Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/BzSGdKXS_5WRE8i4u-1soKeFtzM.roa
File: BzSGdKXS_5WRE8i4u-1soKeFtzM.roa (raw, json)
Hash identifier: vrT1E18BTpX1mS9gu66zvt/nerXMjovuRA/4FT5P190=
Subject key identifier: 07:34:86:74:A5:D2:FF:95:91:13:C8:B8:BB:ED:6C:A0:A7:85:B7:33
Certificate issuer: /CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
Certificate serial: 0194228E0ADA4482F86500119E0108CD9EB6
Authority key identifier: A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/BzSGdKXS_5WRE8i4u-1soKeFtzM.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201000
IP address blocks: 45.156.120.0/22 maxlen: 24
79.143.192.0/20 maxlen: 24
91.245.244.0/22 maxlen: 24
185.89.72.0/22 maxlen: 24
185.211.252.0/22 maxlen: 24
185.237.148.0/22 maxlen: 24
2a03:8260::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0a:da:44:82:f8:65:00:11:9e:01:08:cd:9e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07348674a5d2ff959113c8b8bbed6ca0a785b733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:b0:40:0f:21:5b:bc:ee:d1:91:36:ee:71:
af:e5:66:6d:a5:12:10:a3:50:ef:75:bf:85:a2:5c:
99:85:ca:e8:46:f1:5c:e8:1a:97:47:d9:20:24:c7:
ba:63:9d:e3:83:68:45:27:e4:1c:e3:97:08:53:d8:
fb:e9:99:e3:1b:63:09:f3:74:91:9f:74:d7:09:c7:
99:64:d3:4c:c4:e7:28:26:ef:c3:42:a9:4a:16:3b:
36:61:8e:34:29:14:af:c7:93:b7:73:0d:77:3d:4a:
f3:f3:7e:88:38:40:67:a5:7f:17:62:a3:10:5a:43:
fe:5e:7f:fd:e0:38:61:6b:fe:95:89:e7:aa:a9:de:
14:28:ab:c9:8b:69:1f:5c:1e:2f:36:35:b9:77:12:
cb:9a:f5:d6:29:47:3b:23:30:ad:3e:cd:c5:27:99:
08:6a:e2:fb:22:11:50:29:2d:36:c6:50:07:d9:56:
6f:45:5e:f7:9f:26:e4:81:b6:0c:21:20:59:10:07:
7a:99:c6:75:65:93:ad:4c:97:61:f2:76:cc:b5:b2:
bf:69:ef:4d:0b:aa:b5:cb:3d:73:fa:63:e9:b3:18:
6c:7b:b7:d2:c8:7b:87:be:49:88:e3:d5:ad:84:13:
45:d5:be:1d:31:b9:c4:6a:27:94:dd:fb:2f:ae:46:
5d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:34:86:74:A5:D2:FF:95:91:13:C8:B8:BB:ED:6C:A0:A7:85:B7:33
X509v3 Authority Key Identifier:
keyid:A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/BzSGdKXS_5WRE8i4u-1soKeFtzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.120.0/22
79.143.192.0/20
91.245.244.0/22
185.89.72.0/22
185.211.252.0/22
185.237.148.0/22
IPv6:
2a03:8260::/32
Signature Algorithm: sha256WithRSAEncryption
1d:67:20:50:7b:a2:d2:1d:20:05:ee:6c:9f:47:10:0a:d3:20:
e5:cc:4a:13:61:91:fa:86:9e:44:f8:be:94:00:28:de:72:e9:
e9:c3:fa:a6:c4:b4:8f:1f:a1:96:0a:c0:d2:78:70:be:80:66:
8c:8f:ff:af:d3:d3:76:d7:a4:65:f4:fe:0d:21:24:ea:f0:fa:
ed:40:9f:37:bb:57:11:ae:4b:a0:4e:98:2f:85:f8:ca:2b:c8:
32:3a:cb:69:ac:de:64:47:d2:8a:ad:a3:29:10:88:44:0c:f8:
7f:c9:58:87:dc:a0:e7:aa:3f:d4:9c:50:60:cb:d7:dc:6b:07:
02:fd:8d:ab:8e:d7:df:7f:25:1d:bb:35:a5:76:4e:79:93:ad:
9f:3e:00:56:e4:9d:17:14:d4:98:61:01:a2:6a:49:67:7d:2e:
2b:bb:6c:3a:ed:3b:08:b7:70:b9:1d:9f:7d:b0:25:c9:ff:7c:
57:5c:b3:a5:37:fc:85:e5:f6:9b:6a:9f:2a:fc:a4:70:14:03:
da:52:6b:74:54:cc:8b:12:e7:0e:54:df:38:c4:91:8f:a2:6c:
8d:29:ce:5f:3a:68:0b:de:4b:4d:85:af:0e:63:8c:a6:c4:c0:
16:bb:d7:2a:b8:89:a8:c5:6a:64:7e:ec:40:b1:2f:9c:c9:6e:
49:96:b6:35
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQijgraRIL4ZQARngEIzZ62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjRhMjZmNzYzNTUxNDBhYTY5NmUwYTRmMWYwYzMxMmI3
Mjc3YzAwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM0ODY3NGE1ZDJmZjk1OTExM2M4YjhiYmVkNmNhMGE3ODViNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5awQA8hW7zu0ZE27nGv5WZtpRIQ
o1Dvdb+FolyZhcroRvFc6BqXR9kgJMe6Y53jg2hFJ+Qc45cIU9j76ZnjG2MJ83SR
n3TXCceZZNNMxOcoJu/DQqlKFjs2YY40KRSvx5O3cw13PUrz836IOEBnpX8XYqMQ
WkP+Xn/94Dhha/6Vieeqqd4UKKvJi2kfXB4vNjW5dxLLmvXWKUc7IzCtPs3FJ5kI
auL7IhFQKS02xlAH2VZvRV73nybkgbYMISBZEAd6mcZ1ZZOtTJdh8nbMtbK/ae9N
C6q1yz1z+mPpsxhse7fSyHuHvkmI49WthBNF1b4dMbnEaieU3fsvrkZd6wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAc0hnSl0v+VkRPIuLvtbKCnhbczMB8GA1UdIwQY
MBaAFKdkom92NVFAqmluCk8fDDErcnfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYt
ZmZhNDk1MGExY2NiLzEvQnpTR2RLWFNfNVdSRThpNHUtMXNvS2VGdHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYtZmZhNDk1MGExY2Ni
LzEvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZx4AwQE
T4/AAwQCW/X0AwQCuVlIAwQCudP8AwQCue2UMA0EAgACMAcDBQAqA4JgMA0GCSqG
SIb3DQEBCwUAA4IBAQAdZyBQe6LSHSAF7myfRxAK0yDlzEoTYZH6hp5E+L6UACje
cunpw/qmxLSPH6GWCsDSeHC+gGaMj/+v09N216Rl9P4NISTq8PrtQJ83u1cRrkug
TpgvhfjKK8gyOstprN5kR9KKraMpEIhEDPh/yViH3KDnqj/UnFBgy9fcawcC/Y2r
jtfffyUduzWldk55k62fPgBW5J0XFNSYYQGiaklnfS4ru2w67TsIt3C5HZ99sCXJ
/3xXXLOlN/yF5fabap8q/KRwFAPaUmt0VMyLEucOVN84xJGPomyNKc5fOmgL3ktN
ha8OY4ymxMAWu9cquImoxWpkfuxAsS+cyW5JlrY1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net