Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/h0icjzgutWd6lA-1BOIfw-Gwjqg.roa
File: h0icjzgutWd6lA-1BOIfw-Gwjqg.roa (raw, json)
Hash identifier: S1MAwDWcpRVxYAC6r+etNs1goxhniGxwWQ8E6EEXeo8=
Subject key identifier: 87:48:9C:8F:38:2E:B5:67:7A:94:0F:B5:04:E2:1F:C3:E1:B0:8E:A8
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 019427B64123274D8FF7F30B925D09FCC33D
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/h0icjzgutWd6lA-1BOIfw-Gwjqg.roa
Signing time: Thu 02 Jan 2025 15:50:43 +0000
ROA not before: Thu 02 Jan 2025 15:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39835
IP address blocks: 5.34.224.0/21 maxlen: 24
81.20.112.0/20 maxlen: 24
81.90.192.0/20 maxlen: 24
130.193.96.0/21 maxlen: 24
185.75.148.0/22 maxlen: 24
185.94.36.0/22 maxlen: 24
188.74.32.0/20 maxlen: 24
212.101.32.0/19 maxlen: 24
2a02:1318::/32 maxlen: 40
2a03:4b20::/29 maxlen: 40
2a03:6880::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:41:23:27:4d:8f:f7:f3:0b:92:5d:09:fc:c3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Jan 2 15:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87489c8f382eb5677a940fb504e21fc3e1b08ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:b8:17:f0:93:68:c7:df:21:b9:32:9b:3f:
1e:3d:8e:7f:01:a2:9c:49:6a:f2:85:02:96:13:90:
8e:5e:12:84:92:6d:8e:ea:d0:9d:56:46:e5:07:71:
fe:e6:bf:b6:b6:84:f6:dc:1d:a0:02:ca:71:c3:ec:
0a:3e:0c:78:dc:c9:cd:6c:97:eb:50:ee:81:c8:2f:
0b:58:ed:d3:a6:c0:29:ae:c1:30:ed:75:a0:8a:b0:
18:f4:7e:1f:b4:c7:93:94:d2:cf:82:b9:d1:b4:c8:
4a:ed:68:67:80:7d:d4:a4:9f:7e:a0:b1:34:bd:c0:
c8:d1:e9:b9:9f:11:e4:18:f3:95:bd:fd:6c:46:0e:
13:fc:ff:2e:e8:70:4a:c1:c2:dc:41:d1:30:9b:d4:
f3:06:1c:48:5f:e5:e3:17:9f:c9:37:77:1e:b4:ab:
18:28:ba:c7:81:2a:2f:0b:29:a0:32:7b:7a:ca:b2:
be:a6:4f:ed:da:9c:be:b3:1b:e0:f9:6a:ee:67:c2:
55:06:0d:1d:6d:2b:36:77:94:7d:b9:28:e6:ac:df:
b6:93:00:88:32:be:91:5a:a2:e2:18:6f:84:d5:21:
65:48:e1:fb:78:f2:8f:8d:22:fd:2d:a6:15:7c:34:
23:a1:63:04:a2:25:5f:21:b3:f8:db:6c:be:7f:0f:
56:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:48:9C:8F:38:2E:B5:67:7A:94:0F:B5:04:E2:1F:C3:E1:B0:8E:A8
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/h0icjzgutWd6lA-1BOIfw-Gwjqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.224.0/21
81.20.112.0/20
81.90.192.0/20
130.193.96.0/21
185.75.148.0/22
185.94.36.0/22
