Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/BF0T5GbyfHIEuRmFv0iPB0TH0yc.roa
File: BF0T5GbyfHIEuRmFv0iPB0TH0yc.roa (raw, json)
Hash identifier: n7HXnes9ckpZTo25mb2err5NFNmLrqklK6VuInVFN+s=
Subject key identifier: 04:5D:13:E4:66:F2:7C:72:04:B9:19:85:BF:48:8F:07:44:C7:D3:27
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 0194266C1858F7F06A6FF257C86E2B7B94A2
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/BF0T5GbyfHIEuRmFv0iPB0TH0yc.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28944
IP address blocks: 80.231.174.0/24 maxlen: 24
80.231.248.0/24 maxlen: 24
85.187.213.0/24 maxlen: 24
85.187.214.0/24 maxlen: 24
85.187.215.0/24 maxlen: 24
130.250.109.0/24 maxlen: 24
130.250.133.0/24 maxlen: 24
130.250.134.0/24 maxlen: 24
147.185.246.0/23 maxlen: 24
147.185.246.0/24 maxlen: 24
147.185.247.0/24 maxlen: 24
147.185.254.0/23 maxlen: 24
147.185.254.0/24 maxlen: 24
147.185.255.0/24 maxlen: 24
151.237.11.0/24 maxlen: 24
151.237.12.0/24 maxlen: 24
151.237.95.0/24 maxlen: 24
195.219.123.0/24 maxlen: 24
195.234.98.0/24 maxlen: 24
2a01:3e7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:18:58:f7:f0:6a:6f:f2:57:c8:6e:2b:7b:94:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045d13e466f27c7204b91985bf488f0744c7d327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:a5:c4:54:2d:19:3e:6b:26:87:48:e1:1e:
7f:72:ae:6b:40:e6:71:b5:2c:b1:3c:78:52:89:4d:
f6:b6:06:b8:f6:0e:3d:f7:b5:1e:35:99:53:95:2f:
56:a6:02:92:c8:9b:12:b7:a9:b2:2b:1f:10:d4:f9:
6b:86:35:4c:a0:bb:37:a5:90:4b:b9:24:3c:62:50:
a1:43:80:9d:2e:d0:d6:d1:a4:73:50:19:76:cb:49:
3c:f5:ce:73:f0:c9:f0:e2:af:55:12:07:31:3f:39:
47:cb:0e:6e:fd:22:1c:3b:b7:e6:87:17:c4:e7:b3:
61:8d:99:50:3e:17:bd:a2:7d:19:80:e9:89:cf:02:
07:c2:51:75:d9:18:1b:c2:6b:74:b4:e7:3f:86:f3:
2f:1b:a1:f9:91:08:64:a3:ba:24:f6:01:24:96:7b:
ae:64:ea:03:53:e6:30:05:bc:b4:d2:83:6a:37:af:
cc:93:69:ef:d1:20:8a:0e:47:5c:64:05:2c:41:55:
98:e7:54:e8:f0:e3:7d:c1:69:d8:c3:2b:1f:8e:d9:
77:4e:81:c3:8f:78:f1:d1:29:d7:0f:7e:a7:2b:96:
6e:4b:96:5d:fb:52:e5:7f:19:fc:0c:06:bb:66:bb:
e4:11:42:c4:6f:21:21:d4:9a:3c:a0:9b:3e:66:e7:
1b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5D:13:E4:66:F2:7C:72:04:B9:19:85:BF:48:8F:07:44:C7:D3:27
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/BF0T5GbyfHIEuRmFv0iPB0TH0yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.231.174.0/24
80.231.248.0/24
85.187.213.0-85.187.215.255
130.250.109.0/24
