Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/RDMJmsptAt79z1bZNxCRYGoDbOA.roa
File: RDMJmsptAt79z1bZNxCRYGoDbOA.roa (raw, json)
Hash identifier: psHiDB3pvgN7EOgCxCvfgOl6kkNmShVGm0R8glPdahE=
Subject key identifier: 44:33:09:9A:CA:6D:02:DE:FD:CF:56:D9:37:10:91:60:6A:03:6C:E0
Certificate issuer: /CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Certificate serial: 019424B3F530DDAC2FBC1046109E8F869166
Authority key identifier: A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/RDMJmsptAt79z1bZNxCRYGoDbOA.roa
Signing time: Thu 02 Jan 2025 01:49:20 +0000
ROA not before: Thu 02 Jan 2025 01:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197883
IP address blocks: 80.73.241.0/24 maxlen: 24
94.154.119.0/24 maxlen: 24
176.57.240.0/24 maxlen: 24
176.57.241.0/24 maxlen: 24
176.57.242.0/24 maxlen: 24
176.57.243.0/24 maxlen: 24
176.57.244.0/24 maxlen: 24
176.57.245.0/24 maxlen: 24
176.57.246.0/24 maxlen: 24
176.57.247.0/24 maxlen: 24
176.97.207.0/24 maxlen: 24
185.8.144.0/24 maxlen: 24
185.8.145.0/24 maxlen: 24
185.8.146.0/24 maxlen: 24
185.8.147.0/24 maxlen: 24
185.136.40.0/24 maxlen: 24
185.136.41.0/24 maxlen: 24
185.136.42.0/24 maxlen: 24
185.136.43.0/24 maxlen: 24
194.53.4.0/24 maxlen: 24
194.53.5.0/24 maxlen: 24
194.53.6.0/24 maxlen: 24
194.53.7.0/24 maxlen: 24
195.96.152.0/24 maxlen: 24
195.137.186.0/24 maxlen: 24
195.137.188.0/24 maxlen: 24
195.138.220.0/24 maxlen: 24
195.144.23.0/24 maxlen: 24
2a01:9d80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f5:30:dd:ac:2f:bc:10:46:10:9e:8f:86:91:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Validity
Not Before: Jan 2 01:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4433099aca6d02defdcf56d9371091606a036ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:49:69:1f:d1:aa:20:93:8c:e4:5d:a6:ac:25:
ba:01:fa:1f:79:67:ad:a5:26:29:71:d5:cf:bd:33:
b2:97:23:33:55:3e:0d:e0:ce:28:43:be:b6:1c:7d:
08:c5:5d:0b:98:0c:e8:92:37:64:34:91:e5:04:c4:
47:10:cc:2a:1a:f7:d4:1c:06:bf:63:0c:e1:c0:ca:
c3:0f:98:c8:e3:2a:95:21:35:b6:c5:0a:c6:5c:a3:
04:f3:27:02:6f:96:2e:5f:d0:d5:35:02:fa:a6:07:
72:dd:2d:cc:ec:11:1f:97:32:0e:9f:c7:5e:99:37:
04:5a:c4:af:73:2b:13:f8:73:7b:2f:a2:ed:53:b6:
c7:78:52:15:40:a2:80:99:a4:2a:5f:5d:f7:23:e1:
2c:3e:8e:58:f4:ca:5a:3b:2b:d6:bd:7f:ad:03:b0:
bf:e5:eb:e9:30:a3:ea:8c:c2:86:6a:0c:86:c6:9c:
48:9f:de:db:6d:58:ff:e0:ac:83:cb:01:3b:b9:4b:
16:ef:a7:3d:77:85:1e:39:1b:43:2d:89:63:ba:b8:
63:ea:72:74:5b:f1:eb:ba:86:f4:96:b9:d6:48:d7:
90:93:42:7b:9f:c9:8b:07:37:23:45:0e:d6:e1:cf:
88:78:8c:ea:21:e7:cc:a1:8a:37:70:b4:fd:b7:5b:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:33:09:9A:CA:6D:02:DE:FD:CF:56:D9:37:10:91:60:6A:03:6C:E0
X509v3 Authority Key Identifier:
