Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/4tKIyKN2LpGytONfG9Wwzb3sMh8.roa
File: 4tKIyKN2LpGytONfG9Wwzb3sMh8.roa (raw, json)
Hash identifier: So7qtpci+LVeK7KYvgn0X4FAkS3oDmYxiev+fG5cuSs=
Subject key identifier: E2:D2:88:C8:A3:76:2E:91:B2:B4:E3:5F:1B:D5:B0:CD:BD:EC:32:1F
Certificate issuer: /CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Certificate serial: 01942747F1CD8E01C47E99618B124A23709D
Authority key identifier: 0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/4tKIyKN2LpGytONfG9Wwzb3sMh8.roa
Signing time: Thu 02 Jan 2025 13:50:13 +0000
ROA not before: Thu 02 Jan 2025 13:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47406
IP address blocks: 160.202.28.0/22 maxlen: 24
185.118.72.0/22 maxlen: 24
185.123.36.0/22 maxlen: 24
185.154.88.0/22 maxlen: 24
185.176.200.0/22 maxlen: 24
185.211.15.0/24 maxlen: 24
2a06:9240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f1:cd:8e:01:c4:7e:99:61:8b:12:4a:23:70:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Validity
Not Before: Jan 2 13:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2d288c8a3762e91b2b4e35f1bd5b0cdbdec321f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:30:25:52:da:df:47:a1:ab:d5:48:2e:e9:87:
51:7a:84:1f:cf:c3:04:75:36:e8:36:06:1f:8a:86:
1a:88:53:68:62:24:17:22:85:28:cd:ee:aa:51:3d:
17:4b:a3:b1:65:34:8d:5d:3b:2f:f6:66:27:3a:59:
ea:d6:9c:27:d4:36:b7:c9:32:a6:b7:81:c9:9d:38:
00:30:e8:1e:3e:9d:4a:be:22:ef:24:c2:57:29:fb:
ab:3d:2b:b7:29:47:f8:72:8a:ba:d8:f2:68:23:3a:
de:b8:b2:ab:9d:53:a2:3c:06:64:c6:d6:fe:20:34:
5d:81:59:44:ec:a2:57:5b:8e:04:d5:ea:96:4a:86:
00:42:15:af:35:24:f0:2e:a6:8a:e6:de:33:dd:fa:
35:92:bd:ec:0b:9d:d0:c8:d3:ae:15:35:08:97:37:
7a:aa:a0:b8:60:cf:61:df:1d:63:96:47:87:82:e1:
56:9c:4a:6e:8f:5e:fc:f9:82:d1:28:3a:e4:ea:e3:
0d:9d:21:2f:f7:91:a4:aa:7d:ae:dd:45:ff:96:49:
4a:21:e9:4e:3c:11:7e:23:7a:37:e0:07:c3:d5:62:
63:b7:5f:08:43:62:bc:d2:de:0a:81:b5:6d:00:94:
33:74:65:cf:56:79:86:d5:5c:62:1e:e4:6e:bd:50:
b3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D2:88:C8:A3:76:2E:91:B2:B4:E3:5F:1B:D5:B0:CD:BD:EC:32:1F
X509v3 Authority Key Identifier:
keyid:0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/4tKIyKN2LpGytONfG9Wwzb3sMh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.202.28.0/22
185.118.72.0/22
185.123.36.0/22
185.154.88.0/22
185.176.200.0/22
185.211.15.0/24
IPv6:
2a06:9240::/29
