Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/E0KbPb4RfPbI9ii_1fNlFCQuDLw.roa
File: E0KbPb4RfPbI9ii_1fNlFCQuDLw.roa (raw, json)
Hash identifier: be5+koswrVopdsotzqVNJfSpffEio3grzLc2KrNQKj8=
Subject key identifier: 13:42:9B:3D:BE:11:7C:F6:C8:F6:28:BF:D5:F3:65:14:24:2E:0C:BC
Certificate issuer: /CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Certificate serial: 019422FB3DBB9E0B5E2A4310518EB9A03A9F
Authority key identifier: 85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/E0KbPb4RfPbI9ii_1fNlFCQuDLw.roa
Signing time: Wed 01 Jan 2025 17:47:58 +0000
ROA not before: Wed 01 Jan 2025 17:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49974
IP address blocks: 37.35.96.0/22 maxlen: 22
37.35.100.0/24 maxlen: 24
37.35.101.0/24 maxlen: 24
37.35.102.0/24 maxlen: 24
37.35.103.0/24 maxlen: 24
45.157.164.0/22 maxlen: 22
185.18.0.0/22 maxlen: 22
213.5.32.0/21 maxlen: 21
2001:67c:238::/48 maxlen: 48
2a00:9540::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3d:bb:9e:0b:5e:2a:43:10:51:8e:b9:a0:3a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Validity
Not Before: Jan 1 17:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13429b3dbe117cf6c8f628bfd5f36514242e0cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fc:15:a6:7d:44:b9:dc:29:37:36:ea:27:b5:
fa:49:01:65:e2:71:90:d9:ff:ef:36:18:2a:7f:11:
bd:1e:e4:1d:db:40:05:12:c3:43:45:1d:b4:c9:36:
cd:b5:90:41:28:9c:d0:19:98:af:54:8c:ee:7d:14:
36:fe:31:05:14:d7:75:21:92:e2:c9:06:39:17:ba:
2b:ad:29:90:f0:59:3e:b7:62:0c:8c:87:6a:c2:34:
7b:9b:de:6b:64:7e:22:bb:01:27:74:50:dc:b5:e5:
46:b4:6b:74:37:60:62:16:eb:67:32:36:96:fe:79:
82:c9:11:9a:cd:10:af:93:6f:41:4c:3a:fc:79:0f:
62:7b:99:fc:69:38:e9:a1:aa:49:cc:bd:d7:fc:48:
b8:e5:7d:df:59:2d:6c:48:a1:4a:11:67:55:60:3a:
ac:8b:42:63:75:7e:25:f1:74:35:c4:e5:fa:42:0d:
3b:ce:77:5b:84:35:24:70:42:94:ea:76:de:39:40:
7b:a5:0d:05:c7:ac:aa:0b:55:ed:03:35:75:53:69:
7f:ae:15:5a:6c:8e:b0:f1:4f:16:33:0b:b5:ae:0f:
5d:87:2f:27:ce:f1:23:1b:67:56:b9:e3:8c:0d:ec:
7a:91:fd:e9:0e:07:3f:fc:ab:e0:4f:f3:92:2f:fe:
7a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:42:9B:3D:BE:11:7C:F6:C8:F6:28:BF:D5:F3:65:14:24:2E:0C:BC
X509v3 Authority Key Identifier:
keyid:85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/E0KbPb4RfPbI9ii_1fNlFCQuDLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.96.0/21
45.157.164.0/22
185.18.0.0/22
213.5.32.0/21
IPv6:
2001:67c:238::/48