keyid:A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/RDMJmsptAt79z1bZNxCRYGoDbOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.241.0/24
94.154.119.0/24
176.57.240.0/21
176.97.207.0/24
185.8.144.0/22
185.136.40.0/22
194.53.4.0/22
195.96.152.0/24
195.137.186.0/24
195.137.188.0/24
195.138.220.0/24
195.144.23.0/24
IPv6:
2a01:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
35:72:19:b5:ee:1f:7a:22:e1:4f:4e:b8:fb:04:fe:18:7a:42:
2a:4c:bb:6e:90:26:a0:07:50:76:6e:02:1b:b2:d4:3a:bc:6a:
78:e7:11:9e:86:51:00:36:88:23:e1:58:62:6b:16:0b:00:d9:
c8:05:13:9a:10:bb:e1:41:04:dd:2c:2b:74:cf:d5:95:b8:11:
8f:70:5a:a7:c7:79:fc:4d:b8:c9:cb:18:e3:8b:46:47:8b:11:
f3:7b:d5:7f:37:30:26:fe:5c:69:6e:54:b1:ab:23:08:2a:12:
70:51:a5:b5:59:2d:82:9c:bd:81:bb:b9:53:19:4f:b0:d7:b0:
b9:dd:02:85:3b:47:3c:a2:0e:2d:e8:19:f4:30:ab:12:85:ff:
bc:5b:95:8e:90:b9:06:bb:3b:e5:a7:78:86:0c:16:cd:e8:eb:
29:b5:68:39:ce:b6:65:d6:6f:78:4f:f5:52:43:a1:2f:bd:ee:
2c:a2:01:d7:f9:06:33:27:1b:03:7e:91:ad:0e:9d:c1:11:b1:
e2:66:e9:b8:de:11:86:7f:69:28:c0:13:d9:c1:78:57:bb:98:
50:1a:a5:ef:fd:43:a1:30:46:3e:b7:35:99:56:c1:8c:88:08:
87:69:b6:6b:7f:21:4d:10:71:ac:b6:4b:e2:59:26:ed:2e:60:
3d:1c:cb:77
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQks/Uw3awvvBBGEJ6PhpFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGNiNGI4ZDU2OTQ3NzUxMmNlNTc4ODViYTZhMjg5OGZi
YzJkOTUwHhcNMjUwMTAyMDE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDMzMDk5YWNhNmQwMmRlZmRjZjU2ZDkzNzEwOTE2MDZhMDM2Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwElpH9GqIJOM5F2mrCW6AfofeWet
pSYpcdXPvTOylyMzVT4N4M4oQ762HH0IxV0LmAzokjdkNJHlBMRHEMwqGvfUHAa/
YwzhwMrDD5jI4yqVITW2xQrGXKME8ycCb5YuX9DVNQL6pgdy3S3M7BEflzIOn8de
mTcEWsSvcysT+HN7L6LtU7bHeFIVQKKAmaQqX133I+EsPo5Y9MpaOyvWvX+tA7C/
5evpMKPqjMKGagyGxpxIn97bbVj/4KyDywE7uUsW76c9d4UeORtDLYljurhj6nJ0
W/Hruob0lrnWSNeQk0J7n8mLBzcjRQ7W4c+IeIzqIefMoYo3cLT9t1sshwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEQzCZrKbQLe/c9W2TcQkWBqA2zgMB8GA1UdIwQY
MBaAFKAMtLjVaUd1Es5XiFumoomPvC2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUt
MThjNzBlYmY2ODFhLzEvUkRNSm1zcHRBdDc5ejFiWk54Q1JZR29EYk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUtMThjNzBlYmY2ODFh
LzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAUEnxAwQA
Xpp3AwQDsDnwAwQAsGHPAwQCuQiQAwQCuYgoAwQCwjUEAwQAw2CYAwQAw4m6AwQA
w4m8AwQAw4rcAwQAw5AXMA0EAgACMAcDBQAqAZ2AMA0GCSqGSIb3DQEBCwUAA4IB
AQA1chm17h96IuFPTrj7BP4YekIqTLtukCagB1B2bgIbstQ6vGp45xGehlEANogj
4VhiaxYLANnIBROaELvhQQTdLCt0z9WVuBGPcFqnx3n8TbjJyxjji0ZHixHze9V/
NzAm/lxpblSxqyMIKhJwUaW1WS2CnL2Bu7lTGU+w17C53QKFO0c8og4t6Bn0MKsS
hf+8W5WOkLkGuzvlp3iGDBbN6OsptWg5zrZl1m94T/VSQ6Evve4sogHX+QYzJxsD
fpGtDp3BEbHiZum43hGGf2kowBPZwXhXu5hQGqXv/UOhMEY+tzWZVsGMiAiHabZr
fyFNEHGstkviWSbtLmA9HMt3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:23 2025 by rpki-client on console.sobornost.net