Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/SpsqNCwISL1D7YWDs8MOUK4XUcQ.roa
File: SpsqNCwISL1D7YWDs8MOUK4XUcQ.roa (raw, json)
Hash identifier: VKTdP32emCO1Alc2phplZ6z5V0MT3UL3VXfP0BBA76I=
Subject key identifier: 4A:9B:2A:34:2C:08:48:BD:43:ED:85:83:B3:C3:0E:50:AE:17:51:C4
Certificate issuer: /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial: 01960F4C7100EF8EACA6BC49E8F4735DF0E0
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/SpsqNCwISL1D7YWDs8MOUK4XUcQ.roa
Signing time: Mon 07 Apr 2025 08:09:49 +0000
ROA not before: Mon 07 Apr 2025 08:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42184
IP address blocks: 45.82.124.0/22 maxlen: 24
91.190.224.0/21 maxlen: 24
178.251.8.0/21 maxlen: 24
185.64.168.0/22 maxlen: 24
185.143.168.0/22 maxlen: 24
185.153.140.0/22 maxlen: 24
188.64.248.0/21 maxlen: 24
194.15.152.0/22 maxlen: 24
2a02:f08::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:4c:71:00:ef:8e:ac:a6:bc:49:e8:f4:73:5d:f0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Validity
Not Before: Apr 7 08:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a9b2a342c0848bd43ed8583b3c30e50ae1751c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ee:80:81:a3:fb:fa:73:80:ce:9d:49:4d:a4:
fd:1d:00:85:98:38:78:e4:c4:18:56:97:17:8e:6c:
ae:f6:43:43:d4:79:6a:e2:5b:75:e0:b0:07:60:f3:
0a:9c:24:8c:a8:cd:0e:03:7c:10:03:d3:c5:8b:f5:
8b:9e:b8:ef:ef:7a:a2:e6:f9:4a:8a:a4:a3:23:01:
68:fc:f3:32:56:4a:27:77:a6:53:2f:25:62:aa:5f:
88:f1:64:59:1d:28:f5:10:2c:f4:ab:6e:06:48:77:
c2:2a:ec:61:08:04:bb:73:ae:82:ed:b6:9e:98:3e:
80:96:87:90:a2:6e:4f:39:73:f2:b5:ee:18:66:65:
6b:9a:f9:a8:82:70:fb:ee:0c:2a:01:8e:86:c4:0d:
c9:6d:22:d7:02:12:63:ae:0d:37:40:3b:9c:a0:4c:
10:09:85:ff:06:4e:a5:45:7a:aa:45:43:b2:eb:73:
af:82:0c:b6:a8:2c:e8:c0:bc:97:2a:df:bb:9d:47:
4b:c8:93:b1:6b:ff:00:da:be:47:2a:6b:0e:6c:3e:
bd:e3:61:77:bf:ba:88:3d:e5:e8:86:86:01:fa:ec:
a8:1e:0f:f0:e6:97:d9:43:f3:95:eb:6b:7a:7b:4b:
fc:ee:03:8c:d2:43:16:2b:42:29:43:0b:f2:1a:ce:
a5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9B:2A:34:2C:08:48:BD:43:ED:85:83:B3:C3:0E:50:AE:17:51:C4
X509v3 Authority Key Identifier:
keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/SpsqNCwISL1D7YWDs8MOUK4XUcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.124.0/22
91.190.224.0/21
178.251.8.0/21
185.64.168.0/22
185.143.168.0/22
185.153.140.0/22
188.64.248.0/21
194.15.152.0/22
IPv6:
2a02:f08::/32
