Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/VzkNnK8ZZLi3EdFem2ht2MqP6yg.roa
File: VzkNnK8ZZLi3EdFem2ht2MqP6yg.roa (raw, json)
Hash identifier: vDh90IOKG2Z4aklRGqaqLJS7/W1wdLFm/VhjhWpb5HU=
Subject key identifier: 57:39:0D:9C:AF:19:64:B8:B7:11:D1:5E:9B:68:6D:D8:CA:8F:EB:28
Certificate issuer: /CN=9ff3396374cbf5d767125f02dcf0f97296323092
Certificate serial: 01942521F891BF5C6BDFDE461ACDCA28E85D
Authority key identifier: 9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/VzkNnK8ZZLi3EdFem2ht2MqP6yg.roa
Signing time: Thu 02 Jan 2025 03:49:30 +0000
ROA not before: Thu 02 Jan 2025 03:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59890
IP address blocks: 147.78.248.0/22 maxlen: 22
185.67.172.0/22 maxlen: 22
185.251.200.0/22 maxlen: 22
194.208.128.0/19 maxlen: 19
194.208.176.0/21 maxlen: 21
2a05:1140::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f8:91:bf:5c:6b:df:de:46:1a:cd:ca:28:e8:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff3396374cbf5d767125f02dcf0f97296323092
Validity
Not Before: Jan 2 03:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57390d9caf1964b8b711d15e9b686dd8ca8feb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e7:82:4c:3a:0c:00:91:d1:37:43:c0:29:0c:
53:ad:f4:2a:34:64:9d:14:69:a8:07:79:14:6a:53:
a9:d3:0d:9b:5c:d0:2a:3c:02:c0:cd:d1:b6:e5:13:
cf:c8:c1:81:60:85:f7:94:c3:d3:4f:37:97:d1:82:
05:9f:23:f7:4c:eb:f9:0a:a8:0a:65:e6:7d:2b:b8:
33:e6:72:b5:51:f3:a4:28:3c:ef:59:0d:da:cf:50:
47:74:9b:5f:18:fb:a8:22:45:19:44:5c:0f:9c:d6:
c1:98:de:14:45:29:f2:c5:c7:a9:d3:26:d5:ca:2d:
14:4a:f2:e8:21:fc:55:02:8c:05:c3:82:d2:0b:48:
7f:f5:4c:90:4d:57:25:d0:e7:59:7b:44:c6:29:a3:
23:c2:fc:58:2d:80:d1:35:b5:8e:37:1b:22:ce:21:
a4:6f:94:f2:3e:9d:88:f6:9a:d8:90:f9:29:2c:4d:
20:f7:2f:d2:71:ab:74:cb:1c:b3:25:3a:db:4c:8f:
42:5b:f1:a9:92:2e:ae:c7:03:a0:3c:36:a3:43:1d:
02:d3:ec:38:f5:9e:06:9b:c4:be:ac:16:35:9d:06:
53:f3:d5:7d:64:9e:d9:56:d9:f6:63:15:5d:a3:09:
eb:33:a4:e5:fd:e8:d1:a8:ba:75:ba:64:64:df:bd:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:39:0D:9C:AF:19:64:B8:B7:11:D1:5E:9B:68:6D:D8:CA:8F:EB:28
X509v3 Authority Key Identifier:
keyid:9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/VzkNnK8ZZLi3EdFem2ht2MqP6yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.248.0/22
185.67.172.0/22
185.251.200.0/22
194.208.128.0/19
194.208.176.0/21
IPv6:
2a05:1140::/29
Signature Algorithm: sha256WithRSAEncryption
