Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/diKd_27Ub9nGcA2NN8siPAPRpOA.roa
File: diKd_27Ub9nGcA2NN8siPAPRpOA.roa (raw, json)
Hash identifier: jjLD3EmSuXqZi25cVaX3GMVeuNNwqkHtb0UAWrCBfZI=
Subject key identifier: 76:22:9D:FF:6E:D4:6F:D9:C6:70:0D:8D:37:CB:22:3C:03:D1:A4:E0
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 0195F0AE2A1D694C842BA68F1ECA638DE63C
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/diKd_27Ub9nGcA2NN8siPAPRpOA.roa
Signing time: Tue 01 Apr 2025 09:28:20 +0000
ROA not before: Tue 01 Apr 2025 09:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.202.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.200.238.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
194.110.207.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:ae:2a:1d:69:4c:84:2b:a6:8f:1e:ca:63:8d:e6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Apr 1 09:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76229dff6ed46fd9c6700d8d37cb223c03d1a4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:b8:bb:b5:c1:1a:31:0d:c8:7a:a4:9c:a1:
4b:40:a0:1a:08:03:28:73:ae:14:ee:70:02:68:46:
99:11:ba:6e:3e:50:d3:b5:86:a4:ba:67:59:67:a1:
7a:fb:57:15:f5:02:92:e6:33:d7:50:1b:b7:3d:64:
75:77:5f:e4:32:42:0e:37:94:3b:bb:d3:4a:2a:d9:
14:42:f8:4a:38:7e:49:ae:0e:78:e6:bc:15:67:3e:
49:82:87:5e:bc:2e:6b:16:36:97:75:ae:85:31:1d:
bc:2f:ad:4b:d2:39:ee:57:45:f8:e9:93:5a:b2:ed:
db:fe:02:0a:3c:0f:f5:81:6f:84:e5:75:6a:99:be:
97:46:d3:1f:67:e2:34:c1:8d:a7:52:b9:8c:4e:d0:
1b:15:2e:f6:7d:01:21:51:9a:23:3c:dc:e1:ad:0c:
ba:0c:f5:b6:81:36:1b:97:4a:89:22:05:71:da:1a:
32:0e:6d:63:8a:3b:74:7c:3b:c5:e5:a2:17:c0:9f:
a5:94:06:65:ad:73:3a:ac:72:c8:d2:d5:66:32:8e:
6d:57:b3:a0:7e:04:1b:37:e2:90:ec:ab:e2:19:3c:
da:af:80:e5:45:8b:e9:5d:18:a0:bd:fb:54:94:f0:
f1:95:fd:cf:a2:bf:b4:d8:13:62:ea:16:ed:70:c8:
96:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:22:9D:FF:6E:D4:6F:D9:C6:70:0D:8D:37:CB:22:3C:03:D1:A4:E0
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/diKd_27Ub9nGcA2NN8siPAPRpOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0-45.88.202.255
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.200.238.0/24
193.243.189.0/24
194.32.107.0/24
194.110.207.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
35:d4:5e:31:63:96:6a:f6:92:c3:85:27:f8:9a:6a:05:4d:f7:
00:99:cc:2e:39:4d:c9:bb:a2:05:9b:38:6b:0c:a3:ca:71:85:
64:00:b6:80:81:b2:fd:01:c0:d8:a7:71:ba:d7:ef:51:16:06:
9d:1f:4e:b9:c3:28:9e:c6:64:78:c7:6f:b6:d6:f6:b3:2f:28:
d1:8f:e8:ed:9a:b8:b0:75:8e:c2:28:7d:79:4c:99:11:8d:a8:
61:85:00:5c:d0:51:85:42:f6:40:d5:38:07:d1:90:04:26:ec:
b8:8d:5b:77:d7:5a:44:59:7c:b0:ac:c6:71:b7:49:14:58:7a:
9b:b9:80:49:b3:9d:46:94:74:a4:80:b5:55:1a:d8:d2:4d:2a:
6e:d5:07:cc:98:9a:c7:6d:5a:7d:1f:c6:55:ac:7b:3e:56:57:
3e:a2:6f:f1:9a:0d:13:c2:69:03:68:19:34:6a:29:5b:f5:db:
bb:2b:73:ff:28:37:ca:aa:b6:0b:6a:d2:f9:1b:80:91:4e:3b:
5a:f3:96:57:b5:94:38:06:43:a6:f2:61:eb:54:38:71:86:cb:
ab:3c:af:b7:61:bc:e3:5d:bd:fc:b9:d0:3d:5e:a1:f2:7e:ae:
c6:fd:62:28:40:76:42:ab:13:1c:0b:88:c5:59:dc:f5:46:f4:
b6:d1:bc:e2
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZXwriodaUyEK6aPHspjjeY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjUwNDAxMDkyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIyOWRmZjZlZDQ2ZmQ5YzY3MDBkOGQzN2NiMjIzYzAzZDFhNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFa4u7XBGjENyHqknKFLQKAaCAMo
c64U7nACaEaZEbpuPlDTtYakumdZZ6F6+1cV9QKS5jPXUBu3PWR1d1/kMkION5Q7
u9NKKtkUQvhKOH5Jrg545rwVZz5JgodevC5rFjaXda6FMR28L61L0jnuV0X46ZNa
su3b/gIKPA/1gW+E5XVqmb6XRtMfZ+I0wY2nUrmMTtAbFS72fQEhUZojPNzhrQy6
DPW2gTYbl0qJIgVx2hoyDm1jijt0fDvF5aIXwJ+llAZlrXM6rHLI0tVmMo5tV7Og
fgQbN+KQ7KviGTzar4DlRYvpXRigvftUlPDxlf3Por+02BNi6hbtcMiWWwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFHYinf9u1G/ZxnANjTfLIjwD0aTgMB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvZGlLZF8yN1ViOW5HY0EyTk44c2lQQVBScE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSMAwDBAMtWMgD
BAAtWMoDBAC5DmEDBAK5fagDBAK5tTwwDAMEA7nz2AMEALnz2gMEAMHI7gMEAMHz
vQMEAMIgawMEAMJuzwMEAMMQSQMEAMaMjTANBAIAAjAHAwUCKgOU4DANBgkqhkiG
9w0BAQsFAAOCAQEANdReMWOWavaSw4Un+JpqBU33AJnMLjlNybuiBZs4awyjynGF
ZAC2gIGy/QHA2KdxutfvURYGnR9OucMonsZkeMdvttb2sy8o0Y/o7Zq4sHWOwih9
eUyZEY2oYYUAXNBRhUL2QNU4B9GQBCbsuI1bd9daRFl8sKzGcbdJFFh6m7mASbOd
RpR0pIC1VRrY0k0qbtUHzJiax21afR/GVax7PlZXPqJv8ZoNE8JpA2gZNGopW/Xb
uytz/yg3yqq2C2rS+RuAkU47WvOWV7WUOAZDpvJh61Q4cYbLqzyvt2G84129/LnQ
PV6h8n6uxv1iKEB2QqsTHAuIxVnc9Ub0ttG84g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net