Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/k-8joWHq0IXSAeF06EYlGj2AITA.roa
File: k-8joWHq0IXSAeF06EYlGj2AITA.roa (raw, json)
Hash identifier: OrXpbU3ZTRNxide1ly7PEoXo5UOkEqSaVuBCmUkwkxg=
Subject key identifier: 93:EF:23:A1:61:EA:D0:85:D2:01:E1:74:E8:46:25:1A:3D:80:21:30
Certificate issuer: /CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Certificate serial: 0194228D1EF9B54B90452FCAA6D620083558
Authority key identifier: 4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/k-8joWHq0IXSAeF06EYlGj2AITA.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49010
IP address blocks: 84.252.76.0/22 maxlen: 22
86.62.24.0/22 maxlen: 22
91.207.2.0/23 maxlen: 23
109.232.72.0/21 maxlen: 21
185.20.140.0/22 maxlen: 22
193.187.164.0/22 maxlen: 22
2a00:19f8::/32 maxlen: 32
2a09:5500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1e:f9:b5:4b:90:45:2f:ca:a6:d6:20:08:35:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ef23a161ead085d201e174e846251a3d802130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b9:42:f0:00:f8:c4:81:50:58:34:48:45:e9:
7a:09:3f:46:09:b0:0c:80:01:10:5b:9c:66:14:06:
39:be:61:97:43:2b:4f:b4:6c:a0:aa:66:6e:0d:35:
ad:d5:f8:63:27:02:1d:5d:28:c0:81:ac:35:96:43:
3e:c8:16:9e:35:a5:e7:ef:df:bc:bb:f8:4c:92:47:
bc:e9:d1:ea:c3:dc:87:4a:3a:48:94:72:71:bf:5e:
34:d8:4c:6f:90:56:86:94:97:59:81:a5:fa:f5:54:
a5:97:da:56:75:5c:90:31:68:d4:85:43:47:2a:15:
33:58:02:bd:a3:b8:32:a7:ec:05:61:8d:9e:fd:90:
a4:a3:55:0e:fc:f5:75:9e:36:aa:d2:ed:13:45:79:
54:65:7a:2d:b7:79:94:bb:f9:3d:1f:23:f9:cf:b9:
d4:19:ec:57:bf:31:65:bb:14:4f:3a:9a:30:9b:9b:
0f:61:bf:b7:49:60:57:c9:ea:4f:87:f3:75:5f:32:
69:e9:37:6e:51:71:68:af:aa:ca:40:8a:48:66:a8:
f0:21:76:f3:c6:e0:fb:dd:71:ad:e8:7f:e1:99:d8:
43:36:40:03:14:ea:0e:e8:a1:b4:38:83:2f:25:ef:
80:12:5b:93:8d:67:21:fb:c5:d4:5d:89:d2:5a:0d:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:EF:23:A1:61:EA:D0:85:D2:01:E1:74:E8:46:25:1A:3D:80:21:30
X509v3 Authority Key Identifier:
keyid:4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/k-8joWHq0IXSAeF06EYlGj2AITA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/S6eyT4fqUURtUZr9T-YEGRmOwBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.76.0/22
86.62.24.0/22
91.207.2.0/23
109.232.72.0/21
185.20.140.0/22
193.187.164.0/22
IPv6:
2a00:19f8::/32
2a09:5500::/29
Signature Algorithm: sha256WithRSAEncryption
78:5e:80:42:3c:76:26:3f:b8:c1:6b:72:28:35:e2:34:d4:5b:
9d:e6:b2:19:24:d3:ff:34:8a:84:7d:1b:65:ae:3d:fb:8e:66:
64:34:1a:17:0c:c7:fa:b2:b2:46:12:27:56:d0:ef:1d:5f:55:
c0:9d:5b:7e:db:64:84:5f:b4:42:b8:c9:6b:12:77:d6:85:84:
db:4f:91:17:16:5e:2f:53:9d:74:ce:da:ab:d9:79:7e:ed:65:
f1:36:d1:3b:c4:05:da:8e:c6:58:0a:41:48:89:8f:bb:5a:c7:
e5:58:67:e3:d2:c1:23:50:bb:5f:a6:1a:d4:ae:1d:3c:12:e7:
5e:9b:e2:e8:dc:f3:d9:4b:c8:d2:4d:ab:bc:4d:2d:e9:29:d4:
87:be:b6:d9:be:97:c6:77:66:07:cb:c1:17:3e:3c:be:95:66:
48:b5:71:94:69:0b:4f:c1:ce:9e:e2:a8:59:bc:e7:b4:d9:c6:
8f:60:f4:da:6e:ab:1d:f7:e9:a4:78:a1:32:a7:f0:b5:f6:a7:
21:27:55:ee:a5:13:da:7a:10:40:0e:d8:4f:b5:0e:e2:2b:ef:
6b:65:12:c1:3f:2d:39:4d:90:04:cc:c8:48:26:c2:7c:da:e6:
e8:74:66:6b:92:99:67:cf:74:eb:32:1d:c6:66:e0:46:90:23:
eb:18:35:4b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQijR75tUuQRS/KptYgCDVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTdiMjRmODdlYTUxNDQ2ZDUxOWFmZDRmZTYwNDE5MTk4
ZWMwMTIwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2VmMjNhMTYxZWFkMDg1ZDIwMWUxNzRlODQ2MjUxYTNkODAyMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LlC8AD4xIFQWDRIRel6CT9GCbAM
gAEQW5xmFAY5vmGXQytPtGygqmZuDTWt1fhjJwIdXSjAgaw1lkM+yBaeNaXn79+8
u/hMkke86dHqw9yHSjpIlHJxv1402ExvkFaGlJdZgaX69VSll9pWdVyQMWjUhUNH
KhUzWAK9o7gyp+wFYY2e/ZCko1UO/PV1njaq0u0TRXlUZXott3mUu/k9HyP5z7nU
GexXvzFluxRPOpowm5sPYb+3SWBXyepPh/N1XzJp6TduUXFor6rKQIpIZqjwIXbz
xuD73XGt6H/hmdhDNkADFOoO6KG0OIMvJe+AEluTjWch+8XUXYnSWg0M2wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJPvI6Fh6tCF0gHhdOhGJRo9gCEwMB8GA1UdIwQY
MBaAFEunsk+H6lFEbVGa/U/mBBkZjsASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgt
YTI2ODg5ZWUyMmMyLzEvay04am9XSHEwSVhTQWVGMDZFWWxHajJBSVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgtYTI2ODg5ZWUyMmMy
LzEvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVPxMAwQC
Vj4YAwQBW88CAwQDbehIAwQCuRSMAwQCwbukMBQEAgACMA4DBQAqABn4AwUDKglV
ADANBgkqhkiG9w0BAQsFAAOCAQEAeF6AQjx2Jj+4wWtyKDXiNNRbneayGSTT/zSK
hH0bZa49+45mZDQaFwzH+rKyRhInVtDvHV9VwJ1bfttkhF+0QrjJaxJ31oWE20+R
FxZeL1OddM7aq9l5fu1l8TbRO8QF2o7GWApBSImPu1rH5Vhn49LBI1C7X6Ya1K4d
PBLnXpvi6Nzz2UvI0k2rvE0t6SnUh7622b6XxndmB8vBFz48vpVmSLVxlGkLT8HO
nuKoWbzntNnGj2D02m6rHffppHihMqfwtfanISdV7qUT2noQQA7YT7UO4ivva2US
wT8tOU2QBMzISCbCfNrm6HRma5KZZ8906zIdxmbgRpAj6xg1Sw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net