2a00:9540::/32
Signature Algorithm: sha256WithRSAEncryption
bb:55:14:2a:7d:83:2d:62:5c:80:61:78:77:0b:7c:7e:7e:35:
d5:0a:90:34:72:94:23:d5:43:8e:e2:8c:3e:af:30:d8:84:06:
55:7a:40:82:bd:22:ff:ad:43:fc:ce:69:0e:17:06:cc:6f:5a:
26:2b:51:2e:05:72:91:cb:98:5a:24:ec:46:57:e0:84:5a:f3:
f3:e9:59:1c:72:1c:5a:f2:11:b6:4a:30:f6:1f:32:76:0b:39:
58:05:d2:b4:a2:3b:da:eb:a5:5f:b9:ff:f7:42:c2:fe:99:62:
21:e7:8c:36:8c:f8:33:72:38:20:04:d1:9d:83:77:98:0a:be:
69:e5:5c:d4:9c:ff:a3:74:e3:b5:8d:e8:58:8f:64:f2:23:eb:
d5:b4:e2:50:f4:c9:29:8e:d7:5c:a2:cb:e4:78:54:1a:f9:ff:
06:1e:49:58:e7:40:de:a6:86:37:1a:11:a4:fb:1d:f8:db:73:
8c:ae:0d:61:ba:8d:14:98:52:f8:2a:fd:3a:3b:d5:1f:08:ea:
3d:ba:dd:cd:51:61:fd:20:5d:8a:1c:dd:6c:b5:7f:2b:2c:16:
ed:6a:6b:59:50:f5:57:45:5f:92:8f:9a:9d:7e:8b:21:b1:38:
8b:2a:44:79:1e:14:e5:9d:bc:28:fe:50:9d:ee:df:26:02:b5:
3d:7b:55:0f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQi+z27ngteKkMQUY65oDqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjkxOWEzZmViMGVjOTY2Mjk5ZmYwZmFlOGRlZmNiNDE1
ZTIyZmUwHhcNMjUwMTAxMTc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQyOWIzZGJlMTE3Y2Y2YzhmNjI4YmZkNWYzNjUxNDI0MmUwY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/wVpn1EudwpNzbqJ7X6SQFl4nGQ
2f/vNhgqfxG9HuQd20AFEsNDRR20yTbNtZBBKJzQGZivVIzufRQ2/jEFFNd1IZLi
yQY5F7orrSmQ8Fk+t2IMjIdqwjR7m95rZH4iuwEndFDcteVGtGt0N2BiFutnMjaW
/nmCyRGazRCvk29BTDr8eQ9ie5n8aTjpoapJzL3X/Ei45X3fWS1sSKFKEWdVYDqs
i0JjdX4l8XQ1xOX6Qg07zndbhDUkcEKU6nbeOUB7pQ0Fx6yqC1XtAzV1U2l/rhVa
bI6w8U8WMwu1rg9dhy8nzvEjG2dWueOMDex6kf3pDgc//KvgT/OSL/56wwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBNCmz2+EXz2yPYov9XzZRQkLgy8MB8GA1UdIwQY
MBaAFIW5GaP+sOyWYpn/D66N78tBXiL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEt
NDdkYzA4ZDdlM2JhLzEvRTBLYlBiNFJmUGJJOWlpXzFmTmxGQ1F1REx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEtNDdkYzA4ZDdlM2Jh
LzEvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDJSNgAwQC
LZ2kAwQCuRIAAwQD1QUgMBYEAgACMBADBwAgAQZ8AjgDBQAqAJVAMA0GCSqGSIb3
DQEBCwUAA4IBAQC7VRQqfYMtYlyAYXh3C3x+fjXVCpA0cpQj1UOO4ow+rzDYhAZV
ekCCvSL/rUP8zmkOFwbMb1omK1EuBXKRy5haJOxGV+CEWvPz6Vkcchxa8hG2SjD2
HzJ2CzlYBdK0ojva66Vfuf/3QsL+mWIh54w2jPgzcjggBNGdg3eYCr5p5VzUnP+j
dOO1jehYj2TyI+vVtOJQ9MkpjtdcosvkeFQa+f8GHklY50DepoY3GhGk+x3423OM
rg1huo0UmFL4Kv06O9UfCOo9ut3NUWH9IF2KHN1stX8rLBbtamtZUPVXRV+Sj5qd
foshsTiLKkR5HhTlnbwo/lCd7t8mArU9e1UP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net