Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PwrQGIiQo2oQLGMofsy9NAulZOw.roa
File: PwrQGIiQo2oQLGMofsy9NAulZOw.roa (raw, json)
Hash identifier: hq8SRr3d4IpSTQOcetxXA4f2f+wVNAp0cl14XJ4GrEw=
Subject key identifier: 3F:0A:D0:18:88:90:A3:6A:10:2C:63:28:7E:CC:BD:34:0B:A5:64:EC
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019420D619828CD2E5A4AF9D604BD0A0E128
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PwrQGIiQo2oQLGMofsy9NAulZOw.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57136
IP address blocks: 89.33.20.0/24 maxlen: 24
89.33.21.0/24 maxlen: 24
89.33.22.0/24 maxlen: 24
89.33.23.0/24 maxlen: 24
89.33.120.0/24 maxlen: 24
89.33.121.0/24 maxlen: 24
89.33.122.0/24 maxlen: 24
89.33.123.0/24 maxlen: 24
89.33.124.0/24 maxlen: 24
89.33.125.0/24 maxlen: 24
89.33.126.0/24 maxlen: 24
89.33.127.0/24 maxlen: 24
2a05:b680:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:19:82:8c:d2:e5:a4:af:9d:60:4b:d0:a0:e1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f0ad0188890a36a102c63287eccbd340ba564ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:f1:6d:27:e1:de:71:b0:f9:4f:97:3c:7c:
ce:e0:12:0b:b8:62:8e:91:0a:39:d5:53:c7:c0:74:
6a:88:52:44:f4:2a:83:f0:f4:c4:1b:8e:8a:e3:e3:
4e:83:db:0b:cc:b0:e2:64:dd:65:e4:07:00:61:d4:
9a:bc:a6:02:67:48:a1:f7:8f:ce:99:40:76:6b:55:
e9:4a:25:65:ec:57:ec:1f:31:cd:d5:09:92:9c:cc:
9f:e0:2e:43:9d:6e:3c:21:9c:1f:6b:3d:11:c1:ac:
8a:26:46:b7:ce:a6:d3:3b:bd:61:63:2b:3b:cf:30:
be:d4:38:5c:b4:79:ee:65:56:fd:bf:fd:b3:e4:f0:
e3:74:d6:2e:e1:a9:40:93:99:9a:0a:cc:30:28:a9:
fe:9a:de:ae:58:8e:f3:bd:98:d1:1b:73:52:6a:c9:
cb:58:65:08:16:3e:f3:ac:3c:35:67:be:1f:89:44:
d5:68:da:1c:ee:4a:30:be:ed:e5:d2:97:2b:dd:ae:
da:7f:47:b7:c1:18:d9:bb:4c:71:54:b4:5e:a3:25:
08:a7:86:33:07:08:a2:8d:30:cb:af:4a:01:ac:7b:
98:10:f8:b5:09:93:4d:33:2e:e3:d1:c2:ee:22:12:
79:8e:1f:32:58:05:1b:50:8a:41:5d:61:3f:90:bf:
b3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0A:D0:18:88:90:A3:6A:10:2C:63:28:7E:CC:BD:34:0B:A5:64:EC
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PwrQGIiQo2oQLGMofsy9NAulZOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.20.0/22
89.33.120.0/21
IPv6:
2a05:b680:9::/48
Signature Algorithm: sha256WithRSAEncryption
48:23:93:af:cd:8c:ca:b7:fd:d5:a8:d4:7e:08:03:8d:9f:44:
9b:79:da:87:3c:9e:39:72:64:03:8a:87:02:13:12:b0:12:ff:
06:2d:73:5b:c8:a8:37:2e:3b:51:c6:80:00:6b:48:0e:00:8e:
ea:a6:bf:f2:f8:e5:a6:0d:30:0c:e9:1c:fb:d0:fd:bf:4e:59:
ec:27:0d:56:02:05:99:56:fd:44:4a:44:f2:eb:bd:bf:ae:a9:
f2:cc:5f:c2:ab:26:6a:ed:97:ea:d0:f7:a8:86:b1:6e:f4:50:
a2:a1:60:0b:15:74:a9:b8:d6:85:fa:3f:ce:5b:1b:72:f6:80:
af:7d:31:46:be:6d:b5:65:0e:d2:74:08:cf:99:f5:4c:70:de:
ba:0d:a7:a1:9c:9b:93:82:57:54:e3:b5:da:8f:c7:16:cd:2e:
cc:4b:8e:6e:9a:8e:75:5d:6c:65:df:ff:a8:50:96:10:33:02:
99:a0:46:3d:43:66:99:43:13:19:2a:9b:82:92:b0:e5:ce:da:
b0:83:ac:d6:49:30:8b:3a:70:39:19:98:99:f5:1d:4e:ed:6b:
ac:d4:dd:1d:04:16:4d:a0:c8:c6:f8:f1:44:79:7c:d5:e1:9b:
0a:da:42:7c:5e:7f:c1:3f:21:51:8e:da:08:67:8f:96:aa:30:
11:53:8b:04
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQg1hmCjNLlpK+dYEvQoOEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBhZDAxODg4OTBhMzZhMTAyYzYzMjg3ZWNjYmQzNDBiYTU2NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqzxbSfh3nGw+U+XPHzO4BILuGKO
kQo51VPHwHRqiFJE9CqD8PTEG46K4+NOg9sLzLDiZN1l5AcAYdSavKYCZ0ih94/O
mUB2a1XpSiVl7FfsHzHN1QmSnMyf4C5DnW48IZwfaz0RwayKJka3zqbTO71hYys7
zzC+1DhctHnuZVb9v/2z5PDjdNYu4alAk5maCswwKKn+mt6uWI7zvZjRG3NSasnL
WGUIFj7zrDw1Z74fiUTVaNoc7kowvu3l0pcr3a7af0e3wRjZu0xxVLReoyUIp4Yz
BwiijTDLr0oBrHuYEPi1CZNNMy7j0cLuIhJ5jh8yWAUbUIpBXWE/kL+zmQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD8K0BiIkKNqECxjKH7MvTQLpWTsMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUHdyUUdJaVFvMm9RTEdNb2ZzeTlOQXVsWk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCWSEUAwQD
WSF4MA8EAgACMAkDBwAqBbaAAAkwDQYJKoZIhvcNAQELBQADggEBAEgjk6/NjMq3
/dWo1H4IA42fRJt52oc8njlyZAOKhwITErAS/wYtc1vIqDcuO1HGgABrSA4Ajuqm
v/L45aYNMAzpHPvQ/b9OWewnDVYCBZlW/URKRPLrvb+uqfLMX8KrJmrtl+rQ96iG
sW70UKKhYAsVdKm41oX6P85bG3L2gK99MUa+bbVlDtJ0CM+Z9Uxw3roNp6Gcm5OC
V1TjtdqPxxbNLsxLjm6ajnVdbGXf/6hQlhAzApmgRj1DZplDExkqm4KSsOXO2rCD
rNZJMIs6cDkZmJn1HU7ta6zU3R0EFk2gyMb48UR5fNXhmwraQnxef8E/IVGO2ghn
j5aqMBFTiwQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:33 2025 by rpki-client on console.sobornost.net