Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/clP1LLso4z020v4QpmTmPRbZSto.roa
File: clP1LLso4z020v4QpmTmPRbZSto.roa (raw, json)
Hash identifier: lQLaEJcBPi63juWNagsHVyBgAJjdQuoynWou1IAm/GM=
Subject key identifier: 72:53:F5:2C:BB:28:E3:3D:36:D2:FE:10:A6:64:E6:3D:16:D9:4A:DA
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 0196257E5A2C63208E3CFA9EA836EA3D4C28
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/clP1LLso4z020v4QpmTmPRbZSto.roa
Signing time: Fri 11 Apr 2025 15:35:59 +0000
ROA not before: Fri 11 Apr 2025 15:35:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 79.120.220.0/24 maxlen: 24
81.0.120.0/24 maxlen: 24
82.141.139.0/24 maxlen: 24
91.82.105.0/24 maxlen: 24
195.184.27.0/24 maxlen: 24
212.24.176.0/24 maxlen: 24
213.253.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:25:7e:5a:2c:63:20:8e:3c:fa:9e:a8:36:ea:3d:4c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Apr 11 15:35:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7253f52cbb28e33d36d2fe10a664e63d16d94ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:09:ad:d8:3f:20:8c:ad:86:a0:15:e4:4b:5b:
32:c4:50:cb:66:66:22:d8:4c:02:09:9e:e9:a8:7c:
c6:7c:e1:b9:26:1f:c6:72:00:35:a5:68:25:94:12:
ec:b4:f8:29:a3:71:e0:23:0e:65:39:45:21:53:49:
d8:7e:24:13:e3:23:09:a4:fc:bd:da:55:01:70:5d:
7b:83:55:95:7c:d3:32:c1:65:b7:b3:34:69:0e:f9:
e6:cd:d3:aa:3f:b3:03:ee:4a:61:77:ef:33:ac:44:
35:04:44:c3:ee:03:9a:06:40:9c:50:5a:ca:df:29:
5a:a6:f3:dc:77:0d:cc:c2:9e:f3:f9:43:14:cc:8f:
14:fb:0b:e2:85:db:7a:99:e0:4a:70:70:da:d0:43:
04:85:6f:2b:eb:5a:17:e2:6f:d5:91:90:40:d5:2c:
ed:c9:82:3f:67:aa:fa:cc:ab:a9:e8:49:58:3b:12:
07:8f:8e:ab:59:50:b1:0c:6b:f7:6b:3c:d6:e4:77:
fa:bd:ed:ba:b1:5d:7b:93:22:a4:20:d4:d7:a2:a7:
4f:f9:6b:ca:e5:84:6c:c7:7a:f8:7b:36:2c:ff:15:
2d:25:df:e8:3e:40:a5:aa:1b:9b:b1:eb:d9:e5:bb:
0b:07:da:ff:ff:7c:bf:07:b1:1e:37:c8:65:0e:db:
3c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:53:F5:2C:BB:28:E3:3D:36:D2:FE:10:A6:64:E6:3D:16:D9:4A:DA
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/clP1LLso4z020v4QpmTmPRbZSto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.120.220.0/24
81.0.120.0/24
82.141.139.0/24
91.82.105.0/24
195.184.27.0/24
212.24.176.0/24
213.253.215.0/24
Signature Algorithm: sha256WithRSAEncryption
85:19:29:a5:f9:84:08:4c:b9:5c:8b:69:72:f4:3d:a8:1d:09:
e0:d3:30:c3:07:88:fd:28:39:02:ad:ae:1b:5a:60:05:39:07:
45:01:3e:34:e3:e2:f8:a0:83:6b:7c:7b:b4:6c:5f:fa:71:7c:
34:cc:94:6e:34:4e:d6:89:4c:5a:32:92:db:a3:c3:01:20:22:
0e:f7:ad:f8:0d:32:de:91:35:87:70:00:1d:98:c6:6b:a2:32:
a3:e0:1d:16:e4:b0:b2:72:49:15:16:25:5e:d4:e0:70:9d:cc:
84:cf:ba:81:b3:57:76:f7:f2:a2:a7:d7:fb:49:b0:84:47:aa:
fa:61:72:74:40:76:19:76:61:98:97:77:a7:a0:83:ab:97:45:
af:41:ed:19:bd:5e:78:38:03:b0:c8:34:b8:97:6b:bd:2c:b9:
79:93:ae:14:c8:d9:a9:32:22:68:de:c1:9f:e4:06:c8:38:71:
7c:78:c0:65:62:bf:91:bf:34:0d:de:f2:4e:91:b7:bb:03:58:
9a:91:bb:03:15:48:ca:d8:69:c6:63:a2:52:c7:2a:68:5c:50:
a9:ec:06:09:50:b3:45:0d:02:99:b6:13:49:85:6e:d9:0a:71:
fa:06:19:a4:13:bd:18:74:68:d6:9a:6e:ce:48:b9:2f:21:e0:
de:ea:6b:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYlflosYyCOPPqeqDbqPUwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwNDExMTUzNTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUzZjUyY2JiMjhlMzNkMzZkMmZlMTBhNjY0ZTYzZDE2ZDk0YWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQmt2D8gjK2GoBXkS1syxFDLZmYi
2EwCCZ7pqHzGfOG5Jh/GcgA1pWgllBLstPgpo3HgIw5lOUUhU0nYfiQT4yMJpPy9
2lUBcF17g1WVfNMywWW3szRpDvnmzdOqP7MD7kphd+8zrEQ1BETD7gOaBkCcUFrK
3ylapvPcdw3Mwp7z+UMUzI8U+wvihdt6meBKcHDa0EMEhW8r61oX4m/VkZBA1Szt
yYI/Z6r6zKup6ElYOxIHj46rWVCxDGv3azzW5Hf6ve26sV17kyKkINTXoqdP+WvK
5YRsx3r4ezYs/xUtJd/oPkClqhubsevZ5bsLB9r//3y/B7EeN8hlDts8AwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHJT9Sy7KOM9NtL+EKZk5j0W2UraMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvY2xQMUxMc280ejAyMHY0UXBtVG1QUmJaU3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT3jcAwQA
UQB4AwQAUo2LAwQAW1JpAwQAw7gbAwQA1BiwAwQA1f3XMA0GCSqGSIb3DQEBCwUA
A4IBAQCFGSml+YQITLlci2ly9D2oHQng0zDDB4j9KDkCra4bWmAFOQdFAT404+L4
oINrfHu0bF/6cXw0zJRuNE7WiUxaMpLbo8MBICIO9634DTLekTWHcAAdmMZrojKj
4B0W5LCyckkVFiVe1OBwncyEz7qBs1d29/Kip9f7SbCER6r6YXJ0QHYZdmGYl3en
oIOrl0WvQe0ZvV54OAOwyDS4l2u9LLl5k64UyNmpMiJo3sGf5AbIOHF8eMBlYr+R
vzQN3vJOkbe7A1iakbsDFUjK2GnGY6JSxypoXFCp7AYJULNFDQKZthNJhW7ZCnH6
BhmkE70YdGjWmm7OSLkvIeDe6mud
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net