Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/msTJH3LpvSSJE6Ri3OotLMxDeGA.roa
File: msTJH3LpvSSJE6Ri3OotLMxDeGA.roa (raw, json)
Hash identifier: TnZ7qzgV/HeyXjb0/V/imlQGl0TreqcUD4M56v/jCq8=
Subject key identifier: 9A:C4:C9:1F:72:E9:BD:24:89:13:A4:62:DC:EA:2D:2C:CC:43:78:60
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266BA3155C22B53CA7A687C2952EB7C6
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/msTJH3LpvSSJE6Ri3OotLMxDeGA.roa
Signing time: Thu 02 Jan 2025 09:49:35 +0000
ROA not before: Thu 02 Jan 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210423
IP address blocks: 84.232.35.0/24 maxlen: 24
84.232.88.0/23 maxlen: 24
84.236.226.0/23 maxlen: 24
84.236.234.0/23 maxlen: 23
94.24.46.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
95.178.112.0/23 maxlen: 23
95.178.114.0/23 maxlen: 23
217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
217.61.82.0/24 maxlen: 24
217.61.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a3:15:5c:22:b5:3c:a7:a6:87:c2:95:2e:b7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ac4c91f72e9bd248913a462dcea2d2ccc437860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:e9:a0:c3:24:c5:83:e3:dd:48:43:e1:a1:
bf:11:61:7b:56:19:74:37:60:94:42:00:47:8f:72:
e8:1b:43:b6:9d:e5:af:d6:0d:1f:84:45:54:80:8d:
f9:a4:32:a2:b1:47:0c:53:d8:f4:2c:3f:cc:e6:dd:
1b:2d:12:76:22:c8:40:e0:39:5e:f4:6a:a9:cf:d0:
56:c0:d3:b9:12:e0:87:9d:27:78:dc:6e:6b:e1:0b:
72:62:69:32:1e:59:78:6d:67:1d:94:1c:9e:d3:19:
c5:da:0a:53:84:0d:0d:17:b3:8e:26:cd:64:15:cd:
99:07:84:2a:35:4e:35:9b:8a:ff:e9:1a:de:43:cf:
e3:42:e3:6e:a1:b3:22:03:55:92:3e:7b:b3:ba:90:
80:66:38:77:43:7a:4a:09:e9:b7:cb:fb:46:df:39:
65:a7:e8:42:7c:38:c0:d2:2b:48:cb:89:ba:8d:fa:
69:44:b1:f0:08:43:16:03:93:fa:d9:c8:09:02:bd:
e1:5f:c7:2a:1e:40:dd:f4:5d:e5:d2:bd:6b:e7:ca:
94:d2:5e:75:2b:ad:11:4a:58:de:98:07:80:6a:df:
a4:63:0c:14:28:f1:ff:a5:00:e9:d2:2b:d5:84:87:
36:a5:13:08:3c:ca:ab:b3:4d:a2:b2:a5:47:de:04:
a8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C4:C9:1F:72:E9:BD:24:89:13:A4:62:DC:EA:2D:2C:CC:43:78:60
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/msTJH3LpvSSJE6Ri3OotLMxDeGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.232.88.0/23
84.236.226.0/23
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:0a:e5:51:f1:a0:f5:99:e7:c5:cb:4e:1a:2d:0c:dc:3a:a5:
21:3b:ac:c4:45:18:d9:d3:9c:1a:41:e0:30:a8:e6:e9:52:81:
52:e2:e6:c8:b3:ce:23:5f:0f:6c:d2:a3:0c:d4:23:74:a0:66:
b0:0b:f4:45:a0:94:77:f2:3d:3a:31:4c:6d:72:49:0b:e7:0b:
6c:cd:a5:3b:62:88:95:0c:23:7e:c1:68:ca:16:58:37:85:a7:
2a:9f:69:6d:a6:6f:7d:17:32:d2:6e:e8:6f:11:7a:8b:c2:2a:
9a:84:c3:ad:97:84:e5:3c:b3:34:7c:1b:20:7b:13:fd:7e:1f:
c1:a1:57:3b:2d:28:63:11:33:b9:1d:92:51:4e:1b:d2:21:65:
38:2c:db:6c:3b:5a:02:e6:f8:90:68:99:3a:57:20:35:25:6c:
cb:d2:ab:7b:4d:e4:e5:4d:91:52:2b:22:3e:ec:ab:ef:b0:68:
1c:c9:2d:99:f9:16:f8:77:a9:98:a1:b9:6b:7c:ba:39:c4:7e:
69:4c:e3:39:1a:cc:72:66:51:ba:41:90:21:13:37:43:b2:d8:
d4:2a:c7:4b:8e:63:e6:0e:5e:37:70:af:c4:a7:63:ae:c6:52:
08:7d:b2:fa:eb:bd:0d:8f:30:68:c5:95:a2:56:42:a2:23:73:
02:56:2c:cc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQma6MVXCK1PKemh8KVLrfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM0YzkxZjcyZTliZDI0ODkxM2E0NjJkY2VhMmQyY2NjNDM3ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5TpoMMkxYPj3UhD4aG/EWF7Vhl0
N2CUQgBHj3LoG0O2neWv1g0fhEVUgI35pDKisUcMU9j0LD/M5t0bLRJ2IshA4Dle
9Gqpz9BWwNO5EuCHnSd43G5r4QtyYmkyHll4bWcdlBye0xnF2gpThA0NF7OOJs1k
Fc2ZB4QqNU41m4r/6RreQ8/jQuNuobMiA1WSPnuzupCAZjh3Q3pKCem3y/tG3zll
p+hCfDjA0itIy4m6jfppRLHwCEMWA5P62cgJAr3hX8cqHkDd9F3l0r1r58qU0l51
K60RSljemAeAat+kYwwUKPH/pQDp0ivVhIc2pRMIPMqrs02isqVH3gSoJwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJrEyR9y6b0kiROkYtzqLSzMQ3hgMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvbXNUSkgzTHB2U1NKRTZSaTNPb3RMTXhEZUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVOgjAwQB
VOhYAwQBVOziAwQBVOzqAwQBXhguAwQCX7JwAwQC2T1QMA0GCSqGSIb3DQEBCwUA
A4IBAQDFCuVR8aD1mefFy04aLQzcOqUhO6zERRjZ05waQeAwqObpUoFS4ubIs84j
Xw9s0qMM1CN0oGawC/RFoJR38j06MUxtckkL5wtszaU7YoiVDCN+wWjKFlg3hacq
n2ltpm99FzLSbuhvEXqLwiqahMOtl4TlPLM0fBsgexP9fh/BoVc7LShjETO5HZJR
ThvSIWU4LNtsO1oC5viQaJk6VyA1JWzL0qt7TeTlTZFSKyI+7KvvsGgcyS2Z+Rb4
d6mYoblrfLo5xH5pTOM5GsxyZlG6QZAhEzdDstjUKsdLjmPmDl43cK/Ep2OuxlII
fbL6670NjzBoxZWiVkKiI3MCVizM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net