Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/FkatwMJJT1uX4-yAfNDw9hhU0d4.roa
File: FkatwMJJT1uX4-yAfNDw9hhU0d4.roa (raw, json)
Hash identifier: IoIeRwx7xjV2gZEpUFrXa/vojLvAGOo0og2HL4PEFNc=
Subject key identifier: 16:46:AD:C0:C2:49:4F:5B:97:E3:EC:80:7C:D0:F0:F6:18:54:D1:DE
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 0194266C1AFBE64C4D90B3AB2A87E5FABEEC
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/FkatwMJJT1uX4-yAfNDw9hhU0d4.roa
Signing time: Thu 02 Jan 2025 09:50:06 +0000
ROA not before: Thu 02 Jan 2025 09:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40009
IP address blocks: 5.23.20.0/24 maxlen: 24
80.231.16.0/23 maxlen: 23
80.231.162.0/23 maxlen: 23
80.231.162.0/24 maxlen: 24
80.231.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:1a:fb:e6:4c:4d:90:b3:ab:2a:87:e5:fa:be:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 09:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1646adc0c2494f5b97e3ec807cd0f0f61854d1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3f:71:29:bd:39:a5:d3:6f:91:a8:56:91:50:
c3:c0:8f:68:93:75:85:be:35:f2:30:bb:ee:a5:c1:
2a:c6:8f:39:ab:bd:08:64:dc:40:93:3b:2f:46:a0:
e2:e1:ec:7d:15:fb:25:da:f5:6e:c3:b9:b6:dc:41:
dd:ad:26:6a:4f:11:35:33:36:cd:36:22:5d:c2:bc:
b1:e2:fa:d4:f5:e5:b3:e6:9c:d1:1e:bd:ca:90:e3:
72:9f:10:7c:a0:98:d2:60:0e:b6:31:20:f2:bd:aa:
f5:ce:97:92:ff:55:91:79:b8:8b:35:fb:2e:be:19:
f5:d8:f5:39:a5:1a:f2:14:be:eb:68:de:d6:f0:ef:
27:c2:67:f1:d5:42:2a:6d:b5:55:97:36:5e:04:98:
15:35:96:68:65:9e:85:85:73:fa:32:21:9c:12:31:
31:33:e9:b5:09:ea:30:57:be:1b:f2:2f:19:7d:8f:
2f:f1:45:a4:2e:4b:df:d3:3b:a3:44:b3:06:63:6c:
98:05:d0:38:5f:ab:f9:c1:03:87:d7:46:29:18:ec:
2c:9a:c4:90:95:c9:bc:e6:f7:a6:97:da:9b:1a:7d:
1e:5c:63:a0:61:89:24:f4:d7:a5:68:78:e4:56:ae:
00:79:18:b2:22:f3:4f:a8:41:fa:5f:46:fa:64:23:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:46:AD:C0:C2:49:4F:5B:97:E3:EC:80:7C:D0:F0:F6:18:54:D1:DE
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/FkatwMJJT1uX4-yAfNDw9hhU0d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.20.0/24
80.231.16.0/23
80.231.162.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:5c:83:bd:2e:38:c8:d8:9b:3b:40:56:70:70:8d:2f:37:8e:
d3:3d:e0:7b:2d:aa:18:b8:7b:59:c9:99:49:7d:37:a6:c1:57:
93:1e:1c:0a:10:82:36:b3:99:49:8d:81:75:54:14:74:43:24:
d0:33:50:11:55:56:32:7d:df:a6:44:68:2a:ec:1a:a3:c7:ed:
16:a0:e2:8b:9a:39:2b:86:80:3a:15:fd:20:91:b9:fa:1e:9c:
bc:90:ce:35:84:37:a7:f0:3a:86:04:fe:86:34:ae:ae:6b:da:
23:0d:d8:32:5c:63:50:27:88:49:e5:a7:c8:6c:60:68:7a:c3:
d9:e5:3e:7e:8d:6f:7d:ad:50:49:04:d2:28:a1:9c:bb:aa:69:
89:9d:33:4a:fa:5b:06:37:88:d9:2b:48:cb:66:b6:4d:69:b5:
a2:9a:1d:66:39:64:cc:bf:aa:61:5d:05:82:00:aa:5c:dd:a0:
18:58:71:52:b2:87:6a:b4:01:9b:d8:03:ec:e4:ec:45:69:8f:
60:aa:e1:5c:77:1f:f6:a7:ac:58:7a:ab:14:47:5c:9b:f4:90:
b7:5f:8f:a6:42:3c:a1:6d:c6:dd:b2:f7:c3:9c:91:b1:3f:3c:
66:6a:0b:71:cd:b1:7a:37:60:d9:e8:55:2e:bf:6b:d8:24:76:
ce:36:43:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbBr75kxNkLOrKofl+r7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjUwMTAyMDk1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQ2YWRjMGMyNDk0ZjViOTdlM2VjODA3Y2QwZjBmNjE4NTRkMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT9xKb05pdNvkahWkVDDwI9ok3WF
vjXyMLvupcEqxo85q70IZNxAkzsvRqDi4ex9Ffsl2vVuw7m23EHdrSZqTxE1MzbN
NiJdwryx4vrU9eWz5pzRHr3KkONynxB8oJjSYA62MSDyvar1zpeS/1WRebiLNfsu
vhn12PU5pRryFL7raN7W8O8nwmfx1UIqbbVVlzZeBJgVNZZoZZ6FhXP6MiGcEjEx
M+m1CeowV74b8i8ZfY8v8UWkLkvf0zujRLMGY2yYBdA4X6v5wQOH10YpGOwsmsSQ
lcm85veml9qbGn0eXGOgYYkk9NelaHjkVq4AeRiyIvNPqEH6X0b6ZCPWMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBZGrcDCSU9bl+PsgHzQ8PYYVNHeMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvRmthdHdNSkpUMXVYNC15QWZORHc5aGhVMGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABRcUAwQB
UOcQAwQBUOeiMA0GCSqGSIb3DQEBCwUAA4IBAQC2XIO9LjjI2Js7QFZwcI0vN47T
PeB7LaoYuHtZyZlJfTemwVeTHhwKEII2s5lJjYF1VBR0QyTQM1ARVVYyfd+mRGgq
7Bqjx+0WoOKLmjkrhoA6Ff0gkbn6Hpy8kM41hDen8DqGBP6GNK6ua9ojDdgyXGNQ
J4hJ5afIbGBoesPZ5T5+jW99rVBJBNIooZy7qmmJnTNK+lsGN4jZK0jLZrZNabWi
mh1mOWTMv6phXQWCAKpc3aAYWHFSsodqtAGb2APs5OxFaY9gquFcdx/2p6xYeqsU
R1yb9JC3X4+mQjyhbcbdsvfDnJGxPzxmagtxzbF6N2DZ6FUuv2vYJHbONkMT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:20 2025 by rpki-client on console.sobornost.net