Signature Algorithm: sha256WithRSAEncryption
34:f5:29:9f:54:5d:5f:b2:81:5c:39:4c:f5:30:39:f6:4d:0a:
1b:0d:e3:00:0e:57:01:dc:21:37:21:b6:06:c6:da:88:dd:5a:
8e:82:58:6b:66:43:30:a5:96:12:c1:81:7e:80:69:17:c5:b2:
65:9b:99:83:e4:ce:e2:1d:3b:78:6c:ed:ae:25:77:88:d3:cd:
e7:01:40:b2:32:61:6a:82:cc:0f:04:d9:24:2f:24:83:59:ba:
87:4d:62:5d:7f:ad:5c:ee:de:15:fc:88:2a:fb:c0:b5:aa:a2:
08:ce:67:28:ad:26:f7:fd:d2:82:8b:33:e9:00:f5:53:3f:18:
cd:d4:11:b4:cb:46:65:fc:47:ae:99:16:8f:be:5f:98:95:07:
4c:6b:2b:13:dd:d0:8a:47:b4:90:e7:8a:95:9b:5f:1b:3e:9a:
90:28:79:fc:ac:33:29:c3:6b:70:a3:b9:4a:70:a8:50:30:8d:
fd:9a:92:49:0a:ce:14:95:e3:06:23:3b:a4:68:16:d4:9d:44:
4e:3d:47:02:da:97:a4:d2:85:1b:62:8a:34:e8:9e:c0:be:e9:
3b:ae:aa:8f:ec:34:b8:aa:b5:2a:43:56:e8:ad:c1:18:62:8c:
77:8d:a9:ac:b5:57:36:07:0a:0d:cb:19:12:03:bd:09:99:f1:
3c:99:85:71
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQnR/HNjgHEfplhixJKI3CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMmExNTdmMDA1MTVmOTViNmRmNWRjMGQ1MmViMWI1ZDQz
ZmRlNWMwHhcNMjUwMTAyMTM1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQyODhjOGEzNzYyZTkxYjJiNGUzNWYxYmQ1YjBjZGJkZWMzMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTAlUtrfR6Gr1Ugu6YdReoQfz8ME
dTboNgYfioYaiFNoYiQXIoUoze6qUT0XS6OxZTSNXTsv9mYnOlnq1pwn1Da3yTKm
t4HJnTgAMOgePp1KviLvJMJXKfurPSu3KUf4coq62PJoIzreuLKrnVOiPAZkxtb+
IDRdgVlE7KJXW44E1eqWSoYAQhWvNSTwLqaK5t4z3fo1kr3sC53QyNOuFTUIlzd6
qqC4YM9h3x1jlkeHguFWnEpuj178+YLRKDrk6uMNnSEv95Gkqn2u3UX/lklKIelO
PBF+I3o34AfD1WJjt18IQ2K80t4KgbVtAJQzdGXPVnmG1VxiHuRuvVCzVwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOLSiMijdi6RsrTjXxvVsM297DIfMB8GA1UdIwQY
MBaAFAoqFX8AUV+Vtt9dwNUusbXUP95cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYt
NWJhNDNiMTE4Zjc1LzEvNHRLSXlLTjJMcEd5dE9OZkc5V3d6YjNzTWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYtNWJhNDNiMTE4Zjc1
LzEvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCoMocAwQC
uXZIAwQCuXskAwQCuZpYAwQCubDIAwQAudMPMA0EAgACMAcDBQMqBpJAMA0GCSqG
SIb3DQEBCwUAA4IBAQA09SmfVF1fsoFcOUz1MDn2TQobDeMADlcB3CE3IbYGxtqI
3VqOglhrZkMwpZYSwYF+gGkXxbJlm5mD5M7iHTt4bO2uJXeI083nAUCyMmFqgswP
BNkkLySDWbqHTWJdf61c7t4V/Igq+8C1qqIIzmcorSb3/dKCizPpAPVTPxjN1BG0
y0Zl/EeumRaPvl+YlQdMaysT3dCKR7SQ54qVm18bPpqQKHn8rDMpw2two7lKcKhQ
MI39mpJJCs4UleMGIzukaBbUnUROPUcC2pek0oUbYoo06J7Avuk7rqqP7DS4qrUq
Q1borcEYYox3jamstVc2BwoNyxkSA70JmfE8mYVx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net