Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/GtdOkOM9wXLcHK98cBkYNS8W9zw.roa
File: GtdOkOM9wXLcHK98cBkYNS8W9zw.roa (raw, json)
Hash identifier: GF5ylgKebPSECkEmJwim/I6Y2VYVvCFtFaHaDSneaLI=
Subject key identifier: 1A:D7:4E:90:E3:3D:C1:72:DC:1C:AF:7C:70:19:18:35:2F:16:F7:3C
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 019541358A57801572DE9B0873BE74915BD1
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/GtdOkOM9wXLcHK98cBkYNS8W9zw.roa
Signing time: Wed 26 Feb 2025 07:43:02 +0000
ROA not before: Wed 26 Feb 2025 07:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51191
IP address blocks: 130.185.104.0/21 maxlen: 21
185.24.68.0/22 maxlen: 22
185.108.216.0/22 maxlen: 22
195.138.240.0/21 maxlen: 21
195.138.241.0/24 maxlen: 24
195.138.244.0/24 maxlen: 24
2a01:4a0:2000::/48 maxlen: 48
2a01:4a0:2001::/48 maxlen: 48
2a01:4a0:2002::/48 maxlen: 48
2a06:4b00::/29 maxlen: 29
2a06:4b01:3300::/48 maxlen: 48
2a06:4b01:3301::/48 maxlen: 48
2a06:4b01:3302::/48 maxlen: 48
2a06:4b01:3303::/48 maxlen: 48
2a06:4b01:3304::/48 maxlen: 48
2a06:4b01:3305::/48 maxlen: 48
2a06:4b01:3306::/48 maxlen: 48
2a06:4b01:3307::/48 maxlen: 48
2a06:4b01:3308::/48 maxlen: 48
2a06:4b01:3309::/48 maxlen: 48
2a06:4b01:330a::/48 maxlen: 48
2a06:4b01:330b::/48 maxlen: 48
2a06:4b01:330c::/48 maxlen: 48
2a06:4b01:330d::/48 maxlen: 48
2a06:4b01:330e::/48 maxlen: 48
2a06:4b01:330f::/48 maxlen: 48
2a06:4b01:3310::/48 maxlen: 48
2a06:4b01:3311::/48 maxlen: 48
2a06:4b01:3312::/48 maxlen: 48
2a06:4b01:3313::/48 maxlen: 48
2a06:4b01:3314::/48 maxlen: 48
2a06:4b01:3315::/48 maxlen: 48
2a06:4b01:3316::/48 maxlen: 48
2a06:4b01:3317::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:35:8a:57:80:15:72:de:9b:08:73:be:74:91:5b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Feb 26 07:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ad74e90e33dc172dc1caf7c701918352f16f73c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:44:7d:b5:f5:4f:3a:99:c3:19:6e:56:ca:e2:
03:fe:ed:e2:50:c3:f0:86:1b:b9:73:3a:ae:49:b5:
dd:53:53:6d:27:be:b7:8f:e9:bb:44:a6:5f:67:89:
aa:9a:45:05:3b:b3:6c:63:e8:72:f8:25:2c:03:3f:
17:b2:d2:83:93:5a:35:16:8a:70:ba:91:35:ec:e1:
26:51:33:15:0e:8b:83:25:71:a7:2c:1b:2d:f2:43:
d2:7c:3b:1a:66:3f:e0:cf:aa:06:5c:6b:0f:ab:ad:
c4:e9:a2:78:b2:e6:67:8e:94:26:76:f0:d1:f1:5b:
70:a0:59:06:49:03:a2:7a:b3:74:e3:b8:c1:64:bf:
54:4e:d3:1b:ca:6a:2c:18:3a:ea:ad:a8:af:c6:46:
61:6e:23:6d:61:c1:37:09:89:6e:86:53:c4:58:b0:
75:f9:f5:ac:dc:b3:cb:ba:33:15:79:15:db:15:02:
f9:7a:fb:ee:65:25:67:9c:41:8b:ea:7f:a7:f9:1b:
34:6c:f9:0a:4c:db:a1:d3:7d:7a:75:e6:86:a3:78:
b5:2e:ba:b5:98:54:4f:a8:41:95:84:07:14:9a:5d:
53:ae:18:2e:2d:94:68:b5:70:82:c6:ca:01:49:04:
