Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/W8iTYjU2Evc2p5yDOFlKPLpAZr0.roa
File: W8iTYjU2Evc2p5yDOFlKPLpAZr0.roa (raw, json)
Hash identifier: +1HDTD3+F6qn6zfwt9WbeLBT9ppZuriPW/cOhjwp96g=
Subject key identifier: 5B:C8:93:62:35:36:12:F7:36:A7:9C:83:38:59:4A:3C:BA:40:66:BD
Certificate issuer: /CN=9a7004fdbc1d9e3a3c1e7e06591aca4b94b6c2f8
Certificate serial: 0195F15BE000D6862AFAB96317D480811837
Authority key identifier: 9A:70:04:FD:BC:1D:9E:3A:3C:1E:7E:06:59:1A:CA:4B:94:B6:C2:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/W8iTYjU2Evc2p5yDOFlKPLpAZr0.roa
Signing time: Tue 01 Apr 2025 12:38:04 +0000
ROA not before: Tue 01 Apr 2025 12:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8745
IP address blocks: 85.209.188.0/22 maxlen: 22
195.96.224.0/19 maxlen: 19
213.191.192.0/19 maxlen: 19
213.191.221.0/24 maxlen: 24
2a01:8880::/32 maxlen: 32
2a01:8880:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:5b:e0:00:d6:86:2a:fa:b9:63:17:d4:80:81:18:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7004fdbc1d9e3a3c1e7e06591aca4b94b6c2f8
Validity
Not Before: Apr 1 12:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bc89362353612f736a79c8338594a3cba4066bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:b9:b0:89:82:69:18:10:44:45:cc:45:2a:
ff:0f:8d:0e:46:ea:79:49:a9:47:fb:30:07:cc:a2:
3b:62:c1:02:e4:e6:7b:48:53:3e:ab:b5:99:63:09:
6e:bb:53:e6:5f:91:56:49:45:bf:9f:20:42:c1:e1:
9d:17:dd:06:d8:76:d7:e5:75:da:c3:84:66:db:ae:
c5:c0:a1:43:bc:a2:57:c0:06:52:ad:1a:00:d2:e6:
e9:d5:b5:65:36:26:65:8e:f1:7b:3d:dd:b0:da:fb:
26:25:25:5d:0e:5a:95:ab:40:94:4a:a2:47:e5:36:
88:50:44:98:64:08:c1:90:5c:bb:34:69:5b:1b:91:
51:9b:15:16:ab:bd:07:61:86:55:a3:b6:c9:7f:cd:
62:2a:d0:b2:27:2c:28:94:43:ca:51:f1:4a:a2:e1:
57:d4:71:bc:50:58:ce:4a:f4:c9:a6:8d:21:9d:a3:
9d:1d:b3:5b:c3:92:6f:28:18:f0:80:57:70:6a:51:
2a:03:a1:3a:32:f6:2b:8c:02:55:7c:17:1a:9f:64:
48:75:4a:c6:30:05:7f:78:43:7c:cc:01:df:43:b6:
41:91:d5:19:52:64:e7:b1:f2:49:b2:7e:e2:a0:3b:
9c:35:57:16:4f:c9:f5:c5:5b:57:63:93:33:05:81:
a0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C8:93:62:35:36:12:F7:36:A7:9C:83:38:59:4A:3C:BA:40:66:BD
X509v3 Authority Key Identifier:
keyid:9A:70:04:FD:BC:1D:9E:3A:3C:1E:7E:06:59:1A:CA:4B:94:B6:C2:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/W8iTYjU2Evc2p5yDOFlKPLpAZr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.188.0/22
195.96.224.0/19
213.191.192.0/19
IPv6:
2a01:8880::/32
Signature Algorithm: sha256WithRSAEncryption