130.250.133.0-130.250.134.255
147.185.246.0/23
147.185.254.0/23
151.237.11.0-151.237.12.255
151.237.95.0/24
195.219.123.0/24
195.234.98.0/24
IPv6:
2a01:3e7::/32
Signature Algorithm: sha256WithRSAEncryption
71:8a:2d:97:db:87:e3:b7:7f:e4:b5:c3:e5:d9:d0:1f:00:cc:
77:f5:bc:c0:36:eb:e3:87:ca:e2:db:1c:2a:f8:c2:9e:cf:87:
af:83:cf:76:6d:58:ee:6b:7c:78:55:83:50:81:58:27:0f:c5:
d8:2c:b3:de:e3:0c:1e:4b:bf:d3:61:d5:80:89:b0:36:e9:a2:
c7:dd:7d:5c:85:87:1a:25:04:18:1f:72:14:3b:e7:30:1a:52:
c8:32:49:87:9b:ff:57:b4:6c:73:c1:f2:b1:24:9a:0b:12:12:
8d:59:5d:f3:70:02:aa:f2:82:cc:d8:b7:2a:42:cc:c3:9f:e8:
2d:cf:43:25:25:57:2f:09:66:64:32:dc:19:9a:96:d4:0a:67:
73:d7:3d:5d:7d:42:55:0a:7c:34:4e:83:ea:14:aa:95:f0:c6:
00:51:60:c6:da:66:d0:9d:87:bf:90:3d:ea:77:1e:78:a1:ae:
26:d9:43:55:a3:b8:2b:cc:6f:1e:ce:bb:2a:07:3c:0e:03:b1:
f5:dc:1e:a6:07:a6:8a:9b:20:4a:d3:e3:63:e7:44:94:1f:88:
90:c6:db:90:cf:70:b4:5e:d9:be:ee:b3:aa:b6:e5:ed:63:18:
fc:d9:fa:b9:33:9b:d2:f4:4b:79:23:ac:34:11:09:53:41:4b:
76:4d:74:7a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQmbBhY9/Bqb/JXyG4re5SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVkMTNlNDY2ZjI3YzcyMDRiOTE5ODViZjQ4OGYwNzQ0YzdkMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKelxFQtGT5rJodI4R5/cq5rQOZx
tSyxPHhSiU32tga49g4997UeNZlTlS9WpgKSyJsSt6myKx8Q1PlrhjVMoLs3pZBL
uSQ8YlChQ4CdLtDW0aRzUBl2y0k89c5z8Mnw4q9VEgcxPzlHyw5u/SIcO7fmhxfE
57NhjZlQPhe9on0ZgOmJzwIHwlF12Rgbwmt0tOc/hvMvG6H5kQhko7ok9gEklnuu
ZOoDU+YwBby00oNqN6/Mk2nv0SCKDkdcZAUsQVWY51To8ON9wWnYwysfjtl3ToHD
j3jx0SnXD36nK5ZuS5Zd+1Llfxn8DAa7ZrvkEULEbyEh1Jo8oJs+ZucbIQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFARdE+Rm8nxyBLkZhb9IjwdEx9MnMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvQkYwVDVHYnlmSElFdVJtRnYwaVBCMFRIMHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAFDnrgME
AFDn+DAMAwQAVbvVAwQDVbvQAwQAgvptMAwDBACC+oUDBACC+oYDBAGTufYDBAGT
uf4wDAMEAJftCwMEAJftDAMEAJftXwMEAMPbewMEAMPqYjANBAIAAjAHAwUAKgED
5zANBgkqhkiG9w0BAQsFAAOCAQEAcYotl9uH47d/5LXD5dnQHwDMd/W8wDbr44fK
4tscKvjCns+Hr4PPdm1Y7mt8eFWDUIFYJw/F2Cyz3uMMHku/02HVgImwNumix919
XIWHGiUEGB9yFDvnMBpSyDJJh5v/V7Rsc8HysSSaCxISjVld83ACqvKCzNi3KkLM
w5/oLc9DJSVXLwlmZDLcGZqW1Apnc9c9XX1CVQp8NE6D6hSqlfDGAFFgxtpm0J2H
v5A96nceeKGuJtlDVaO4K8xvHs67Kgc8DgOx9dwepgemipsgStPjY+dElB+IkMbb
kM9wtF7Zvu6zqrbl7WMY/Nn6uTOb0vRLeSOsNBEJU0FLdk10eg==
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:49:07 2025 by rpki-client on console.sobornost.net