Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/TZ8F3d3rBpKHR-R3hXvibc-affE.roa
File: TZ8F3d3rBpKHR-R3hXvibc-affE.roa (raw, json)
Hash identifier: P6bovpmV8OJZ3kMwUqsF9enDTGE3fNmKJ0/O8Ggq2YQ=
Subject key identifier: 4D:9F:05:DD:DD:EB:06:92:87:47:E4:77:85:7B:E2:6D:CF:9A:7D:F1
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9603FDA39B4313CBCF46BC4D307B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/TZ8F3d3rBpKHR-R3hXvibc-affE.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199853
IP address blocks: 37.72.8.0/24 maxlen: 24
84.232.106.0/23 maxlen: 23
88.148.58.0/23 maxlen: 23
94.76.176.0/24 maxlen: 24
178.156.32.0/24 maxlen: 24
185.27.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:96:03:fd:a3:9b:43:13:cb:cf:46:bc:4d:30:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d9f05ddddeb06928747e477857be26dcf9a7df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:81:2d:16:c3:40:ee:04:66:0a:7f:25:f1:6b:
b0:b5:2d:88:77:63:cb:05:ee:bb:c7:51:89:2a:a7:
1e:7b:7f:aa:f0:c5:7b:01:d9:25:23:e9:c1:74:de:
62:12:62:27:54:df:ca:4c:21:13:3c:7f:a9:8e:1f:
e9:84:85:1b:12:d8:32:16:05:e6:5f:54:f7:79:60:
91:49:a8:e6:c4:e0:00:e8:62:a7:98:89:c3:03:81:
80:6a:a8:e4:c2:80:e8:e3:05:e4:bd:85:7c:0d:52:
bc:24:c9:0a:0a:cb:0d:c9:e0:05:ef:3c:67:f1:fc:
ed:45:a8:5e:8f:96:6e:7b:3b:c4:1f:2d:2f:21:20:
16:f5:56:a6:74:ed:8a:8f:51:a5:91:74:a7:64:d4:
31:09:f7:d2:af:ed:36:c2:40:cf:a2:6d:39:cd:57:
a9:f2:3b:e8:4d:b6:93:6a:2f:af:7f:9e:50:2a:ec:
92:a1:38:ac:28:37:ec:d6:b4:b7:52:01:26:c4:e2:
ea:93:2b:3e:93:cf:96:93:fe:34:32:13:0e:0c:a0:
87:6d:88:cb:64:06:bc:0a:7a:ad:3a:f2:45:d6:ba:
0a:84:e9:01:15:9d:84:56:e4:6d:94:80:d1:29:78:
53:e3:4a:b2:f8:3a:5c:1c:74:bc:ec:30:5d:7d:aa:
a7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9F:05:DD:DD:EB:06:92:87:47:E4:77:85:7B:E2:6D:CF:9A:7D:F1
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/TZ8F3d3rBpKHR-R3hXvibc-affE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.8.0/24
84.232.106.0/23
88.148.58.0/23
94.76.176.0/24
178.156.32.0/24
185.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b6:50:7e:36:1d:62:d8:82:61:f1:d7:29:7a:f8:3c:f4:42:
8a:29:66:23:3f:de:51:5c:da:d7:f0:2c:85:6b:b9:f4:4b:11:
7a:6e:01:d1:be:b4:51:30:a3:26:37:4d:78:78:09:e4:72:43:
9c:b7:7e:f6:2d:d7:1f:2d:8c:14:47:c9:60:96:c6:bc:6b:d1:
43:68:f7:22:6d:f4:95:a0:39:66:da:ed:46:55:69:22:33:65:
48:62:fa:67:8e:81:bc:11:7c:df:76:83:0b:e3:a8:23:18:58:
af:fa:af:6d:42:8b:7c:13:3b:41:96:a0:b1:6a:25:d1:2e:8e:
b6:a9:31:17:c8:1d:d0:63:a8:e5:f6:55:c2:dc:30:fb:23:22:
2c:84:b1:5f:4d:6e:80:74:27:a6:60:ce:a8:eb:b5:7c:75:25:
5b:ff:cb:72:9c:71:5b:b9:cd:8e:e5:1f:ab:55:a3:de:83:50:
36:3b:0b:29:0b:d7:ec:ea:1a:a3:dc:1c:ff:13:c9:21:13:6c:
03:82:f8:07:0f:9b:be:25:9f:3d:31:37:90:9f:9e:f0:33:72:
92:fd:9e:a3:cb:38:7a:14:56:63:82:65:27:e0:df:31:ad:d8:
d1:44:e3:a0:73:c2:90:3f:01:e4:eb:40:99:c9:7d:dd:b1:a9:
11:33:2d:60
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQma5YD/aObQxPLz0a8TTB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDlmMDVkZGRkZWIwNjkyODc0N2U0Nzc4NTdiZTI2ZGNmOWE3ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IEtFsNA7gRmCn8l8WuwtS2Id2PL
Be67x1GJKqcee3+q8MV7AdklI+nBdN5iEmInVN/KTCETPH+pjh/phIUbEtgyFgXm
X1T3eWCRSajmxOAA6GKnmInDA4GAaqjkwoDo4wXkvYV8DVK8JMkKCssNyeAF7zxn
8fztRahej5ZuezvEHy0vISAW9VamdO2Kj1GlkXSnZNQxCffSr+02wkDPom05zVep
8jvoTbaTai+vf55QKuySoTisKDfs1rS3UgEmxOLqkys+k8+Wk/40MhMODKCHbYjL
ZAa8CnqtOvJF1roKhOkBFZ2EVuRtlIDRKXhT40qy+DpcHHS87DBdfaqnRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE2fBd3d6waSh0fkd4V74m3Pmn3xMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvVFo4RjNkM3JCcEtIUi1SM2hYdmliYy1hZmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJUgIAwQB
VOhqAwQBWJQ6AwQAXkywAwQAspwgAwQAuRt+MA0GCSqGSIb3DQEBCwUAA4IBAQBE
tlB+Nh1i2IJh8dcpevg89EKKKWYjP95RXNrX8CyFa7n0SxF6bgHRvrRRMKMmN014
eAnkckOct372LdcfLYwUR8lglsa8a9FDaPcibfSVoDlm2u1GVWkiM2VIYvpnjoG8
EXzfdoML46gjGFiv+q9tQot8EztBlqCxaiXRLo62qTEXyB3QY6jl9lXC3DD7IyIs
hLFfTW6AdCemYM6o67V8dSVb/8tynHFbuc2O5R+rVaPeg1A2OwspC9fs6hqj3Bz/
E8khE2wDgvgHD5u+JZ89MTeQn57wM3KS/Z6jyzh6FFZjgmUn4N8xrdjRROOgc8KQ
PwHk60CZyX3dsakRMy1g
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net