b1:f3:2c:a0:88:61:01:3a:c1:6c:1d:af:35:3d:37:fb:74:25:
24:b6:5d:10:ff:bd:b9:3e:64:d7:4b:d8:e5:bf:8b:98:bb:07:
a0:43:b8:b4:40:ce:7e:ee:b2:ec:7f:c8:13:73:b8:b6:81:5a:
34:e0:ca:ed:96:08:76:00:7d:24:a8:ed:79:52:db:69:19:dd:
47:2a:69:ae:25:1a:f2:d0:eb:c5:5e:e3:44:24:47:0b:54:89:
f3:0e:2d:3f:67:bb:1f:72:c0:ba:65:91:aa:23:60:6f:cb:da:
0a:0e:b5:69:68:dd:82:16:d0:28:54:6c:b2:00:aa:c4:73:e8:
53:49:49:97:a1:2b:37:b9:39:60:8d:1e:5e:b9:07:4a:d1:fe:
44:f7:94:95:5b:d5:17:81:8c:8a:8e:28:49:aa:ba:d6:ff:6f:
53:07:eb:d5:ac:b1:44:11:df:3d:83:68:10:85:a8:aa:64:6f:
dd:5b:6a:db:33:05:21:aa:c3:44:93:98:1f:ac:4c:5f:ec:6e:
aa:fe:d1:cb:61:e1:e8:07:dd:2c:3d:8a:06:2d:a3:00:f5:38:
91:b9:39:2e:49:fb:7c:e9:79:3e:47:a1:eb:95:67:8f:dd:4a:
bf:6d:41:fa:39:09:c5:c6:aa:78:0e:ea:94:f6:8d:1c:0b:91:
2a:33:5c:7b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZXxW+AA1oYq+rljF9SAgRg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzAwNGZkYmMxZDllM2EzYzFlN2UwNjU5MWFjYTRiOTRi
NmMyZjgwHhcNMjUwNDAxMTIzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM4OTM2MjM1MzYxMmY3MzZhNzljODMzODU5NGEzY2JhNDA2NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kS5sImCaRgQREXMRSr/D40ORup5
SalH+zAHzKI7YsEC5OZ7SFM+q7WZYwluu1PmX5FWSUW/nyBCweGdF90G2HbX5XXa
w4Rm267FwKFDvKJXwAZSrRoA0ubp1bVlNiZljvF7Pd2w2vsmJSVdDlqVq0CUSqJH
5TaIUESYZAjBkFy7NGlbG5FRmxUWq70HYYZVo7bJf81iKtCyJywolEPKUfFKouFX
1HG8UFjOSvTJpo0hnaOdHbNbw5JvKBjwgFdwalEqA6E6MvYrjAJVfBcan2RIdUrG
MAV/eEN8zAHfQ7ZBkdUZUmTnsfJJsn7ioDucNVcWT8n1xVtXY5MzBYGgdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFvIk2I1NhL3NqecgzhZSjy6QGa9MB8GA1UdIwQY
MBaAFJpwBP28HZ46PB5+BlkaykuUtsL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5BRV9id2Ruam84SG40R1dScktTNVMyd3ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mY2E4MWQtMzhhNS00YzMyLWIxNjMt
YjdmYTM5M2RiMWQxLzEvVzhpVFlqVTJFdmMycDV5RE9GbEtQTHBBWnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mY2E4MWQtMzhhNS00YzMyLWIxNjMtYjdmYTM5M2RiMWQx
LzEvbW5BRV9id2Ruam84SG40R1dScktTNVMyd3ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVdG8AwQF
w2DgAwQF1b/AMA0EAgACMAcDBQAqAYiAMA0GCSqGSIb3DQEBCwUAA4IBAQCx8yyg
iGEBOsFsHa81PTf7dCUktl0Q/725PmTXS9jlv4uYuwegQ7i0QM5+7rLsf8gTc7i2
gVo04Mrtlgh2AH0kqO15UttpGd1HKmmuJRry0OvFXuNEJEcLVInzDi0/Z7sfcsC6
ZZGqI2Bvy9oKDrVpaN2CFtAoVGyyAKrEc+hTSUmXoSs3uTlgjR5euQdK0f5E95SV
W9UXgYyKjihJqrrW/29TB+vVrLFEEd89g2gQhaiqZG/dW2rbMwUhqsNEk5gfrExf
7G6q/tHLYeHoB90sPYoGLaMA9TiRuTkuSft86Xk+R6HrlWeP3Uq/bUH6OQnFxqp4
DuqU9o0cC5EqM1x7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net