Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/39MxobbrpAQOtON-sui4Ceno-cQ.roa
File: 39MxobbrpAQOtON-sui4Ceno-cQ.roa (raw, json)
Hash identifier: N9pxd/h1OsCWGB0hBqC8JheO5FgETKpxzAleviuHpyk=
Subject key identifier: DF:D3:31:A1:B6:EB:A4:04:0E:B4:E3:7E:B2:E8:B8:09:E9:E8:F9:C4
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0194CB656249DFE9E1AA88D2899F85517426
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/39MxobbrpAQOtON-sui4Ceno-cQ.roa
Signing time: Mon 03 Feb 2025 10:40:06 +0000
ROA not before: Mon 03 Feb 2025 10:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41209
IP address blocks: 62.118.106.0/23 maxlen: 23
62.118.108.0/23 maxlen: 23
85.140.60.0/22 maxlen: 22
85.140.60.0/24 maxlen: 24
85.140.61.0/24 maxlen: 24
85.140.62.0/24 maxlen: 24
85.140.63.0/24 maxlen: 24
195.34.18.0/23 maxlen: 23
195.34.18.0/24 maxlen: 24
195.34.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:65:62:49:df:e9:e1:aa:88:d2:89:9f:85:51:74:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Feb 3 10:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd331a1b6eba4040eb4e37eb2e8b809e9e8f9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bc:8d:5a:40:32:7c:21:2b:90:d3:e7:33:61:
30:7d:d4:0c:b8:86:75:55:ce:08:d6:e6:40:b1:ec:
66:38:e6:f5:85:3b:30:d9:f3:58:0e:3f:5a:d7:31:
1b:08:a2:3a:dd:3f:ad:9f:4e:6e:7c:76:9d:42:9d:
25:ac:78:7f:3b:ed:21:44:7e:b7:ce:fe:ae:8c:9e:
de:cf:aa:1c:da:c2:26:f9:fa:f3:09:59:f1:09:6e:
5e:30:75:a3:61:df:7d:5d:fc:7d:33:e4:a2:88:ce:
11:5e:3f:86:a4:c7:82:18:54:8e:52:d6:ae:bc:39:
96:75:a5:f7:10:4a:8f:9f:31:76:c3:2d:54:ea:d9:
5b:cf:b5:f6:fe:b5:e7:cb:99:66:ad:ef:55:d1:0d:
07:cc:79:25:77:9e:17:99:0b:9a:70:f8:46:f7:4f:
ba:1a:a0:70:47:81:bc:d0:0c:cb:d1:eb:56:1a:3c:
35:05:4b:c3:b0:85:f7:f6:a5:06:7b:13:dd:26:26:
f9:ac:ab:2c:6f:d4:fb:bb:c3:ef:e4:a5:2c:b6:43:
7d:4e:8d:9b:fc:32:30:8f:95:82:51:0c:0f:df:03:
39:73:86:f9:2d:0b:e7:53:72:c8:85:21:db:91:bc:
09:7c:57:c4:af:8b:3b:68:52:e6:81:e5:e2:77:d8:
a0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D3:31:A1:B6:EB:A4:04:0E:B4:E3:7E:B2:E8:B8:09:E9:E8:F9:C4
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/39MxobbrpAQOtON-sui4Ceno-cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.118.106.0-62.118.109.255
85.140.60.0/22
195.34.18.0/23
Signature Algorithm: sha256WithRSAEncryption
17:14:ec:58:b6:5d:f4:2e:aa:c3:58:87:4e:ee:dc:37:9f:24:
3c:c8:97:0b:c4:e3:ad:57:36:11:f0:84:50:12:e4:91:49:b3:
1b:60:6d:02:08:a9:47:3b:4d:06:af:5a:ae:56:05:6f:25:e9:
6c:93:64:0e:d5:4d:7c:d4:d5:d7:25:79:52:42:7e:68:e2:24:
b4:f9:8a:9a:1e:f7:15:25:78:b2:8a:48:94:6e:b2:8f:aa:35:
ca:fa:3c:45:2d:16:c6:33:b2:b0:91:c8:5e:f3:0f:b1:6c:fc:
6e:b7:fd:cc:73:b3:45:49:25:c6:fc:43:47:2b:b6:29:42:a5:
1e:f6:e0:32:d2:ea:53:66:21:85:1f:11:8c:48:da:18:97:a7:
5a:37:93:41:a6:38:27:b7:fd:b4:0a:4e:96:c8:7f:67:4e:b2:
8b:3d:af:1a:6a:25:bd:ae:73:c8:d7:80:56:93:d9:f2:31:20:
25:4b:a9:2a:14:c0:3e:a8:13:b0:de:cc:4a:8d:61:f4:31:28:
21:35:0f:9e:a0:98:3c:0a:8a:2c:aa:20:51:8e:bf:96:14:30:
78:90:03:e7:75:92:83:95:e8:f1:5f:ab:c5:e5:3c:3e:df:73:
49:2e:f5:1b:a1:76:db:3a:c9:c4:06:b4:2e:22:a0:de:1a:31:
f1:a3:81:60
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTLZWJJ3+nhqojSiZ+FUXQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMjAzMTA0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQzMzFhMWI2ZWJhNDA0MGViNGUzN2ViMmU4YjgwOWU5ZThmOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7yNWkAyfCErkNPnM2EwfdQMuIZ1
Vc4I1uZAsexmOOb1hTsw2fNYDj9a1zEbCKI63T+tn05ufHadQp0lrHh/O+0hRH63
zv6ujJ7ez6oc2sIm+frzCVnxCW5eMHWjYd99Xfx9M+SiiM4RXj+GpMeCGFSOUtau
vDmWdaX3EEqPnzF2wy1U6tlbz7X2/rXny5lmre9V0Q0HzHkld54XmQuacPhG90+6
GqBwR4G80AzL0etWGjw1BUvDsIX39qUGexPdJib5rKssb9T7u8Pv5KUstkN9To2b
/DIwj5WCUQwP3wM5c4b5LQvnU3LIhSHbkbwJfFfEr4s7aFLmgeXid9igdQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN/TMaG266QEDrTjfrLouAnp6PnEMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvMzlNeG9iYnJwQVFPdE9OLXN1aTRDZW5vLWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAE+dmoD
BAE+dmwDBAJVjDwDBAHDIhIwDQYJKoZIhvcNAQELBQADggEBABcU7Fi2XfQuqsNY
h07u3DefJDzIlwvE461XNhHwhFAS5JFJsxtgbQIIqUc7TQavWq5WBW8l6WyTZA7V
TXzU1dcleVJCfmjiJLT5ipoe9xUleLKKSJRuso+qNcr6PEUtFsYzsrCRyF7zD7Fs
/G63/cxzs0VJJcb8Q0crtilCpR724DLS6lNmIYUfEYxI2hiXp1o3k0GmOCe3/bQK
TpbIf2dOsos9rxpqJb2uc8jXgFaT2fIxICVLqSoUwD6oE7DezEqNYfQxKCE1D56g
mDwKiiyqIFGOv5YUMHiQA+d1koOV6PFfq8XlPD7fc0ku9Ruhdts6ycQGtC4ioN4a
MfGjgWA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:48 2025 by rpki-client on console.sobornost.net