8c:af:a4:26:76:f7:7e:d6:27:ea:8e:ea:60:11:f5:f0:b3:f4:
9e:31:ac:fd:90:b7:77:52:c7:dd:f5:aa:82:df:b3:bb:32:7c:
ab:fe:95:44:ca:24:35:c2:ae:8c:fb:70:4a:83:e6:2f:90:34:
9d:21:b9:d7:da:e7:70:ba:e3:6a:77:72:4e:7b:c4:6b:9d:fc:
ca:d8:a2:39:32:ce:ec:a7:b0:e3:a0:82:48:4f:32:ad:13:4b:
3c:64:d9:c7:5c:a0:2a:17:e3:0d:54:d5:f4:6e:6f:7a:af:82:
1d:97:20:0b:ce:58:2f:46:cb:88:16:f0:1a:a4:b9:6e:ba:e9:
8b:4f:0d:50:31:97:1f:f4:6d:74:9d:65:c9:a8:79:4f:3c:7c:
a8:60:65:ac:d3:8e:c1:c3:22:af:9f:22:17:85:9b:d8:c4:2a:
b6:07:bf:72:6f:69:ef:58:f3:02:02:96:16:5f:68:76:4f:6e:
80:0a:67:33:38:23:09:b5:94:c5:e6:a6:89:59:f1:06:5e:52:
31:b6:d7:e1:61:be:9d:f7:40:66:66:33:eb:6d:2d:02:3e:a8:
b7:4e:b3:ce:92:59:27:a2:2f:29:8c:1e:24:0b:20:d1:06:55:
04:f3:19:22:8d:98:f1:52:91:16:07:63:65:e2:fd:0f:4c:5f:
9f:13:ae:dd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlIfiRv1xr395GGs3KKOhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjMzOTYzNzRjYmY1ZDc2NzEyNWYwMmRjZjBmOTcyOTYz
MjMwOTIwHhcNMjUwMTAyMDM0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM5MGQ5Y2FmMTk2NGI4YjcxMWQxNWU5YjY4NmRkOGNhOGZlYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwueCTDoMAJHRN0PAKQxTrfQqNGSd
FGmoB3kUalOp0w2bXNAqPALAzdG25RPPyMGBYIX3lMPTTzeX0YIFnyP3TOv5CqgK
ZeZ9K7gz5nK1UfOkKDzvWQ3az1BHdJtfGPuoIkUZRFwPnNbBmN4URSnyxcep0ybV
yi0USvLoIfxVAowFw4LSC0h/9UyQTVcl0OdZe0TGKaMjwvxYLYDRNbWONxsiziGk
b5TyPp2I9prYkPkpLE0g9y/Scat0yxyzJTrbTI9CW/Gpki6uxwOgPDajQx0C0+w4
9Z4Gm8S+rBY1nQZT89V9ZJ7ZVtn2YxVdownrM6Tl/ejRqLp1umRk3704MwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFc5DZyvGWS4txHRXptobdjKj+soMB8GA1UdIwQY
MBaAFJ/zOWN0y/XXZxJfAtzw+XKWMjCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEt
ZTk1NTQ0ODNmZmE3LzEvVnprTm5LOFpaTGkzRWRGZW0yaHQyTXFQNnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEtZTk1NTQ0ODNmZmE3
LzEvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCk074AwQC
uUOsAwQCufvIAwQFwtCAAwQDwtCwMA0EAgACMAcDBQMqBRFAMA0GCSqGSIb3DQEB
CwUAA4IBAQCMr6Qmdvd+1ifqjupgEfXws/SeMaz9kLd3Usfd9aqC37O7Mnyr/pVE
yiQ1wq6M+3BKg+YvkDSdIbnX2udwuuNqd3JOe8RrnfzK2KI5Ms7sp7DjoIJITzKt
E0s8ZNnHXKAqF+MNVNX0bm96r4IdlyALzlgvRsuIFvAapLluuumLTw1QMZcf9G10
nWXJqHlPPHyoYGWs047BwyKvnyIXhZvYxCq2B79yb2nvWPMCApYWX2h2T26ACmcz
OCMJtZTF5qaJWfEGXlIxttfhYb6d90BmZjPrbS0CPqi3TrPOklknoi8pjB4kCyDR
BlUE8xkijZjxUpEWB2Nl4v0PTF+fE67d
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:24:43 2025 by rpki-client on console.sobornost.net