Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/t0rBAKgYsiYrjVsbAkJNYYT70fU.roa
File: t0rBAKgYsiYrjVsbAkJNYYT70fU.roa (raw, json)
Hash identifier: 6uujdjjncCVXzPlW8+sHpbZpcMrWi+RVeuO4nmVWv+Q=
Subject key identifier: B7:4A:C1:00:A8:18:B2:26:2B:8D:5B:1B:02:42:4D:61:84:FB:D1:F5
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9B6387D951ED68A8BFAD029A19C9
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/t0rBAKgYsiYrjVsbAkJNYYT70fU.roa
Signing time: Thu 02 Jan 2025 09:49:33 +0000
ROA not before: Thu 02 Jan 2025 09:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203600
IP address blocks: 5.154.114.0/24 maxlen: 24
37.230.86.0/24 maxlen: 24
84.236.191.0/24 maxlen: 24
84.236.200.0/22 maxlen: 22
84.236.200.0/23 maxlen: 23
84.236.202.0/24 maxlen: 24
84.236.203.0/24 maxlen: 24
178.156.24.0/24 maxlen: 24
178.156.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9b:63:87:d9:51:ed:68:a8:bf:ad:02:9a:19:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b74ac100a818b2262b8d5b1b02424d6184fbd1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:aa:f9:cb:1c:87:55:31:77:43:63:b6:65:95:
f4:3c:03:58:21:a9:4f:84:ab:2b:98:8d:84:34:17:
a6:10:46:d3:fb:69:90:e1:12:e6:65:b5:45:7d:63:
75:ec:d6:21:21:09:a8:b1:f5:2a:e3:b0:7d:47:a2:
3d:15:86:b1:2c:41:1b:c3:7a:90:f1:41:4c:5e:bf:
bd:d7:97:8b:d1:05:2d:6b:a9:9d:bd:50:2a:2b:d6:
ac:6d:0d:ac:c0:6f:99:7e:ea:f4:ab:43:e2:a7:24:
5c:99:0b:53:9b:6d:31:00:91:dc:e6:ee:06:b0:87:
fe:9b:df:c3:eb:b7:75:94:7a:3a:77:05:03:fc:84:
40:37:2f:4c:ad:00:0d:72:33:04:90:4c:e0:a9:b7:
76:13:6c:ac:24:8e:fe:69:fe:3d:8c:36:60:8b:5e:
48:5d:9c:c8:78:9d:ce:4a:a6:44:ea:af:89:96:8e:
2b:1c:fe:48:dc:2a:02:bb:08:94:49:a0:33:53:46:
e0:e5:93:00:3a:64:71:1e:b1:6b:bd:75:78:85:97:
ad:a0:51:e2:4e:2e:8b:85:44:df:8e:e9:94:48:72:
36:a7:ab:1b:4a:52:1b:7d:4e:c2:95:3c:a7:e8:ec:
ce:2f:aa:5e:07:17:ea:c9:d0:d3:07:64:7d:a1:7a:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4A:C1:00:A8:18:B2:26:2B:8D:5B:1B:02:42:4D:61:84:FB:D1:F5
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/t0rBAKgYsiYrjVsbAkJNYYT70fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.114.0/24
37.230.86.0/24
84.236.191.0/24
84.236.200.0/22
178.156.24.0/24
178.156.106.0/24
Signature Algorithm: sha256WithRSAEncryption
49:7b:a5:f0:cd:c6:f6:88:4c:78:69:d7:ba:7c:23:4c:2c:89:
ca:7a:62:b7:80:fc:d3:f5:21:eb:06:df:6c:ea:25:8f:f8:66:
3c:c0:7c:56:c8:3f:7d:78:c0:23:ce:e2:fd:04:76:83:b9:f2:
be:d0:f7:1a:3a:c1:ed:07:9a:8d:95:ad:c2:e6:fb:e3:d5:2f:
1d:b0:b7:03:ae:93:c2:ca:7b:71:a9:71:25:2c:78:f6:e9:59:
5e:97:67:df:58:2a:2c:c8:6e:d3:31:3d:d7:b2:29:d5:25:60:
11:b2:35:69:15:e1:7a:d9:df:79:74:ea:57:2c:9a:f6:a6:42:
cd:07:e7:2d:97:fb:af:90:35:4c:2c:90:27:5b:7b:f1:31:1d:
36:c1:a4:fc:82:b2:53:54:0c:da:80:9f:be:db:dc:49:f4:61:
ee:8d:59:62:0e:a5:d6:ee:53:61:f6:10:e6:89:91:15:08:fc:
78:b1:78:5f:ee:97:40:df:3a:a2:7a:6c:f1:35:f5:7c:e9:cd:
c9:7e:51:95:70:86:f8:fa:a1:19:cb:4e:5b:47:b6:0c:00:5e:
f3:c3:43:71:f7:c1:42:e0:33:36:e0:ee:94:6a:ba:13:22:01:
24:ba:ff:82:31:cc:37:8d:a3:66:70:13:69:0b:0c:04:a7:2d:
f0:3a:ef:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQma5tjh9lR7Wiov60CmhnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRhYzEwMGE4MThiMjI2MmI4ZDViMWIwMjQyNGQ2MTg0ZmJkMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qr5yxyHVTF3Q2O2ZZX0PANYIalP
hKsrmI2ENBemEEbT+2mQ4RLmZbVFfWN17NYhIQmosfUq47B9R6I9FYaxLEEbw3qQ
8UFMXr+915eL0QUta6mdvVAqK9asbQ2swG+Zfur0q0PipyRcmQtTm20xAJHc5u4G
sIf+m9/D67d1lHo6dwUD/IRANy9MrQANcjMEkEzgqbd2E2ysJI7+af49jDZgi15I
XZzIeJ3OSqZE6q+Jlo4rHP5I3CoCuwiUSaAzU0bg5ZMAOmRxHrFrvXV4hZetoFHi
Ti6LhUTfjumUSHI2p6sbSlIbfU7ClTyn6OzOL6peBxfqydDTB2R9oXpJLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLdKwQCoGLImK41bGwJCTWGE+9H1MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvdDByQkFLZ1lzaVlyalZzYkFrSk5ZWVQ3MGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZpyAwQA
JeZWAwQAVOy/AwQCVOzIAwQAspwYAwQAspxqMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
e6Xwzcb2iEx4ade6fCNMLInKemK3gPzT9SHrBt9s6iWP+GY8wHxWyD99eMAjzuL9
BHaDufK+0PcaOsHtB5qNla3C5vvj1S8dsLcDrpPCyntxqXElLHj26Vlel2ffWCos
yG7TMT3XsinVJWARsjVpFeF62d95dOpXLJr2pkLNB+ctl/uvkDVMLJAnW3vxMR02
waT8grJTVAzagJ++29xJ9GHujVliDqXW7lNh9hDmiZEVCPx4sXhf7pdA3zqiemzx
NfV86c3JflGVcIb4+qEZy05bR7YMAF7zw0Nx98FC4DM24O6UaroTIgEkuv+CMcw3
jaNmcBNpCwwEpy3wOu+v
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net