4a:fb:0b:1e:2f:3f:00:9e:37:b1:2e:5c:b7:5d:f8:
b7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D7:4E:90:E3:3D:C1:72:DC:1C:AF:7C:70:19:18:35:2F:16:F7:3C
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/GtdOkOM9wXLcHK98cBkYNS8W9zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.104.0/21
185.24.68.0/22
185.108.216.0/22
195.138.240.0/21
IPv6:
2a01:4a0:2000::-2a01:4a0:2002:ffff:ffff:ffff:ffff:ffff
2a06:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
82:51:5b:d2:fe:0a:84:da:81:9f:34:8b:ea:3f:08:4d:12:56:
a1:91:a2:25:82:d6:22:77:11:3d:fb:2a:0d:04:e6:a9:60:d7:
75:4e:96:1c:16:0a:22:a8:94:c4:ed:5b:71:8f:8f:70:34:2e:
bd:0f:11:4f:9a:18:2a:17:37:f6:a0:cd:51:2f:77:1e:fc:f5:
e3:71:df:80:a6:c9:c9:4e:10:0c:8d:b6:15:ce:9a:cc:23:bb:
09:3b:72:99:48:3e:6d:7b:61:d5:01:e0:c9:19:b3:de:b9:1a:
44:97:db:af:91:7c:b9:75:4f:b0:ff:ea:38:fc:82:cb:2b:bf:
c3:e2:17:5e:20:ee:3d:b9:0d:b0:e3:fe:dd:aa:29:8e:01:7b:
3f:b6:28:3d:93:f2:c6:a3:8b:a1:9d:ab:ab:d4:a7:f8:d1:a3:
dd:ca:f2:f1:c1:59:e3:b4:4c:07:95:9e:14:8d:2e:fb:40:e2:
c6:cd:b1:1b:83:be:82:84:77:30:6a:68:5f:df:44:8b:93:8e:
d8:89:c9:a7:3f:6c:12:87:dd:38:5d:fb:8f:d3:46:4d:07:6e:
35:21:4d:cc:d6:e2:e6:13:27:b3:93:70:c4:70:43:d5:04:17:
82:49:a6:9a:2f:93:68:ff:85:e9:47:b5:13:ef:8b:72:19:d8:
db:64:cf:fd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZVBNYpXgBVy3psIc750kVvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwMjI2MDc0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ3NGU5MGUzM2RjMTcyZGMxY2FmN2M3MDE5MTgzNTJmMTZmNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ER9tfVPOpnDGW5WyuID/u3iUMPw
hhu5czquSbXdU1NtJ763j+m7RKZfZ4mqmkUFO7NsY+hy+CUsAz8XstKDk1o1Fopw
upE17OEmUTMVDouDJXGnLBst8kPSfDsaZj/gz6oGXGsPq63E6aJ4suZnjpQmdvDR
8VtwoFkGSQOierN047jBZL9UTtMbymosGDrqraivxkZhbiNtYcE3CYluhlPEWLB1
+fWs3LPLujMVeRXbFQL5evvuZSVnnEGL6n+n+Rs0bPkKTNuh0316deaGo3i1Lrq1
mFRPqEGVhAcUml1TrhguLZRotXCCxsoBSQRK+wseLz8AnjexLly3Xfi3dQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBrXTpDjPcFy3ByvfHAZGDUvFvc8MB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvR3RkT2tPTTl3WExjSEs5OGNCa1lOUzhXOXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAeBAIAATAYAwQDgrloAwQC
uRhEAwQCuWzYAwQDw4rwMCAEAgACMBowEQMGBSoBBKAgAwcAKgEEoCACAwUDKgZL
ADANBgkqhkiG9w0BAQsFAAOCAQEAglFb0v4KhNqBnzSL6j8ITRJWoZGiJYLWIncR
PfsqDQTmqWDXdU6WHBYKIqiUxO1bcY+PcDQuvQ8RT5oYKhc39qDNUS93Hvz143Hf
gKbJyU4QDI22Fc6azCO7CTtymUg+bXth1QHgyRmz3rkaRJfbr5F8uXVPsP/qOPyC
yyu/w+IXXiDuPbkNsOP+3aopjgF7P7YoPZPyxqOLoZ2rq9Sn+NGj3cry8cFZ47RM
B5WeFI0u+0Dixs2xG4O+goR3MGpoX99Ei5OO2InJpz9sEofdOF37j9NGTQduNSFN
zNbi5hMns5NwxHBD1QQXgkmmmi+TaP+F6Ue1E++LchnY22TP/Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net