Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/aXs8DBYHqH16kFI25mAmO1bJxx4.roa
File: aXs8DBYHqH16kFI25mAmO1bJxx4.roa (raw, json)
Hash identifier: d1LoCC9lmf7ZBBsN52kpeKsNgpbykeADMERL6qdd4Bg=
Subject key identifier: 69:7B:3C:0C:16:07:A8:7D:7A:90:52:36:E6:60:26:3B:56:C9:C7:1E
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01943BEFA1302C134B39A02884865E00182E
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/aXs8DBYHqH16kFI25mAmO1bJxx4.roa
Signing time: Mon 06 Jan 2025 14:05:47 +0000
ROA not before: Mon 06 Jan 2025 14:05:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61220
IP address blocks: 84.54.14.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:ef:a1:30:2c:13:4b:39:a0:28:84:86:5e:00:18:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 6 14:05:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=697b3c0c1607a87d7a905236e660263b56c9c71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:ef:aa:e4:5a:29:02:06:3f:91:0d:cb:08:
db:82:d4:41:3c:66:d4:e3:4e:ce:ea:b6:f2:cf:17:
fd:5b:ef:29:89:35:3f:b3:39:07:9c:56:3d:80:af:
97:45:20:b0:49:b7:ea:31:84:a6:49:9a:3c:bf:f2:
27:04:bb:70:e8:c2:db:6f:49:4b:fb:20:97:99:e2:
cc:21:0a:77:ca:3c:58:e2:fb:09:e1:c5:94:93:ba:
ae:3e:a1:84:db:d9:97:27:39:14:f9:28:00:c6:54:
f4:63:40:ea:de:49:9e:2c:d9:d9:45:7c:c1:a4:ea:
b2:91:1e:1f:19:0e:1a:56:a4:94:53:8a:c3:e2:28:
9d:ff:20:5e:95:4e:1c:1d:d0:c7:ef:be:77:f7:48:
a1:ae:18:be:95:e9:e7:f4:08:1f:07:ee:ce:0d:e1:
24:24:6c:41:82:3b:16:91:ad:39:5d:c9:d1:a1:61:
17:b5:4e:06:2a:1e:c7:42:d5:cd:8c:63:d6:a2:e6:
60:6d:85:a4:e0:0a:b6:89:5b:ba:e0:6a:6b:b2:82:
3b:0e:d8:3f:f8:d5:e9:e8:ab:91:39:7d:3b:0a:79:
0f:d6:4c:c0:04:ee:f1:68:4b:4d:8d:34:22:ee:64:
90:bc:81:60:88:3c:4e:38:d9:55:b0:1f:e5:d4:53:
11:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7B:3C:0C:16:07:A8:7D:7A:90:52:36:E6:60:26:3B:56:C9:C7:1E
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/aXs8DBYHqH16kFI25mAmO1bJxx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
Signature Algorithm: sha256WithRSAEncryption
56:51:38:7b:49:50:bd:a4:6e:05:7f:8c:18:a8:aa:52:66:62:
42:12:e0:fa:86:d6:81:05:94:80:83:4f:44:b0:94:66:32:a3:
85:fe:66:72:e2:01:51:cc:d9:38:9a:78:45:6c:6a:2a:37:8d:
fc:fc:f4:ed:06:48:70:b9:d1:1a:ba:7e:39:ee:c0:88:ee:2d:
ff:8b:39:91:41:f9:f9:ca:76:f8:9d:bb:44:5f:73:e4:a5:87:
34:39:44:e3:72:a8:09:b6:fd:c9:2b:14:ec:32:26:32:25:88:
2d:07:4b:d1:8e:c9:96:20:78:ea:bf:ba:0b:5c:0c:6e:10:a4:
f5:f2:0e:e4:cc:69:e6:4d:46:d2:04:02:9c:26:28:c1:e1:6c:
51:18:59:9d:60:9e:f0:11:09:c0:34:18:5c:71:c9:63:0a:ab:
ca:41:1b:87:b8:25:18:43:85:99:03:21:82:0b:30:11:38:40:
07:e3:4d:ea:d3:b8:98:79:0a:81:52:1a:c3:fc:87:3e:b4:23:
ca:f7:30:64:db:e0:20:47:d9:de:8c:a6:db:46:91:26:2f:7d:
56:07:26:8b:9c:4e:9f:00:f5:d2:74:aa:94:6e:22:7e:ad:a3:
0a:8b:40:7a:5d:5b:30:5b:25:3f:70:40:b9:ee:79:5b:81:55:
cb:1e:b4:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQ776EwLBNLOaAohIZeABguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjUwMTA2MTQwNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdiM2MwYzE2MDdhODdkN2E5MDUyMzZlNjYwMjYzYjU2YzljNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKfvquRaKQIGP5ENywjbgtRBPGbU
407O6rbyzxf9W+8piTU/szkHnFY9gK+XRSCwSbfqMYSmSZo8v/InBLtw6MLbb0lL
+yCXmeLMIQp3yjxY4vsJ4cWUk7quPqGE29mXJzkU+SgAxlT0Y0Dq3kmeLNnZRXzB
pOqykR4fGQ4aVqSUU4rD4iid/yBelU4cHdDH775390ihrhi+lenn9AgfB+7ODeEk
JGxBgjsWka05XcnRoWEXtU4GKh7HQtXNjGPWouZgbYWk4Aq2iVu64GprsoI7Dtg/
+NXp6KuROX07CnkP1kzABO7xaEtNjTQi7mSQvIFgiDxOONlVsB/l1FMRyQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGl7PAwWB6h9epBSNuZgJjtWycceMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvYVhzOERCWUhxSDE2a0ZJMjVtQW1PMWJKeHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVDYOAwQA
VmgOAwQAWStOAwQBsGIqAwQCuVGYMA0GCSqGSIb3DQEBCwUAA4IBAQBWUTh7SVC9
pG4Ff4wYqKpSZmJCEuD6htaBBZSAg09EsJRmMqOF/mZy4gFRzNk4mnhFbGoqN438
/PTtBkhwudEaun457sCI7i3/izmRQfn5ynb4nbtEX3PkpYc0OUTjcqgJtv3JKxTs
MiYyJYgtB0vRjsmWIHjqv7oLXAxuEKT18g7kzGnmTUbSBAKcJijB4WxRGFmdYJ7w
EQnANBhcccljCqvKQRuHuCUYQ4WZAyGCCzAROEAH403q07iYeQqBUhrD/Ic+tCPK
9zBk2+AgR9nejKbbRpEmL31WByaLnE6fAPXSdKqUbiJ+raMKi0B6XVswWyU/cEC5
7nlbgVXLHrTE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net