188.74.32.0/20
212.101.32.0/19
IPv6:
2a02:1318::/32
2a03:4b20::/29
2a03:6880::/32
Signature Algorithm: sha256WithRSAEncryption
4d:f6:5a:c2:1e:b3:b2:c5:d2:06:8c:b8:40:34:f0:f6:81:af:
eb:f1:e0:17:27:3e:86:83:e2:85:7c:ec:45:61:d4:12:0d:4f:
ad:49:3f:ce:c0:9f:22:e5:e0:fd:e4:05:18:db:ff:38:e7:b1:
99:b9:73:fd:bd:32:7d:c2:2b:c5:e5:07:dc:13:5f:ea:78:ea:
0e:75:32:5c:db:99:d7:43:29:42:f4:76:a4:e1:7d:10:ff:d8:
d8:cf:c4:60:12:28:96:15:e3:ef:d3:c7:b7:13:53:a2:b5:78:
48:b2:ce:a7:97:5a:26:59:02:de:99:b0:b3:bf:ae:b3:f4:01:
4b:a5:8d:25:72:43:06:c1:40:61:b6:40:94:67:5c:af:41:49:
c1:af:03:94:78:89:88:2d:b0:83:a9:3a:c1:ea:a6:d5:f6:01:
d2:56:26:13:b3:3f:04:9f:ca:a7:f0:b3:8c:67:bc:84:cb:89:
b3:34:13:f5:f2:1e:f3:35:40:65:1b:05:bc:21:30:89:d6:2e:
54:3a:26:6b:88:8e:15:2a:e5:78:2d:0e:67:87:3f:14:2d:7d:
7e:62:1f:79:7e:11:e9:1b:a7:2e:4c:f4:b2:1d:61:cd:b1:95:
78:ae:1a:dd:69:0b:3a:8b:5b:ad:86:d6:ab:7e:42:03:2e:2b:
f5:db:6b:5c
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQntkEjJ02P9/MLkl0J/MM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjUwMTAyMTU1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ4OWM4ZjM4MmViNTY3N2E5NDBmYjUwNGUyMWZjM2UxYjA4ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSy4F/CTaMffIbkymz8ePY5/AaKc
SWryhQKWE5COXhKEkm2O6tCdVkblB3H+5r+2toT23B2gAspxw+wKPgx43MnNbJfr
UO6ByC8LWO3TpsAprsEw7XWgirAY9H4ftMeTlNLPgrnRtMhK7WhngH3UpJ9+oLE0
vcDI0em5nxHkGPOVvf1sRg4T/P8u6HBKwcLcQdEwm9TzBhxIX+XjF5/JN3cetKsY
KLrHgSovCymgMnt6yrK+pk/t2py+sxvg+WruZ8JVBg0dbSs2d5R9uSjmrN+2kwCI
Mr6RWqLiGG+E1SFlSOH7ePKPjSL9LaYVfDQjoWMEoiVfIbP422y+fw9WzwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIdInI84LrVnepQPtQTiH8PhsI6oMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvaDBpY2p6Z3V0V2Q2bEEtMUJPSWZ3LUd3anFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDBSLgAwQE
URRwAwQEUVrAAwQDgsFgAwQCuUuUAwQCuV4kAwQEvEogAwQF1GUgMBsEAgACMBUD
BQAqAhMYAwUDKgNLIAMFACoDaIAwDQYJKoZIhvcNAQELBQADggEBAE32WsIes7LF
0gaMuEA08PaBr+vx4BcnPoaD4oV87EVh1BINT61JP87AnyLl4P3kBRjb/zjnsZm5
c/29Mn3CK8XlB9wTX+p46g51MlzbmddDKUL0dqThfRD/2NjPxGASKJYV4+/Tx7cT
U6K1eEiyzqeXWiZZAt6ZsLO/rrP0AUuljSVyQwbBQGG2QJRnXK9BScGvA5R4iYgt
sIOpOsHqptX2AdJWJhOzPwSfyqfws4xnvITLibM0E/XyHvM1QGUbBbwhMInWLlQ6
JmuIjhUq5XgtDmeHPxQtfX5iH3l+Eekbpy5M9LIdYc2xlXiuGt1pCzqLW62G1qt+
QgMuK/Xba1w=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net