Signature Algorithm: sha256WithRSAEncryption
1d:61:65:31:65:54:b0:4c:60:f5:5c:b3:26:2e:86:33:21:ff:
f8:bc:40:08:8e:aa:82:bc:40:5c:e9:7c:49:48:a7:9a:be:65:
2c:11:72:69:76:48:33:24:89:79:31:ec:ec:7d:1c:4a:2b:9a:
cc:41:04:0f:81:9a:39:ca:1a:91:0a:82:28:63:1c:44:1d:ef:
09:34:cc:38:ad:96:56:f9:57:a4:00:2e:9f:3b:3f:78:8a:94:
d2:35:bf:c2:5f:21:c9:a1:91:3b:08:18:1d:18:7b:14:9b:c7:
d3:ea:49:39:af:dc:d2:f2:20:2c:8b:0b:9e:96:16:ea:7e:fc:
50:df:a5:80:9b:3f:d0:1d:ab:ef:d0:b9:2c:e0:f3:32:80:d8:
b6:11:11:f5:1c:02:22:66:0e:36:b2:23:ba:59:10:64:31:0f:
45:c7:20:62:3e:79:48:b1:70:ba:d3:8b:94:b9:a9:00:f4:40:
0f:eb:49:2d:b4:6c:cc:29:a4:1b:70:94:da:e7:7d:4a:de:2b:
62:0e:8d:ec:3b:2e:88:81:d4:cc:d7:3f:5b:7c:16:e0:47:9f:
c8:f3:8e:2e:e1:46:93:ad:5d:d6:7d:08:47:9d:81:de:58:8a:
4a:85:5b:ff:ce:10:80:91:35:af:1c:ca:14:29:61:73:dd:05:
04:49:07:d3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZYPTHEA746sprxJ6PRzXfDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZmNTRlYTliMTVhOGJkNGYzMzgyNTM4NmNiMjc3YjAz
NDM5ZGQwHhcNMjUwNDA3MDgwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTliMmEzNDJjMDg0OGJkNDNlZDg1ODNiM2MzMGU1MGFlMTc1MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+6AgaP7+nOAzp1JTaT9HQCFmDh4
5MQYVpcXjmyu9kND1Hlq4lt14LAHYPMKnCSMqM0OA3wQA9PFi/WLnrjv73qi5vlK
iqSjIwFo/PMyVkond6ZTLyViql+I8WRZHSj1ECz0q24GSHfCKuxhCAS7c66C7bae
mD6AloeQom5POXPyte4YZmVrmvmognD77gwqAY6GxA3JbSLXAhJjrg03QDucoEwQ
CYX/Bk6lRXqqRUOy63Ovggy2qCzowLyXKt+7nUdLyJOxa/8A2r5HKmsObD6942F3
v7qIPeXohoYB+uyoHg/w5pfZQ/OV62t6e0v87gOM0kMWK0IpQwvyGs6lKQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEqbKjQsCEi9Q+2Fg7PDDlCuF1HEMB8GA1UdIwQY
MBaAFLO29U6psVqL1PM4JThssnewNDndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUt
MmY0NmU5MzE3Y2M2LzEvU3BzcU5Dd0lTTDFEN1lXRHM4TU9VSzRYVWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUtMmY0NmU5MzE3Y2M2
LzEvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLVJ8AwQD
W77gAwQDsvsIAwQCuUCoAwQCuY+oAwQCuZmMAwQDvED4AwQCwg+YMA0EAgACMAcD
BQAqAg8IMA0GCSqGSIb3DQEBCwUAA4IBAQAdYWUxZVSwTGD1XLMmLoYzIf/4vEAI
jqqCvEBc6XxJSKeavmUsEXJpdkgzJIl5MezsfRxKK5rMQQQPgZo5yhqRCoIoYxxE
He8JNMw4rZZW+VekAC6fOz94ipTSNb/CXyHJoZE7CBgdGHsUm8fT6kk5r9zS8iAs
iwuelhbqfvxQ36WAmz/QHavv0Lks4PMygNi2ERH1HAIiZg42siO6WRBkMQ9FxyBi
PnlIsXC604uUuakA9EAP60kttGzMKaQbcJTa531K3itiDo3sOy6IgdTM1z9bfBbg
R5/I844u4UaTrV3WfQhHnYHeWIpKhVv/zhCAkTWvHMoUKWFz3QUESQfT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net