Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/jkQkzhHIzOVrF_0fWTHIXX9_5I0.roa
File: jkQkzhHIzOVrF_0fWTHIXX9_5I0.roa (raw, json)
Hash identifier: pncVkUUAmmkI3mdScp/gmzGpZATl1M0Wr97+Y7euT/k=
Subject key identifier: 8E:44:24:CE:11:C8:CC:E5:6B:17:FD:1F:59:31:C8:5D:7F:7F:E4:8D
Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Certificate serial: 01942368D24EB3CCC9708727F54C305ED9DD
Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/jkQkzhHIzOVrF_0fWTHIXX9_5I0.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207203
IP address blocks: 45.153.140.0/22 maxlen: 22
45.156.240.0/22 maxlen: 22
45.156.240.0/24 maxlen: 24
185.39.172.0/22 maxlen: 22
185.82.120.0/22 maxlen: 22
185.238.32.0/22 maxlen: 22
193.228.80.0/24 maxlen: 24
193.228.81.0/24 maxlen: 24
193.228.82.0/23 maxlen: 23
2a04:7700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d2:4e:b3:cc:c9:70:87:27:f5:4c:30:5e:d9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e4424ce11c8cce56b17fd1f5931c85d7f7fe48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:68:c9:e5:cf:6f:13:02:2d:64:29:51:ba:c8:
39:f9:91:74:ec:c7:61:95:45:66:68:f8:84:66:3c:
38:ae:4f:01:d6:be:0d:67:a3:10:6f:1d:7a:46:9b:
6a:85:a3:da:d7:00:f6:d9:bc:54:bd:7b:9e:2a:7f:
61:5a:50:23:12:46:2c:3f:3e:4b:3d:cc:1b:aa:6a:
84:13:cf:dc:04:9c:88:ed:4b:60:73:45:e1:17:b4:
fb:83:e5:3f:b9:93:24:46:e7:99:2e:52:05:99:52:
f8:1d:66:17:ce:0d:e4:75:e0:4c:de:9d:eb:5b:06:
8b:ec:65:e0:37:e8:ae:4e:61:09:b6:a3:0a:7f:b3:
88:67:b7:8e:2b:be:ea:d8:db:7a:cd:bd:bf:4d:f2:
40:ac:a1:37:ca:e2:23:a9:95:0e:42:e1:66:d3:35:
e5:dc:5e:56:36:5e:33:fa:63:d3:44:87:38:9b:28:
37:28:fc:bb:b9:09:d8:c3:ec:9f:1f:8f:17:40:91:
25:70:2e:39:c2:24:f4:bb:ca:d4:8c:90:51:1a:8e:
03:48:75:54:b1:3e:4f:e8:b1:9b:37:34:91:dd:d6:
9b:52:d1:90:04:58:31:a0:51:7c:10:76:5d:d5:2f:
d9:c9:e8:a3:32:4e:11:b0:53:a8:6e:26:6c:28:73:
f8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:44:24:CE:11:C8:CC:E5:6B:17:FD:1F:59:31:C8:5D:7F:7F:E4:8D
X509v3 Authority Key Identifier:
keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/jkQkzhHIzOVrF_0fWTHIXX9_5I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.140.0/22
45.156.240.0/22
185.39.172.0/22
185.82.120.0/22
185.238.32.0/22
193.228.80.0/22
IPv6:
2a04:7700::/29
Signature Algorithm: sha256WithRSAEncryption
39:0b:b5:ca:d2:18:0e:0b:c3:ca:01:8c:b0:f1:b7:2c:03:96:
b4:09:e0:ab:18:15:d3:12:82:6d:51:d2:7b:21:01:8f:84:6e:
d9:62:68:a9:91:0a:9d:48:97:1c:b3:80:d9:bf:6b:4e:1c:e0:
e3:bf:36:53:53:13:01:5e:e5:06:35:cd:1a:52:05:d7:ba:07:
e4:a8:c1:10:a7:61:ed:e2:11:53:6f:5e:0b:37:ba:e9:68:e0:
80:da:d6:e5:94:0d:bd:fc:a2:c8:08:2c:eb:1d:a6:61:2c:36:
66:48:8b:7d:93:39:03:76:8c:3c:7c:02:1f:2a:12:50:f7:13:
26:97:00:2e:1c:3c:f2:a4:a0:90:9f:88:ed:9a:51:a3:b4:39:
5d:27:32:64:14:a4:16:f6:00:c2:4b:81:74:56:42:a2:93:71:
42:d3:8f:65:52:a1:e4:d4:22:a9:d4:45:90:6b:3f:0b:93:88:
9f:37:2f:e2:54:84:47:5a:38:1e:4e:2a:52:85:38:74:14:9e:
59:62:67:9f:e6:09:fe:9c:11:4c:16:cc:da:48:38:0f:8b:f7:
91:a9:3a:e1:35:e5:28:52:f8:83:41:3c:e8:41:d4:27:90:20:
29:ea:55:63:8f:92:c0:a0:2d:c4:25:ee:3b:87:a3:d9:fd:40:
cb:85:43:87
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQjaNJOs8zJcIcn9UwwXtndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi
YzY2MDMwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ0MjRjZTExYzhjY2U1NmIxN2ZkMWY1OTMxYzg1ZDdmN2ZlNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmjJ5c9vEwItZClRusg5+ZF07Mdh
lUVmaPiEZjw4rk8B1r4NZ6MQbx16RptqhaPa1wD22bxUvXueKn9hWlAjEkYsPz5L
PcwbqmqEE8/cBJyI7Utgc0XhF7T7g+U/uZMkRueZLlIFmVL4HWYXzg3kdeBM3p3r
WwaL7GXgN+iuTmEJtqMKf7OIZ7eOK77q2Nt6zb2/TfJArKE3yuIjqZUOQuFm0zXl
3F5WNl4z+mPTRIc4myg3KPy7uQnYw+yfH48XQJElcC45wiT0u8rUjJBRGo4DSHVU
sT5P6LGbNzSR3dabUtGQBFgxoFF8EHZd1S/ZyeijMk4RsFOobiZsKHP4twIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFI5EJM4RyMzlaxf9H1kxyF1/f+SNMB8GA1UdIwQY
MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3
LTYxZDczMzNmODU3MC8xL2prUWt6aEhJek9WckZfMGZXVEhJWFg5XzVJMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3
MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQDBAItmYwD
BAItnPADBAK5J6wDBAK5UngDBAK57iADBALB5FAwDQQCAAIwBwMFAyoEdwAwDQYJ
KoZIhvcNAQELBQADggEBADkLtcrSGA4Lw8oBjLDxtywDlrQJ4KsYFdMSgm1R0nsh
AY+EbtliaKmRCp1IlxyzgNm/a04c4OO/NlNTEwFe5QY1zRpSBde6B+SowRCnYe3i
EVNvXgs3uulo4IDa1uWUDb38osgILOsdpmEsNmZIi32TOQN2jDx8Ah8qElD3EyaX
AC4cPPKkoJCfiO2aUaO0OV0nMmQUpBb2AMJLgXRWQqKTcULTj2VSoeTUIqnURZBr
PwuTiJ83L+JUhEdaOB5OKlKFOHQUnlliZ5/mCf6cEUwWzNpIOA+L95GpOuE15ShS
+INBPOhB1CeQICnqVWOPksCgLcQl7juHo9n9QMuFQ4c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net