Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/IeYSfMoEUOpL9zvYa7nI3z9IUtk.roa
File: IeYSfMoEUOpL9zvYa7nI3z9IUtk.roa (raw, json)
Hash identifier: Jx4O2YZjJ11KtiwcsJQSqlxvszabRiJ7Q1v0Y4B3N6Y=
Subject key identifier: 21:E6:12:7C:CA:04:50:EA:4B:F7:3B:D8:6B:B9:C8:DF:3F:48:52:D9
Certificate issuer: /CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Certificate serial: 01942143D85EBF84B72BA64DD31D276A2335
Authority key identifier: 13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/IeYSfMoEUOpL9zvYa7nI3z9IUtk.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 692
IP address blocks: 64.224.12.0/22 maxlen: 22
185.101.140.0/22 maxlen: 22
185.178.20.0/22 maxlen: 22
193.41.58.0/24 maxlen: 24
2a10:5940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d8:5e:bf:84:b7:2b:a6:4d:d3:1d:27:6a:23:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21e6127cca0450ea4bf73bd86bb9c8df3f4852d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1a:f0:6b:35:d9:bf:fe:e4:d2:0a:74:d5:e7:
66:46:71:97:62:a2:2d:c1:7d:b0:f3:b3:e0:87:6e:
7b:6d:00:45:0f:42:9d:63:48:7a:fc:0e:6e:7f:5c:
1f:6f:97:4e:a7:0c:d7:43:ac:8a:49:8c:56:aa:8d:
d8:9a:c3:13:e4:65:5c:bb:be:1c:5b:21:90:7e:a0:
d2:39:fe:76:63:6f:d9:84:70:e9:b7:44:b3:47:3d:
35:c3:15:23:6f:47:83:08:ed:95:a0:25:d0:aa:8e:
ad:ba:a4:3d:3d:00:c4:b6:13:7a:ba:52:dd:e2:30:
81:46:74:fc:68:96:c3:f4:20:51:00:fe:7d:be:2e:
fa:27:ae:3d:e8:f5:02:81:c1:04:aa:55:5f:c1:a9:
5e:44:56:1c:79:02:35:2e:e2:ce:51:7b:93:bc:a8:
69:47:60:be:0c:e9:30:31:c9:72:df:d9:2d:76:bf:
38:8b:a9:40:a1:14:5e:6b:d9:68:22:11:c1:7b:36:
a0:82:18:9a:ad:3e:46:af:db:c7:00:d3:a4:5d:d1:
61:93:2c:73:42:f4:e8:7f:bd:de:09:65:e5:cf:8c:
ae:38:c2:e3:b6:f0:75:37:af:cc:77:4e:d1:65:fe:
4f:23:42:76:ea:8f:e6:44:60:e6:57:9b:d9:7c:d3:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E6:12:7C:CA:04:50:EA:4B:F7:3B:D8:6B:B9:C8:DF:3F:48:52:D9
X509v3 Authority Key Identifier:
keyid:13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/IeYSfMoEUOpL9zvYa7nI3z9IUtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.224.12.0/22
185.101.140.0/22
185.178.20.0/22
193.41.58.0/24
IPv6:
2a10:5940::/29
Signature Algorithm: sha256WithRSAEncryption
36:ea:52:f9:43:0f:07:ed:7d:b7:1f:c0:b2:8e:5a:fb:1c:b3:
8c:70:2a:25:c8:88:d5:0a:67:8f:f2:75:51:a1:7d:b1:5a:c7:
e2:61:2f:08:d1:60:24:f6:7a:a7:c6:6c:90:cf:68:7b:43:e5:
0a:29:20:39:8e:0f:33:ab:a1:a7:78:ae:53:5d:3f:75:b8:9f:
4f:b8:0d:e9:3d:42:8f:37:2c:64:df:ca:56:f5:b2:c7:e4:b1:
a2:3d:6e:91:25:bf:e7:c6:7f:59:ee:cb:3a:20:f4:85:98:91:
ac:c2:e5:2e:16:a4:0e:84:80:d3:a3:18:2d:d5:10:19:77:35:
d0:d3:cc:ac:c5:fc:e3:f0:2e:e1:ef:01:4e:21:16:36:df:ea:
e2:87:ab:11:4b:63:fe:28:cf:27:02:fb:18:50:1f:98:d9:69:
c1:d8:dc:40:39:76:2a:27:6f:d8:aa:8a:4e:a3:e7:ae:2a:6b:
39:8c:e2:c2:04:af:ab:63:9b:cb:01:ee:37:5b:3b:45:a4:f9:
23:ce:63:88:55:9b:a0:2c:89:c1:b3:af:b2:48:df:7b:71:d7:
fc:3a:f5:00:42:88:7d:3f:a7:e0:33:ac:41:ac:39:bd:d0:75:
33:fe:29:d6:09:8c:8d:e2:60:ae:33:d8:53:3b:f6:ee:44:1f:
ee:ce:f7:6d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhQ9hev4S3K6ZN0x0naiM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQzZGFjZTg2NjM0NDdlZTQ3MjU1MjBkNzhjNTRhYjdi
OTlhZDQwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU2MTI3Y2NhMDQ1MGVhNGJmNzNiZDg2YmI5YzhkZjNmNDg1MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xrwazXZv/7k0gp01edmRnGXYqIt
wX2w87Pgh257bQBFD0KdY0h6/A5uf1wfb5dOpwzXQ6yKSYxWqo3YmsMT5GVcu74c
WyGQfqDSOf52Y2/ZhHDpt0SzRz01wxUjb0eDCO2VoCXQqo6tuqQ9PQDEthN6ulLd
4jCBRnT8aJbD9CBRAP59vi76J6496PUCgcEEqlVfwaleRFYceQI1LuLOUXuTvKhp
R2C+DOkwMcly39ktdr84i6lAoRRea9loIhHBezagghiarT5Gr9vHANOkXdFhkyxz
QvTof73eCWXlz4yuOMLjtvB1N6/Md07RZf5PI0J26o/mRGDmV5vZfNP1SQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCHmEnzKBFDqS/c72Gu5yN8/SFLZMB8GA1UdIwQY
MBaAFBO0PazoZjRH7kclUg14xUq3uZrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMt
MmI0YTI3MTQyMTRhLzEvSWVZU2ZNb0VVT3BMOXp2WWE3bkkzejlJVXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMtMmI0YTI3MTQyMTRh
LzEvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCQOAMAwQC
uWWMAwQCubIUAwQAwSk6MA0EAgACMAcDBQMqEFlAMA0GCSqGSIb3DQEBCwUAA4IB
AQA26lL5Qw8H7X23H8Cyjlr7HLOMcColyIjVCmeP8nVRoX2xWsfiYS8I0WAk9nqn
xmyQz2h7Q+UKKSA5jg8zq6GneK5TXT91uJ9PuA3pPUKPNyxk38pW9bLH5LGiPW6R
Jb/nxn9Z7ss6IPSFmJGswuUuFqQOhIDToxgt1RAZdzXQ08ysxfzj8C7h7wFOIRY2
3+rih6sRS2P+KM8nAvsYUB+Y2WnB2NxAOXYqJ2/YqopOo+euKms5jOLCBK+rY5vL
Ae43WztFpPkjzmOIVZugLInBs6+ySN97cdf8OvUAQoh9P6fgM6xBrDm90HUz/inW
CYyN4mCuM9hTO/buRB/uzvdt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net