c:9f:62:85:f5:38:bc:90:57:
e3:fe:38:a7:0d:e7:b1:3e:0b:ff:7b:3d:26:e3:84:
98:6e:0e:b5:18:15:30:ef:72:35:73:48:d7:69:79:
08:5b:f6:93:f8:e7:ba:fa:dd:0d:af:ea:18:5d:47:
f0:e3:de:aa:97:4e:84:de:a0:e3:53:44:e1:32:8f:
03:65:ff:2f:36:ec:6d:4e:b6:5f:44:5e:6b:1a:af:
59:32:53:8b:0e:1c:50:27:ff:26:7c:b5:6e:49:c2:
ce:98:2c:88:ba:f6:e3:51:ca:4c:40:6b:74:89:ce:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:1B:06:3E:DA:6D:B5:14:19:68:0B:9E:2A:4A:46:50:16:86:A8
X509v3 Authority Key Identifier:
keyid:13:F8:49:6B:79:D1:C0:4D:08:2A:F8:3F:1B:E6:A5:EA:B0:C6:60:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E_hJa3nRwE0IKvg_G-al6rDGYIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/Oi8bBj7abbUUGWgLnipKRlAWhqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/E_hJa3nRwE0IKvg_G-al6rDGYIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.232.0/23
37.75.236.0/24
195.242.236.0/24
212.119.56.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:7e:e5:2b:73:6e:f1:c3:a0:de:6d:8d:f0:13:f1:20:79:11:
a0:e2:92:95:f6:6f:ce:42:94:96:19:08:64:9d:a4:a2:fc:87:
8e:8f:07:90:76:be:7c:a4:ba:66:ac:18:d5:c1:3c:eb:8d:8a:
ab:5c:78:ab:f1:13:56:d7:5f:1a:dd:2c:6e:1a:d6:2d:cc:d7:
e3:8f:7a:05:00:02:bf:7b:e7:97:5b:c3:60:29:6d:64:ad:c0:
2e:92:ee:ed:0d:f9:4a:f6:54:df:f6:58:fe:7b:6e:4d:79:f3:
05:c1:92:fd:c2:c8:39:b0:84:57:6c:16:dd:fb:ca:de:07:2d:
43:5e:ce:bd:0a:63:fb:1a:72:2d:7d:50:d2:9b:20:00:9e:e5:
8e:83:0f:aa:bd:eb:c0:39:50:a9:e8:e3:a5:5f:86:47:7a:47:
63:82:53:8b:b1:e3:70:82:d0:cd:8c:55:27:69:fd:10:58:98:
e1:7d:cc:4c:78:89:df:0b:c1:b9:8c:d0:1c:2c:50:ba:c7:31:
fa:a3:95:0e:71:ee:ab:68:44:a8:5a:e8:ad:76:2f:0d:a9:7d:
46:78:96:6d:3c:35:97:ff:34:c6:96:c7:b9:c3:24:81:8b:98:
16:57:d6:b9:43:f7:b5:97:4a:ae:0d:3a:44:de:21:87:16:45:
19:19:02:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntikZ47aqo1f9Eei7pPmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZjg0OTZiNzlkMWMwNGQwODJhZjgzZjFiZTZhNWVhYjBj
NjYwODkwHhcNMjUwMTAyMTU1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJmMWIwNjNlZGE2ZGI1MTQxOTY4MGI5ZTJhNGE0NjUwMTY4NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OjAMXjKDnzYEXzAjeVtlmG+SV1S
4xWF8hhN+rRQdZyiPPKHBJq1GBeClDgQ+pQR9ezE9P5xMnwRTqoPZ384MwUiTfvF
sNbG4iSD4oZA+LcKGLgTbN2jjI+mLqQHhnfTfPlkR6H0FgBehWB1KiGNMVRCvyTQ
gNyKgVx0vAxV4XAImvheohGbcHwGq8Qcn2KF9Ti8kFfj/jinDeexPgv/ez0m44SY
bg61GBUw73I1c0jXaXkIW/aT+Oe6+t0Nr+oYXUfw496ql06E3qDjU0ThMo8DZf8v
NuxtTrZfRF5rGq9ZMlOLDhxQJ/8mfLVuScLOmCyIuvbjUcpMQGt0ic54ZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDovGwY+2m21FBloC54qSkZQFoaoMB8GA1UdIwQY
MBaAFBP4SWt50cBNCCr4PxvmpeqwxmCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRV9oSmEzblJ3RTBJS3ZnX0ctYWw2ckRHWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lZWIyNmYtNjc5MC00MmNlLThjY2Mt
NTRhMjVlMmNkYWE5LzEvT2k4YkJqN2FiYlVVR1dnTG5pcEtSbEFXaHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lZWIyNmYtNjc5MC00MmNlLThjY2MtNTRhMjVlMmNkYWE5
LzEvRV9oSmEzblJ3RTBJS3ZnX0ctYWw2ckRHWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBJUvoAwQA
JUvsAwQAw/LsAwQC1Hc4MA0GCSqGSIb3DQEBCwUAA4IBAQCdfuUrc27xw6DebY3w
E/EgeRGg4pKV9m/OQpSWGQhknaSi/IeOjweQdr58pLpmrBjVwTzrjYqrXHir8RNW
118a3SxuGtYtzNfjj3oFAAK/e+eXW8NgKW1krcAuku7tDflK9lTf9lj+e25NefMF
wZL9wsg5sIRXbBbd+8reBy1DXs69CmP7GnItfVDSmyAAnuWOgw+qvevAOVCp6OOl
X4ZHekdjglOLseNwgtDNjFUnaf0QWJjhfcxMeInfC8G5jNAcLFC6xzH6o5UOce6r
aESoWuitdi8NqX1GeJZtPDWX/zTGlse5wySBi5gWV9a5Q/e1l0quDTpE3iGHFkUZ
GQI0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:17 2025 by rpki-client on console.sobornost.net